Five Eyes alliance lists 2021’s top vulnerabilities

Five Eyes alliance lists 2021’s top vulnerabilities
Ryan is a senior editor at TechForge Media with over a decade of experience covering the latest technology and interviewing leading industry figures. He can often be sighted at tech conferences with a strong coffee in one hand and a laptop in the other. If it's geeky, he’s probably into it. Find him on Twitter: @Gadget_Ry

A cybersecurity advisory issued by members of the ‘Five Eyes’ intelligence alliance lists the most-exploited vulnerabilities of 2021.

The Five Eyes consists of the US, UK, Canada, Australia, and New Zealand. Over recent weeks, cybersecurity authorities from the normally secretive alliance have issued a number of joint statements amid increasing global threats.

According to the alliance, here were the top 15 “routinely exploited” vulnerabilities in 2021:

CVEVulnerability NameVendor and ProductType
CVE-2021-44228Log4ShellApache Log4jRemote code execution (RCE)
CVE-2021-40539 Zoho ManageEngine AD SelfService PlusRCE
CVE-2021-34523ProxyShellMicrosoft Exchange ServerElevation of privilege
CVE-2021-34473ProxyShellMicrosoft Exchange ServerRCE
CVE-2021-31207ProxyShellMicrosoft Exchange ServerSecurity feature bypass
CVE-2021-27065ProxyLogonMicrosoft Exchange ServerRCE
CVE-2021-26858ProxyLogonMicrosoft Exchange ServerRCE
CVE-2021-26857ProxyLogonMicrosoft Exchange ServerRCE
CVE-2021-26855ProxyLogonMicrosoft Exchange ServerRCE
CVE-2021-26084  Atlassian Confluence Server and Data CenterArbitrary code execution
CVE-2021-21972 VMware vSphere ClientRCE
CVE-2020-1472ZeroLogonMicrosoft Netlogon Remote Protocol (MS-NRPC)Elevation of privilege
CVE-2020-0688 Microsoft Exchange ServerRCE
CVE-2019-11510 Pulse Secure Pulse Connect SecureArbitrary file reading
CVE-2018-13379 Fortinet FortiOS and FortiProxyPath traversal

The cybersecurity authorities also identified a further 21 vulnerabilities that were routinely exploited last year:

CVEVendor and ProductType
CVE-2021-42237Sitecore XPRCE
CVE-2021-35464ForgeRock OpenAM serverRCE
CVE-2021-27104Accellion FTAOS command execution
CVE-2021-27103Accellion FTAServer-side request forgery
CVE-2021-27102Accellion FTAOS command execution
CVE-2021-27101Accellion FTASQL injection
CVE-2021-21985VMware vCenter ServerRCE
CVE-2021-20038SonicWall Secure Mobile Access (SMA)RCE
CVE-2021-40444Microsoft MSHTMLRCE
CVE-2021-34527Microsoft Windows Print SpoolerRCE
CVE-2021-3156SudoPrivilege escalation
CVE-2021-27852Checkbox SurveyRemote arbitrary code execution
CVE-2021-22893Pulse Secure Pulse Connect SecureRemote arbitrary code execution
CVE-2021-20016SonicWall SSLVPN SMA100Improper SQL command neutralization, allowing for credential access
CVE-2021-1675Windows Print SpoolerRCE
CVE-2020-2509QNAP QTS and QuTS heroRemote arbitrary code execution
CVE-2019-19781Citrix Application Delivery Controller (ADC) and GatewayArbitrary code execution
CVE-2019-18935Progress Telerik UI for ASP.NET AJAXCode execution
CVE-2018-0171Cisco IOS Software and IOS XE SoftwareRemote arbitrary code execution 
CVE-2017-11882Microsoft OfficeRCE
CVE-2017-0199Microsoft OfficeRCE

On average, researchers or other actors released proof of concept (POC) code within two weeks of disclosure for the top vulnerabilities.

However, concerningly, the various cybersecurity authorities note identifying malicious cyber actors continuing to exploit vulnerabilities from 2020 or earlier—indicating that failures to patch software are putting users at risk.

(Photo by Florian Schmetz on Unsplash)

Related: Five Eyes warn of Russian cyberattacks on critical infrastructure

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , , , ,

View Comments
Leave a comment

Leave a Reply

Your email address will not be published.