{"id":13477,"date":"2023-01-30T14:46:53","date_gmt":"2023-01-30T21:46:53","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=13477"},"modified":"2023-04-06T15:15:31","modified_gmt":"2023-04-06T22:15:31","slug":"top-10-most-searched-vulnerabilities-in-2022","status":"publish","type":"post","link":"https:\/\/10.42.32.162\/articles\/top-10-most-searched-vulnerabilities-in-2022\/","title":{"rendered":"Top 10 Most Searched Vulnerabilities in 2022"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"13477\" class=\"elementor elementor-13477\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1c7926eb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1c7926eb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-33243357\" data-id=\"33243357\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-cc45ac1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cc45ac1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-9a03310\" data-id=\"9a03310\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-91253d0 elementor-widget elementor-widget-text-editor\" data-id=\"91253d0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The year 2022 was a very\u00a0<a href=\"https:\/\/www.forbes.com\/sites\/emilsayegh\/2022\/12\/13\/2022-in-review-an-eventful-cybersecurity-year\/?sh=477cefa4352f\" target=\"_blank\" rel=\"noopener\">eventful year<\/a>\u00a0from a cybersecurity perspective. It began with an assault of ravaging attacks from all fronts by the Conti ransomware group, followed by numerous attacks worldwide by threat actors targeting institutions across all sectors\u2014from healthcare to storage. We noticed that cyber attacks played a more significant role in 2022, setting the stage for the ongoing Russia-Ukraine war. DDoS attacks became ubiquitous and cyber insurance budgets escalated.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9d0d2a5 elementor-widget elementor-widget-text-editor\" data-id=\"9d0d2a5\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><strong>Looking back at the year that was, Secuin experts have put together a list of the top vulnerabilities that trended on the surface web and were sought out by attackers. We have made an in-depth analysis of why these vulnerabilities are serious and why they trended.\u00a0<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3f6c649 elementor-widget elementor-widget-spacer\" data-id=\"3f6c649\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5981555 elementor-widget elementor-widget-heading\" data-id=\"5981555\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Top 10 Google Trend CVEs<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c5fa93a elementor-widget elementor-widget-text-editor\" data-id=\"c5fa93a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">Here are the top 10 trending CVEs of 2022, based on the number of times these vulnerabilities topped the search charts.<\/p><table border=\"1\" cellpadding=\"3\" align=\"center\"><colgroup> <col \/> <col \/> <col \/> <col \/><\/colgroup><thead><tr><th scope=\"col\"><p dir=\"ltr\">CVE<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Affected Platform<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Trending Index<sup>1<\/sup><\/p><\/th><th scope=\"col\"><p dir=\"ltr\">In CISA KEV?<\/p><\/th><\/tr><\/thead><tbody><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4117\" target=\"_blank\" rel=\"noopener\">CVE-2016-4117<\/a><\/p><\/td><td><p dir=\"ltr\">Adobe Flash Player<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-10749\" target=\"_blank\" rel=\"noopener\">CVE-2020-10749<\/a><\/p><\/td><td><p dir=\"ltr\">Multiple vendor products<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-5953\" target=\"_blank\" rel=\"noopener\">CVE-2020-5953<\/a><\/p><\/td><td><p dir=\"ltr\">Insyde (InsydeH2O), Siemens firmware versions<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-42785\" target=\"_blank\" rel=\"noopener\">CVE-2021-42785<\/a><\/p><\/td><td><p dir=\"ltr\">TightVNC (TightVNC)\u00a0<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1151\" target=\"_blank\" rel=\"noopener\">CVE-2009-1151<\/a><\/p><\/td><td><p dir=\"ltr\">phpMyAdmin (phpMyAdmin)<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-3523\" target=\"_blank\" rel=\"noopener\">CVE-2014-3523<\/a><\/p><\/td><td><p dir=\"ltr\">Apache HTTP Server<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11825\" target=\"_blank\" rel=\"noopener\">CVE-2017-11825<\/a><\/p><\/td><td><p dir=\"ltr\">Microsoft Office<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-7659\" target=\"_blank\" rel=\"noopener\">CVE-2017-7659<\/a><\/p><\/td><td><p dir=\"ltr\">Apache HTTP Server<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-20783\" target=\"_blank\" rel=\"noopener\">CVE-2018-20783<\/a><\/p><\/td><td><p dir=\"ltr\">PHP (PHP), openSUSE (Leap)<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-7598\" target=\"_blank\" rel=\"noopener\">CVE-2020-7598<\/a><\/p><\/td><td><p dir=\"ltr\">Substack (Minimist), openSUSE (Leap)<\/p><\/td><td><p dir=\"ltr\">100<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><\/tbody><\/table><p dir=\"ltr\"><sup>1<\/sup><em><strong>Trending Index<\/strong>\u00a0(ranging from 1 to 100, where 100 is the maximum search interest) is the relative popularity of the vulnerability during the time period for which the trend is being measured.