2022 Top Routinely Exploited Vulnerabilities | CISA (2024)

CVE-2017-0199

Microsoft

Multiple Products

Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows

CVE-2017-11882

Microsoft

Office, Multiple Versions

Microsoft Office Memory Corruption Vulnerability, CVE-2017-11882

CVE-2018-13379

Fortinet

FortiOS and FortiProxy 2.0.2, 2.0.1, 2.0.0, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6

FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests

Joint CSAs:

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

CVE-2019-11510

Ivanti

Pulse Secure Pulse Connect Secure versions, 9.0R1 to 9.0R3.3, 8.3R1 to 8.3R7, and 8.2R1 to 8.2R12

SA44101 - 2019-04: Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX

CISA Alerts:

Continued Exploitation of Pulse Secure VPN Vulnerability

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

ACSC Advisory:

2019-129: Recommendations to mitigate vulnerability in Pulse Connect Secure VPN Software

Joint CSA:

APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

CCCS Alert:

APT Actors Target U.S. and Allied Networks - Update 1

CVE-2019-0708

Microsoft

Remote Desktop Services

Remote Desktop Services Remote Code Execution Vulnerability

CVE-2019-19781

Citrix

ADC and Gateway version 13.0 all supported builds before 13.0.47.24

NetScaler ADC and NetScaler Gateway, version 12.1 all supported builds before 12.1.55.18; version 12.0 all supported builds before 12.0.63.13; version 11.1 all supported builds before 11.1.63.15; version 10.5 all supported builds before 10.5.70.12

SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO all supported software release builds before 10.2.6b and 11.0.3b

CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance

Joint CSAs:

APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

CCCS Alert:

Detecting Compromises relating to Citrix CVE-2019-19781

CVE-2020-5902

F5

BIG IP versions 15.1.0, 15.0.0 to 15.0.1, 14.1.0 to 14.1.2, 13.1.0 to 13.1.3, 12.1.0 to 12.1.5, and 11.6.1 to 11.6.5

K52145254: TMUI RCE vulnerability CVE-2020-5902

CISA Alert:

Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

CVE-2020-1472

Microsoft

Windows Server, Multiple Versions

Microsoft Security Update Guide: Netlogon Elevation of Privilege Vulnerability, CVE-2020-1472

ACSC Advisory:

2020-016: Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)

Joint CSA:

APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

CCCS Alert:

Microsoft Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472 - Update 1

CVE-2020-14882

Oracle

WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Oracle Critical Patch Update Advisory - October 2020

See Also
Cyber attacks are one of the biggest threats facing healthcare systemsDELTA Airlines SWOT Analysis - BStrategy InsightsAviation is facing a rising wave of cyber-attacks in the wake of COVID3 trending cyber threats in 2023

CVE-2020-14883

Oracle

WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Oracle Critical Patch Update Advisory - October 2020

CVE-2021-20016

SonicWALL

SSLVPN SMA100, Build Version 10.x

Confirmed Zero-day vulnerability in the SonicWall SMA100 build version 10.x

CVE-2021-26855

Microsoft

Exchange Server, Multiple Versions

Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-26855

CISA Alert:

Mitigate Microsoft Exchange Server Vulnerabilities

CVE-2021-26857MicrosoftExchange Server, Multiple VersionsMicrosoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-26857

CISA Alert:

Mitigate Microsoft Exchange Server Vulnerabilities

CVE-2021-26858

Microsoft

Exchange Server, Multiple Versions

Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-26858

CISA Alert:

Mitigate Microsoft Exchange Server Vulnerabilities

CVE-2021-27065

Microsoft

Multiple Products

Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-27065

CISA Alert:

Mitigate Microsoft Exchange Server Vulnerabilities

CVE-2021-20021

SonicWALL

Email Security version 10.0.9.x Email Security

SonicWall Email Security pre-authentication administrative account creation vulnerability

