Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list

During 2021, the top 15 vulnerabilities that were exploited — as observed by the US Cybersecurity and Infrastructure Security Agency, US NSA, US FBI, the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, New Zealand National Cyber Security Centre, and the United Kingdom’s National Cyber Security Centre — led to remote code execution (RCE) across a range of products, and left IT administrators with a short window to keep their house in order. “For most of the top exploited vulnerabilities, researchers or other actors released proof of concept code within two weeks of the vulnerability’s disclosure, likely facilitating exploitation by a broader range of malicious actors,”

Read full article on ZDNet

 


Date:

Categorie(s):