Top 10 Routinely Exploited Vulnerabilities in the past four years
The US Cybersecurity and Infrastructure Security Agency (CISA) recently released a list of the ten most commonly exploited vulnerabilities between 2016 and 2019, including seven Microsoft product vulnerabilities (Office, Windows, SharePoint, .NET Framework) Apache Struts vulnerability, an Adobe Flash Player vulnerability and a Drupal vulnerability, the list of CVE vulnerability numbers is as follows:
- CVE-2017-11882
- CVE-2017-0199
- CVE-2017-5638
- CVE-2012-0158
- CVE-2019-0604
- CVE-2017-0143
- CVE-2018-4878
- CVE-2017-8759
- CVE-2015-1641
- CVE-2018-7600
CISA recommends that IT security professionals use this list along with a similar list of vulnerabilities recently edited by Recorded Future, which focuses on the ten most commonly exploited vulnerabilities by cybercriminals in 2019.
In addition to the aforementioned vulnerabilities, CISA also highlighted several other vulnerabilities that were routinely exploited in 2020:
- CVE-2019-11510 (affects Pulse Secure VPN server)
- CVE-2019-19781 (affecting Citrix VPN devices)
Since the first quarter of 2020, with the popularity of coronavirus in the United States, malicious cyber attackers have targeted companies. CISA also specifically warned organizations to check their Microsoft Office 365 security configuration to find omissions and began to repair possible network security weaknesses in the corporate network.