CVE-2021-31207

Microsoft

Exchange Server, Multiple Versions

Microsoft Exchange Server Security Feature Bypass Vulnerability, CVE-2021-31207

CISA Alert:

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities

ACSC Alert:

Microsoft Exchange ProxyShell Targeting in Australia

CVE-2022-26134

Atlassian

Confluence Server and Data Center, versions: 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4, 7.18.1

Confluence Security Advisory 2022-06-02

CISA Alert:

CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog

ACSC Alert:

Remote code execution vulnerability present in Atlassian Confluence Server and Data Center

CVE-2021-34473

Microsoft

Exchange Server, Multiple Version

Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-34473

Joint CSA:

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

CVE-2021-34523

Microsoft

Microsoft Exchange Server 2013 Cumulative Update 23

Microsoft Exchange Server 2016 Cumulative Updates 19 and 20

Microsoft Exchange Server 2019 Cumulative Updates 8 and 9

Microsoft Exchange Server Elevation of Privilege Vulnerability, CVE-2021-34523

CISA Alert:

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities

CVE-2021-26084

Jira Atlassian

Confluence Server and Data Center, versions 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Jira Atlassian: Confluence Server Webwork OGNL injection - CVE-2021-26084

CISA Alert:

Atlassian Releases Security Updates for Confluence Server and Data Center

CVE-2021-40539

Zoho ManageEngineCorp.

ManageEngine ADSelfService Plus builds up to 6113

Security advisory - ADSelfService Plus authentication bypass vulnerability

ACSC Alert:

Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors

CVE-2021-40438

Apache

HTTP Server 2.4.48

CVE-2021-41773

Apache

Apache HTTP Server 2.4.49

Apache HTTP Server 2.4 vulnerabilities

CVE-2021-42013

Apache

Apache HTTP Server 2.4.50

Apache HTTP Server 2.4 vulnerabilities

CVE-2021-20038

SonicWall

SMA 100 Series (SMA 200, 210, 400, 410, 500v), versions 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24svSMA 100 series appliances

SonicWall patches multiple SMA100 affected vulnerabilities

ACSC Alert:

CCCS Alert:

SonicWall Security Advisory

CVE-2021- 44228

Apache

Log4j, all versions from 2.0-beta9 to 2.14.1

For other affected vendors and products, see CISA's GitHub repository.

Apache Log4j Security Vulnerabilities

For additional information, see joint CSA: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

CISA webpage:

Apache Log4j Vulnerability Guidance

CCCS Alert:

Active exploitation of Apache Log4j vulnerability - Update 7

ACSC Advisory:

2021-007: Log4j vulnerability – advice and mitigations

ACSC Publication:

Log4j: What Boards and Directors Need to Know

CVE-2021-45046

Apache

Log4j 2.15.0Log4j

Apache Log4j Security Vulnerabilities

CVE-2022-42475

Fortinet

FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and

FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier

FortiOS - heap-based buffer overflow in sslvpnd

CVE-2022-24682

Zimbra

Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1)Collaboration Suite

Zimbra Collaboration Joule 8.8.15 Patch 30 GA Release

CVE-2022-22536

SAP

NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53, and SAP Web Dispatcher Internet Communication Manager (ICM)

Remediation of CVE-2022-22536 Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher

CISA Alert:

Critical Vulnerabilities Affecting SAP Applications Employing Internet Communication Manager (ICM)

CVE-2022-22963

VMware Tanzumware Tanzu

Spring Cloud Function versions 3.1.6, 3.2.2, and older unsupported versions

CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression

CVE-2022-22954

VMware

Workspace ONE Access, versions 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0

Identity Manager (vIDM) 3.3.6, 3.3.5, 3.3.4, 3.3.3

vRealize Automation (vIDM), 8.x, 7.6

VMware Cloud Foundation (vIDM), 4.x

vRealize Suite Lifecycle Manager (vIDM), 8.xWorkspace

ONE Access and Identity Manager

VMware Advisory VMSA-2022-0011

CVE-2022-22960

VMware

Workspace ONE Access, versions 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0

