Security News > 2021 > August > Top 30 Critical Security Vulnerabilities Most Exploited by Hackers

Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to swiftly weaponize publicly disclosed flaws to their advantage.

"Cyber actors continue to exploit publicly known-and often dated-software vulnerabilities against broad target sets, including public and private sector organizations worldwide," the U.S. Cybersecurity and Infrastructure Security Agency, the Australian Cyber Security Centre, the United Kingdom's National Cyber Security Centre, and the U.S. Federal Bureau of Investigation noted.

The top 30 vulnerabilities span a wide range of software, including remote work, virtual private networks, and cloud-based technologies, that cover a broad spectrum of products from Microsoft, VMware, Pulse Secure, Fortinet, Accellion, Citrix, F5 Big IP, Atlassian, and Drupal.

The list of vulnerabilities that have come under active attack thus far in 2021 are listed below -.

The development also comes a week after MITRE published a list of top 25 "Most dangerous" software errors that could lead to serious vulnerabilities that could be exploited by an adversary to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition.

"The advisory puts the power in every organisation's hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices," NCSC Director for Operations, Paul Chichester, said, while urging the need to prioritize patching to minimize the risk of being exploited by malicious actors.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/4bqby1RlKSQ/top-30-critical-security.html