Top 30 Most Exploited Cybersecurity Vulnerabilities (Revealed By The FBI)

In a joint advisory published by the FBI, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and its UK and Australian counterparts provided details on the top 30 vulnerabilities. These were the most used exploits and vulnerabilities used by malicious cyber attackers in 2020 and thus far in 2021.  

Microsoft accounted for nine out of 30 cybersecurity vulnerabilities, with all of them being related to either arbitrary/remote code execution or domain impression. According to U.S. Government technical analysis, Citrix’s vulnerability became the most exploited flaw in 2020.

“Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide. However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system.” 

Cybersecurity vulnerabilities to look out for in 2021

The report also mentioned that cyber attackers continued to target cybersecurity vulnerabilities in perimeter-type devices. Here are some organizations where users should prioritize fixing the following vulnerabilities:

• Microsoft Exchange: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE2021-27065
• Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
• Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104
• VMware: CVE-2021-21985

Top 30 Vulnerabilities

Product	Vendor	CVE	Type
Netscaler Directory Traversal	Citrix	CVE-2019-19781	Remote code execution
Pulse Secure Connect VPN	Pulse	CVE 2019-11510	Arbitrary file reading
FortioOS Secure Socket Layer VPN	Fortinet	CVE 2018-13379	Path traversal
Big IP Traffic Management User Interface	F5- Big IP	CVE 2020-5902	Remote code execution
MobileIron Core & Connector	MobileIron	CVE 2020-15505	Remote code execution
Microsoft Exchange Memory Corruption	Microsoft	CVE-2020-0688	Remote code execution
Atlassian Confluence Server and Data Center Widget Connector	Atlassian	CVE-2019-3396	Server-side template injection
Microsoft Office	Microsoft	CVE 2017-11882	Arbitrary code execution
Atlassian Crowd and Crowd Data Center	Atlassian	CVE 2019-11580	Remote code execution
Drupal versions before 7.58	Drupal	CVE 2018-7600	Arbitrary code execution
Telerik User Interface (UI) for ASP.NET	Telerik	CVE 2019-18935	Remote code execution
Microsoft SharePoint	Microsoft	CVE-2019-0604	Arbitrary code execution
Windows Background Intelligent Transfer Service (BITS)	Microsoft	CVE-2020-0787	Arbitrary code execution
Windows Netlogon Remote Protocol (MS-NRPC)	Microsoft	CVE-2020-1472	Domain Impersonation
Microsoft Exchange	Microsoft	CVE-2021-26855	Remote code execution
Microsoft Exchange	Microsoft	CVE-2021-26857	Remote code execution
Microsoft Exchange	Microsoft	CVE-2021-26858	Remote code execution
Microsoft Exchange	Microsoft	CVE-2021-27065	Remote code execution
Pulse Connect Secure VPN	Pulse	CVE-2021-22893	Authentication bypass
Pulse Connect Secure VPN	Pulse	CVE-2021-22894	Buffer overflow vulnerability
Pulse Connect Secure VPN	Pulse	CVE-2021-22899	Remote code execution
Pulse Connect Secure VPN	Pulse	CVE-2021-22900	Unrestricted uploads
Accellion File Transfer Appliance	Accellion	CVE-2021-27101	SQL injection
Accellion File Transfer Appliance	Accellion	CVE-2021-27102	Command execution
Accellion File Transfer Appliance	Accellion	CVE-2021-27103	SSRF via a crafted POST
Accellion File Transfer Appliance	Accellion	CVE-2021-27104	Command execution
VMware vCenter Software	Vmware	CVE-2021-21985	Remote code execution
Fortinet FortiOS	Fortinet	CVE-2018-13379	Path traversal
Fortinet FortiOS	Fortinet	CVE-2020-12812	Improper authentication
Fortinet FortiOS	Fortinet	CVE-2019-5591	LDAP server impersonation