8 out of 10 CVEs are RCE vulnerabilities<\/p>\n<\/li>\n
7 CVEs are associated with 24 ransomwares. Notable among them are Cerber, Petya, Ryuk, Locky, Wannacry, Samsa, Satan etc.<\/p>\n<\/li>\n
4 vulnerabilities are being used by 27 APT Groups. Two APT groups are known to be Chinese state actors (APT41 & Cycldek). CVE-2017-11882 and CVE-2017-0199 are being used by 14 APT groups each<\/p>\n<\/li>\n
Among the top 10 is CVE-2017-5638 – the infamous Apache Struts vulnerability, responsible for Equifax Data Breach in 2017.<\/p>\n<\/li>\n
CVE-2019-0708 – a RCE vulnerability is present in 349K active targets<\/p>\n<\/li>\n<\/ul>\n
![\"\"](\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/blogs\/googles-top-10-most-searched-vulnerabilities-in-2020-v2.jpg\")
<\/h2>\nExposure Analysis & Scanners<\/strong><\/h2>\nCVE-2017-5638 – a RCE vulnerability in Apache struts was found trending in 2020. This vulnerability was used to breach into Equifax and expose personal information of 147 million people.<\/p>\n
CVE-2017-0143, another RCE vulnerability that exists in Windows Server 2012 is used by 136K computers around the globe.<\/p>\n
Click here to download the exposure data<\/a><\/p>\nFoundational Code Weakness<\/strong><\/h2>\nFour out of ten vulnerabilities are categorized under CWE-20 (Improper input validation) spotlighting what developers ought to keep in mind while writing their code.<\/p>\n
Ransomware, APT Groups & Malware<\/strong><\/h2>\nSeven Vulnerabilities are associated with 24 ransomware strains and they have been spotlighted in our recently published Ransomware 2021report.<\/a><\/p>\nNotable among them are Cerber, Petya, Ryuk, Locky, Wannacry, Samsa, Satan etc. Out of the seven CVE-2017-0143 and CVE-2017-11882 are associated with 10 and 8 ransomware strains respectively.<\/p>\n
Four CVEs (CVE-2017-11882, CVE-2017-0199, CVE-2017-0143, CVE-2018-7600) are being used by 27 APT groups. China, Russia, North Korea and Iran were some of the nation states that are controlling these APT groups.<\/p>\n
CVE-2017-11882 and CVE-2017-0199 are being used by 14 APT groups each, to infiltrate into critical organizations and mount targeted attacks resulting in exposure of proprietary and sensitive information.<\/p>\n
A Pentester’s Perspective<\/strong><\/h2>\nCVE-2019-5544 (CVSSv3 9.8) is an interesting vulnerability that exists in VMware products<\/a> (ESXI, Enterprise Linux Desktop, Enterprise Linux Server Aus etc.).This CVE is used as a Ransomware chain along with another critical CVE (CVE-2020-3992) to exploit virtual hard disks.<\/p>\nCVE-2020-0549<\/a> is a medium severity weakness that exists in Intel products and this vulnerability is capable of resurrecting private browsing history details, passwords etc. This CVE was widely searched because this weakness was discovered in 2020 and it affects desktop, laptop, cloud computers, physical servers that use intel processor generations released from 2011 onwards.<\/p>\nCVE-2020-2555 – RCE bug in Oracle products has a score of 9.5 and is red-flagged by National Security Agency (NSA) as they are used by Chinese APT groups<\/a>.<\/p>\nAre you vulnerable to these CVEs? Click here to download patches<\/h4>\n
CVE-2017-5638 – a RCE vulnerability in Apache struts was found trending in 2020. This vulnerability was used to breach into Equifax and expose personal information of 147 million people.<\/p>\n
CVE-2017-0143, another RCE vulnerability that exists in Windows Server 2012 is used by 136K computers around the globe.<\/p>\n
Click here to download the exposure data<\/a><\/p>\n Four out of ten vulnerabilities are categorized under CWE-20 (Improper input validation) spotlighting what developers ought to keep in mind while writing their code.<\/p>\n Seven Vulnerabilities are associated with 24 ransomware strains and they have been spotlighted in our recently published Ransomware 2021report.<\/a><\/p>\n Notable among them are Cerber, Petya, Ryuk, Locky, Wannacry, Samsa, Satan etc. Out of the seven CVE-2017-0143 and CVE-2017-11882 are associated with 10 and 8 ransomware strains respectively.<\/p>\n Four CVEs (CVE-2017-11882, CVE-2017-0199, CVE-2017-0143, CVE-2018-7600) are being used by 27 APT groups. China, Russia, North Korea and Iran were some of the nation states that are controlling these APT groups.<\/p>\n CVE-2017-11882 and CVE-2017-0199 are being used by 14 APT groups each, to infiltrate into critical organizations and mount targeted attacks resulting in exposure of proprietary and sensitive information.<\/p>\n CVE-2019-5544 (CVSSv3 9.8) is an interesting vulnerability that exists in VMware products<\/a> (ESXI, Enterprise Linux Desktop, Enterprise Linux Server Aus etc.).This CVE is used as a Ransomware chain along with another critical CVE (CVE-2020-3992) to exploit virtual hard disks.<\/p>\n CVE-2020-0549<\/a> is a medium severity weakness that exists in Intel products and this vulnerability is capable of resurrecting private browsing history details, passwords etc. This CVE was widely searched because this weakness was discovered in 2020 and it affects desktop, laptop, cloud computers, physical servers that use intel processor generations released from 2011 onwards.<\/p>\n CVE-2020-2555 – RCE bug in Oracle products has a score of 9.5 and is red-flagged by National Security Agency (NSA) as they are used by Chinese APT groups<\/a>.<\/p>\nFoundational Code Weakness<\/strong><\/h2>\n
Ransomware, APT Groups & Malware<\/strong><\/h2>\n
A Pentester’s Perspective<\/strong><\/h2>\n
Are you vulnerable to these CVEs? Click here to download patches<\/h4>\n