Finding and patching the open vulnerabilities in today’s threat landscape is one of the utmost priorities for security researchers and analysts.
Identifying weaponized high-risk CVEs actively targeted by Threat Actors and ransomware in the vast CVE landscape is crucial.
Researchers at Qualys recently unveiled the top 20 most exploited vulnerabilities and affirmed that hackers are particularly drawn to the products of Microsoft.
Apart from this, among these top 20 most exploited vulnerabilities, some are part of the latest CISA Joint Cybersecurity Advisory (CSA), published on August 3, 2023.
Top 20 Most Exploited Vulnerabilities
Here below, we have mentioned all the top 20 most exploited vulnerabilities:-
1. CVE-2017-11882
- Description: Microsoft Office Memory Corruption Vulnerability
- Vulnerability Trending Over Years: 2018, 2020, 2021, 2022, 2023 (79 times)
- Qualys Vulnerability Detection (QID): 110308
2. CVE-2017-0199
- Description: Microsoft Wordpad Remote Code Execution Vulnerability
- Vulnerability Trending Over Years: 2017, 2020, 2021, 2023 (59 times)
- Qualys Vulnerability Detection (QID): 110297
3. CVE-2012-0158
- Description: Vulnerability in Windows Common Controls Could Allow RCE
- Vulnerability Trending Over Years: 2013, 2020, 2021, 2023 (33 times)
- Qualys Vulnerability Detection (QID): 90793
4. CVE-2017-8570
- Description: Microsoft Office Remote Code Execution Vulnerability
- Vulnerability Trending Over Years: 2018, 2020, 2023 (25 times)
- Qualys Vulnerability Detection (QID): 110300
5. CVE-2020-1472
- Description: Zerologon – An Unauthenticated Privilege Escalation to Full Domain Privileges
- Vulnerability Trending Over Years: 2020, 2021, 2022, 2023 (56 times)
- Qualys Vulnerability Detection (QID): 91680
6. CVE-2017-0144, CVE-2017-0145, CVE-2017-0143
- Description: Windows SMBv1 Remote Code Execution Vulnerability WannaCry, Petya
- Vulnerability Trending Over Years: 2017, 2020, 2021, 2023 (50 times)
- Qualys Vulnerability Detection (QID): 91361, 91360, 91359, 91345
7. CVE-2012-1723
- Description: Java Applet Field Bytecode Verifier Cache Remote Code Execution
- Vulnerability Trending Over Years: 2023 (6 times)
- Qualys Vulnerability Detection (QID): 120274
8. CVE-2021-34473, CVE-2021-34523, CVE-2021-31207
- Description: Microsoft Exchange Server RCE (ProxyShell)
- Vulnerability Trending Over Years: 2021, 2022, 2023 (39 times)
- Qualys Vulnerability Detection (QID): 50114, 50111, 50112
9. CVE-2019-11510
- Description: Pulse Secure Pulse Connect Secure SSL VPN Unauthenticated Path
- Vulnerability Trending Over Years: 2019, 2020, 2023 (53 times)
- Qualys Vulnerability Detection (QID): 38771
10. CVE-2021-44228
- Description: Apache Log4j Remote Code Execution Vulnerability
- Vulnerability Trending Over Years: 2021, 2022, 2023 (77 times)
- Qualys Vulnerability Detection (QID): 376157, 730297
11. CVE-2014-6271
- Description: Shellshock – Linux Bash Vulnerability
- Vulnerability Trending Over Years: 2014, 2016, 2017, 2020, 2021, 2022, 2023 (70 times)
- Qualys Vulnerability Detection (QID): 122693, 13038, 150134
12. CVE-2018-8174
- Description: Windows VBScript Engine Remote Code Execution Vulnerability
- Vulnerability Trending Over Years: 2018, 2020, 2023 (30 times)
- Qualys Vulnerability Detection (QID): 91447
13. CVE-2013-0074
- Description: Microsoft Silverlight Could Allow Remote Code Execution
- Vulnerability Trending Over Years: 2023 (8 times)
- Qualys Vulnerability Detection (QID): 90870
14. CVE-2012-0507
- Description: Oracle Java SE Remote Java Runtime Environment Vulnerability
- Vulnerability Trending Over Years: 2023 (10 times)
- Qualys Vulnerability Detection (QID): 119956
15. CVE-2019-19781
- Description: Citrix ADC and Citrix Gateway – Remote Code Execution (RCE) Vulnerability
- Vulnerability Trending Over Years: 2020, 2022, 2023 (60 times)
- Qualys Vulnerability Detection (QID): 372305, 150273
16. CVE-2018-0802
- Description: Microsoft Office Memory Corruption Vulnerability
- Vulnerability Trending Over Years: 2021, 2022, 2023 (19 times)
- Qualys Vulnerability Detection (QID): 110310
17. CVE-2021-26855
- Description: Microsoft Exchange Server Authentication Bypass (RCE)
- Vulnerability Trending Over Years: 2021, 2023 (46 times)
- Qualys Vulnerability Detection (QID): 50107, 50108
18. CVE-2019-2725
- Description: Oracle WebLogic Affected by Unauthenticated RCE Vulnerability
- Vulnerability Trending Over Years: 2019, 2020, 2022, 2023 (53 times)
- Qualys Vulnerability Detection (QID): 150267, 87386
19. CVE-2018-13379
- Description: Fortinet FortiGate (FortiOS) System File Leak through Secure Sockets Layer (SSL)
- Vulnerability Trending Over Years: 2020, 2021, 2023 (41 times)
- Qualys Vulnerability Detection (QID): 43702
20. CVE-2021-26084
- Description: Atlassian Confluence Server Webwork OGNL Injection RCE Vulnerability
- Vulnerability Trending Over Years: 2021, 2022, 2023 (35 times)
- Qualys Vulnerability Detection (QID): 730172, 150368, 375839
Recommendation
Security analysts at Qualys urged users to immediately identify the vulnerable assets to these top most exploited CVEs, then prioritize remediation and use Qualys Patch to cut risk fast.
Moreover, make sure to leverage the dynamic Threat Intelligence with Qualys VMDR to streamline high-risk vulnerability prioritization.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.