There are 30 vulnerabilities listed in total; organizations would do well to patch their systems if they haven’t done so yet.
When asked to share their most commonly exploited vulnerabilities, the joint cybersecurity advisory has revealed that some of the leading agencies in both law enforcement and cyber security were targeted with four common issues. These included a vulnerability related to DNS Resolution Protocol (DNS-based attacks), an SQL injection flaw within phpMyAdmin, flaws found on Apache Struts 2 portal sites including Drupal and Magento CMSs which may have been compromised through cross site scripting injections or malicious code execution exploitation.
The DHS Cybersecurity & Infrastructure Security Agency noted that one out of every five breaches they responded too was caused by these vulnerable web applications – often making for easy targets due to how much sensitive data is stored therein during any given transaction time period.
The FBI, NCSC and ACSC have discovered that the four most targeted vulnerabilities in 2020 were related to remote desktop protocol (RDP), Microsoft Windows Remote Assistance Service, Apache Struts 2 Web Application framework for JavaServer Pages & Servlets respectively.
“The rapid shift and increased use of remote work options, such as virtual private networks (VPNs) and cloud-based environments, likely placed additional burden on cyber defenders struggling to maintain and keep pace with routine software patching.” the advisory reads.
In 2020, the most exploited vulnerability was found in Citrix Delivery Controller. Tracked as CVE-2019-19781, this flaw is rated critical and because it could lead to arbitrary code execution if successful exploitation occurs an almost perfect score of 9.8 out of 10 on the common vulnerability scoring system (CVSS) scale was given by U.S government’s findings report for its severity rating while also attracting cybercriminals due to how easily exploitable it is along with worldwide use cases utilizing a vulnerable version which only results in more attacks against systems running that software package.
In 2021, cyber criminals were found to exploit vulnerabilities in perimeter-type devices such as Microsoft and VMware. This is according to CISA who went on further assess that public and private organizations worldwide remain vulnerable when their security are compromised by the exploitation of these CVEs (CVE: Common Vulnerabilities & Exposures).