Identity Manager (vIDM) and vRealize Automation3.3.6, 3.3.5, 3.3.4, 3.3.3

vRealize Automation (vIDM), 8.x, 7.6

VMware Cloud Foundation (vIDM), 4.x

VMware Cloud Foundation (vRA), 3.x

vRealize Suite Lifecycle Manager (vIDM), 8.x

VMSA-2022-0011

CVE-2022-29464

AtlassianWSO2

WSO2 API Manager 2.2.0 and above through 4.0.0

WSO2 Identity Server 5.2.0 and above through 5.11.0

WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0

WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0

WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0

WSO2 Documentation - Spaces

CVE-2022-27924

Zimbra

Zimbra Collaboration Suite, 8.8.15 and 9.0

Zimbra Collaboration Kepler 9.0.0 Patch 24.1 GA Release

CVE-2022-1388

F5 Networks

F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and All 12.1.x and 11.6.x versions

K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388

Joint CSA:

Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

CVE-2022-30190

Microsoft

Exchange Server, Multiple Versions

CISA Alert:

Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability

CVE-2022-22047

Microsoft

Multiple Products

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability, CVE-2022-22047

CVE-2022-27593

QNAP

Certain QNAP NAS running Photo Station with internet exposure Ausustor Network Attached Storage

DeadBolt Ransomware

CVE-2022-41082

Microsoft

Exchange Server 2016 Cumulative Update 23, 2019 Cumulative Update 12, 2019 Cumulative Update 11, 2016 Cumulative Update 22, and 2013 Cumulative Update 23

Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2022-41082

ACSC Alert:

Vulnerability Alert – 2 new Vulnerabilities associated with Microsoft Exchange.

CVE-2022-40684

Fortinet

FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0

FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface

2022 Top Routinely Exploited Vulnerabilities | CISA (2024)
Top Articles
Small living room ideas – 29 ways to pack comfort, storage and good looks into a tiny space
18 Small Living Room Design Ideas Worth Copying in Your Own Home
All Obituaries | Golnick-Schueneman | Kewanee IL funeral home and cremation
.css-g1w87s{-webkit-text-decoration:none;text-decoration:none;line-height:1;cursor:pointer;color:#303030;color:inherit;}.css-m5rv85{margin:0;font-family:Unify Sans Bold,Helvetica Neue,Arial Nova,Helvetica,Arial,serif;font-size:28px;font-weight:300;line-he
Aiode Bot
Ladybonersgonewild
Federal National Mortgage Association (FNMA) Stock Price, Quote & News - Stock Analysis
[WATCH]~Toofan (2024) FullMovie FrEE Online on English sub, by ToofanMovies
2016 BMW 4 Series 428i xDrive Premiu for sale - Downers Grove, IL - craigslist
Cars & Trucks - By Owner near Haledon, NJ - craigslist
Pantry, Laundry & Mudroom - Ready To Assemble & Pre-Assembled Cabinets - The RTA Store
Personalised Gifts » Create Photo Gifts
Latest Posts
Camping Sangria - Mighty Mrs | Super Easy Recipes
10+ Small Living Room Ideas: Clever Ways to Decorate a Small Living Room
Article information

Author: Aron Pacocha

Last Updated:

Views: 5869

Rating: 4.8 / 5 (48 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Aron Pacocha

Birthday: 1999-08-12

Address: 3808 Moen Corner, Gorczanyport, FL 67364-2074

Phone: +393457723392

Job: Retail Consultant

Hobby: Jewelry making, Cooking, Gaming, Reading, Juggling, Cabaret, Origami

Introduction: My name is Aron Pacocha, I am a happy, tasty, innocent, proud, talented, courageous, magnificent person who loves writing and wants to share my knowledge and understanding with you.