DHS CISA and FBI shared a list of top 10 most exploited software vulnerabilities

DHS CISA and FBI shared a list of top 10 most exploited software vulnerabilities

Attackers are trying to gain access to your system by exploiting vulnerabilities present inside your installed vulnerable softwares. The main motive of the threat actors is to steal the data from the private sector as well as public sector organizations. So in the meanwhile Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) and the Federal Bureau of Investigation (FBI) shared a list of 10 most commonly exploited software vulnerabilities which can be helpful for attackers to gain access inside your system and from there they can steal data. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), urges organizations in the public and private sector to apply necessary updates in order to prevent the most common forms of attacks encountered today. The exploitation of these vulnerabilities often requires fewer resources as compared with zero-day exploits for which no patches are available," US officials said. The attacks are carried out by state-sponsored, non-state, and unattributed threat actors.

List of 10 most commonly exploited vulnerabilities shared by CISA & FBI :


  • Vulnerable Products: Microsoft Office 2007 SP3/2010 SP2/2013 SP1/2016 Products
  • Associated Malware: Loki, FormBook, Pony/FAREIT
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2017-11882
  • IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133e

  • Vulnerable Products: Microsoft Office 2007 SP3/2010 SP2/2013 SP1/2016, Vista SP2, Server 2008 SP2, Windows 7 SP1, Windows 8.1
  • Associated Malware: FINSPY, LATENTBOT, Dridex
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2017-0199
  • IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133g, https://www.us-cert.gov/ncas/analysis-reports/ar20-133h, https://www.us-cert.gov/ncas/analysis-reports/ar20-133p

  • Vulnerable Products: Apache Struts version 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1
  • Associated Malware: JexBoss
  • Mitigation: Upgrade to Struts 2.3.32 or Struts 2.5.10.1
  • More Detail: https://www.us-cert.gov/ncas/analysis-reports/AR18-312A, https://nvd.nist.gov/vuln/detail/CVE-2017-5638

  • Vulnerable Products: Microsoft Office 2003 SP3, 2007 SP2 & SP3, and 2010 Gold & SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2 and SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, & 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0
  • Associated Malware: Dridex
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://www.us-cert.gov/ncas/alerts/aa19-339a, https://nvd.nist.gov/vuln/detail/CVE-2012-0158
  • IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133i, https://www.us-cert.gov/ncas/analysis-reports/ar20-133j, https://www.us-cert.gov/ncas/analysis-reports/ar20-133l, https://www.us-cert.gov/ncas/analysis-reports/ar20-133k, https://www.us-cert.gov/ncas/analysis-reports/ar20-133n, https://www.us-cert.gov/ncas/analysis-reports/ar20-133o

  • Vulnerable Products: Microsoft SharePoint
  • Associated Malware: China Chopper
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2019-0604

  • Vulnerable Products: Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, & 1607; and Windows Server version 2016
  • Associated Malware: Multiple using the EternalBlue and EternalSynergy Exploit Kit
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2017-0143

  • Vulnerable Products: Adobe Flash Player before 28.0.0.161
  • Associated Malware: DOGCALL
  • Mitigation: Immediately update Adobe Flash Player installation to the latest version
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2018-4878
  • IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133d

  • Vulnerable Products: Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 & 4.7
  • Associated Malware: FINSPY, FinFisher, WingBird
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2017-8759  
  • IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133f

  • Vulnerable Products: Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1
  • Associated Malware: Toshliph, UWarrior
  • Mitigation: Immediately update affected Microsoft products with the latest security patches
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2015-1641
  • IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133m

  • Vulnerable Products: Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
  • Associated Malware: Kitty
  • Mitigation: Upgrade to the most recent version of Drupal 7 or 8 core.
  • More Detail: https://nvd.nist.gov/vuln/detail/CVE-2018-7600

Does this article being helpful to you? Let us know your thoughts in the comments section and share it with us on Facebook, Twitter, or our LinkedIn Group.

2/Comments

Post a Comment

Previous Post Next Post