Top 20 Most Exploited Vulnerabilities – Hackers are Particularly Drawn to Microsoft’s Products

Finding and patching the open vulnerabilities in today’s threat landscape is one of the utmost priorities for security researchers and analysts.

Identifying weaponized high-risk CVEs actively targeted by Threat Actors and ransomware in the vast CVE landscape is crucial.

Researchers at Qualys recently unveiled the top 20 most exploited vulnerabilities and affirmed that hackers are particularly drawn to the products of Microsoft.

Apart from this, among these top 20 most exploited vulnerabilities, some are part of the latest CISA Joint Cybersecurity Advisory (CSA), published on August 3, 2023.

Top 20 Most Exploited Vulnerabilities

Here below, we have mentioned all the top 20 most exploited vulnerabilities:-

1. CVE-2017-11882

  • Description: Microsoft Office Memory Corruption Vulnerability
  • Vulnerability Trending Over Years: 2018, 2020, 2021, 2022, 2023 (79 times)
  • Qualys Vulnerability Detection (QID): 110308

2. CVE-2017-0199

  • Description: Microsoft Wordpad Remote Code Execution Vulnerability
  • Vulnerability Trending Over Years: 2017, 2020, 2021, 2023 (59 times)
  • Qualys Vulnerability Detection (QID): 110297

3. CVE-2012-0158

  • Description: Vulnerability in Windows Common Controls Could Allow RCE
  • Vulnerability Trending Over Years: 2013, 2020, 2021, 2023 (33 times)
  • Qualys Vulnerability Detection (QID): 90793

4. CVE-2017-8570

  • Description: Microsoft Office Remote Code Execution Vulnerability
  • Vulnerability Trending Over Years: 2018, 2020, 2023 (25 times)
  • Qualys Vulnerability Detection (QID): 110300

5. CVE-2020-1472

  • Description: Zerologon – An Unauthenticated Privilege Escalation to Full Domain Privileges
  • Vulnerability Trending Over Years: 2020, 2021, 2022, 2023 (56 times)
  • Qualys Vulnerability Detection (QID): 91680

6. CVE-2017-0144, CVE-2017-0145, CVE-2017-0143

  • Description: Windows SMBv1 Remote Code Execution Vulnerability WannaCry, Petya
  • Vulnerability Trending Over Years: 2017, 2020, 2021, 2023 (50 times)
  • Qualys Vulnerability Detection (QID):  91361, 91360, 91359, 91345

7. CVE-2012-1723

  • Description: Java Applet Field Bytecode Verifier Cache Remote Code Execution
  • Vulnerability Trending Over Years: 2023 (6 times)
  • Qualys Vulnerability Detection (QID):  120274

8. CVE-2021-34473, CVE-2021-34523, CVE-2021-31207

  • Description: Microsoft Exchange Server RCE (ProxyShell)
  • Vulnerability Trending Over Years: 2021, 2022, 2023 (39 times)
  • Qualys Vulnerability Detection (QID):  50114, 50111, 50112

9. CVE-2019-11510

  • Description: Pulse Secure Pulse Connect Secure SSL VPN Unauthenticated Path
  • Vulnerability Trending Over Years: 2019, 2020, 2023 (53 times)
  • Qualys Vulnerability Detection (QID):  38771

10. CVE-2021-44228

  • Description: Apache Log4j Remote Code Execution Vulnerability
  • Vulnerability Trending Over Years: 2021, 2022, 2023 (77 times)
  • Qualys Vulnerability Detection (QID):  376157, 730297

11. CVE-2014-6271

  • Description: Shellshock – Linux Bash Vulnerability
  • Vulnerability Trending Over Years: 2014, 2016, 2017, 2020, 2021, 2022, 2023 (70 times)
  • Qualys Vulnerability Detection (QID):  122693, 13038, 150134

12. CVE-2018-8174

  • Description: Windows VBScript Engine Remote Code Execution Vulnerability
  • Vulnerability Trending Over Years: 2018, 2020, 2023 (30 times)
  • Qualys Vulnerability Detection (QID):  91447

13. CVE-2013-0074

  • Description: Microsoft Silverlight Could Allow Remote Code Execution
  • Vulnerability Trending Over Years: 2023 (8 times)
  • Qualys Vulnerability Detection (QID):  90870

14. CVE-2012-0507

  • Description: Oracle Java SE Remote Java Runtime Environment Vulnerability
  • Vulnerability Trending Over Years: 2023 (10 times)
  • Qualys Vulnerability Detection (QID):  119956

15. CVE-2019-19781

  • Description: Citrix ADC and Citrix Gateway – Remote Code Execution (RCE) Vulnerability
  • Vulnerability Trending Over Years: 2020, 2022, 2023 (60 times)
  • Qualys Vulnerability Detection (QID):  372305, 150273

16. CVE-2018-0802

  • Description: Microsoft Office Memory Corruption Vulnerability
  • Vulnerability Trending Over Years: 2021, 2022, 2023 (19 times)
  • Qualys Vulnerability Detection (QID):  110310

17. CVE-2021-26855

  • Description: Microsoft Exchange Server Authentication Bypass (RCE)
  • Vulnerability Trending Over Years: 2021, 2023 (46 times)
  • Qualys Vulnerability Detection (QID):  50107, 50108

18. CVE-2019-2725

  • Description: Oracle WebLogic Affected by Unauthenticated RCE Vulnerability
  • Vulnerability Trending Over Years: 2019, 2020, 2022, 2023 (53 times)
  • Qualys Vulnerability Detection (QID):  150267, 87386

19. CVE-2018-13379

  • Description: Fortinet FortiGate (FortiOS) System File Leak through Secure Sockets Layer (SSL)
  • Vulnerability Trending Over Years: 2020, 2021, 2023 (41 times) 
  • Qualys Vulnerability Detection (QID):  43702 

20. CVE-2021-26084

  • Description: Atlassian Confluence Server Webwork OGNL Injection RCE Vulnerability
  • Vulnerability Trending Over Years: 2021, 2022, 2023 (35 times)
  • Qualys Vulnerability Detection (QID):  730172, 150368, 375839

Recommendation

Security analysts at Qualys urged users to immediately identify the vulnerable assets to these top most exploited CVEs, then prioritize remediation and use Qualys Patch to cut risk fast.

Moreover, make sure to leverage the dynamic Threat Intelligence with Qualys VMDR to streamline high-risk vulnerability prioritization.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.