Yesterday the Cybersecurity & Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC) and the U.S. Federal Bureau of Investigation (FBI) released a joint statement citing the top exploited vulnerabilities seen in 2021 so far.

The findings

Nothing too surprising or groundbreaking in what is targeted the most frequently by cyber criminals. The top exploits are focused on remote work, virtual private networks (VPNs), and cloud-based technologies. This makes sense as the world has shifted to more remote work since early 2020 as the Covid-19 pandemic spread across the globe. The table below comes from the joint statement. The vulnerabilities shown are considered the top exploited CVEs (Common Vulnerabilities and Exposures) by cyber criminals in 2020.

Table 1:Top Routinely Exploited CVEs in 2020

Vendor CVE Type
Citrix CVE-2019-19781 arbitrary code execution
Pulse CVE 2019-11510 arbitrary file reading
Fortinet CVE 2018-13379 path traversal
F5- Big IP CVE 2020-5902 remote code execution (RCE)
MobileIron CVE 2020-15505 RCE
Microsoft CVE-2017-11882 RCE
Atlassian CVE-2019-11580 RCE
Drupal CVE-2018-7600 RCE
Telerik CVE 2019-18935 RCE
Microsoft CVE-2019-0604 RCE
Microsoft CVE-2020-0787 elevation of privilege
Netlogon CVE-2020-1472 elevation of privilege

Focus on these

The joint statement provides insight to the top exploits you need to patch and focus on as well. It suggests focusing on several CVEs found in Microsoft, Pulse Secure, Accellion, VMWare, and Fortinet. For a full list and steps for remediation, check out the statement.

Next Steps

It is strongly recommended to verify if any of these exploits may impact your devices and networks. If they do, consider patching them immediately. As we have written before, updates are key in protecting your small business from falling victim to a cyberattack.

For the latest news on cybersecurity or to test your cybersecurity knowledge, check out Small Business, Big Threat!