\u00a0<\/em><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ec94d23 elementor-widget elementor-widget-spacer\" data-id=\"ec94d23\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-33b4b1b elementor-widget elementor-widget-text-editor\" data-id=\"33b4b1b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">Our analysis of the top trending vulnerabilities presents the following interesting observations:<\/p><ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">2 CVEs have ransomware and APT group associations.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">2 CVEs are marked as heavily exploited by CISA.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">1 CVE has both RCE and PE exploits.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">1 CVE has a pentester framework available.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">6 CVEs are old vulnerabilities belonging to 2019 and earlier.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">There are 2 critical and 2 medium-severity vulnerabilities on the list by CVSS rating, the rest being high.<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ac5ca53 elementor-widget elementor-widget-text-editor\" data-id=\"ac5ca53\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\"><strong>Of the lot, below are our top callouts.<\/strong><\/p><ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4117\" target=\"_blank\" rel=\"noopener\">CVE-2016-4117<\/a> in Adobe Flash Player is associated with four ransomware groups (CryptXXX, Mole, Cerber, and Cyborg) and six APT groups (BlackOasis, Cobalt Group,\u00a0 APT29, Kimsuky, PROMETHIUM, and Lazarus Group). APT29 (Nobelium\/Cozy Bear), Kimsuky, and the Lazarus Group have been some of the most destructive groups of 2022, making this vulnerability highly dangerous.<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9e5cda6 elementor-widget elementor-widget-image\" data-id=\"9e5cda6\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1404\" height=\"306\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/google_user_content.png\" class=\"attachment-full size-full wp-image-13479\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/google_user_content.png 1404w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/google_user_content-300x65.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/google_user_content-1024x223.png 1024w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/google_user_content-768x167.png 768w\" sizes=\"(max-width: 1404px) 100vw, 1404px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1e46ef9 elementor-widget elementor-widget-text-editor\" data-id=\"1e46ef9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1151\" target=\"_blank\" rel=\"noopener\">CVE-2009-1151<\/a> in phpMyAdmin is targeted by two APT groups &#8211; Sea Turtle and Emennet Pasargad and affects over 41 products. This vulnerability is capable of being exploited for remote code execution, privilege escalation, and compromising web applications, compounding its impact. The vulnerability also has a pentester framework available, simplifying the installation, packaging, and application in pentesting engagements, an exemplification of the advanced capabilities that this vulnerability offers to attackers.<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d8e3dff elementor-widget elementor-widget-text-editor\" data-id=\"d8e3dff\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>Both these vulnerabilities rightly feature on the CISA KEV catalog\u2014a warning for organizations that they are heavily exploited vulnerabilities and likely to be targeted repeatedly by attackers.\u00a0<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eb8d10d elementor-widget elementor-widget-spacer\" data-id=\"eb8d10d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0345e89 elementor-widget elementor-widget-heading\" data-id=\"0345e89\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">A Risk Perspective<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0737983 elementor-widget elementor-widget-text-editor\" data-id=\"0737983\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">Our Vulnerability Intelligence platform, Securin VI, gives<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1151\" target=\"_blank\" rel=\"noopener\"> CVE-2009-1151<\/a> a critical Definitive-VRS (D-VRS)<sup>2<\/sup>\u00a0rating of 9.72 as it has many APT group associations and a large number of public exploit codes available, among other factors.\u00a0<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4117\" target=\"_blank\" rel=\"noopener\">CVE-2016-4117<\/a> receives a high D-VRS<sup>2<\/sup>\u00a0rating on the Securin VI platform.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">Of the 10 vulnerabilities trending on Google in 2022, three of them\u2014<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2009-1151\" target=\"_blank\" rel=\"noopener\">CVE-2009-1151<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-4117\" target=\"_blank\" rel=\"noopener\">CVE-2016-4117<\/a>, and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-42785\" target=\"_blank\" rel=\"noopener\">CVE-2021-42785<\/a>\u2014 have maximum P-VRS<sup>3<\/sup>\u00a0scores of 38.46 indicating that hackers are scouting for exposed instances of these vulnerabilities.<\/p><\/li><\/ul><p dir=\"ltr\"><sup>2<\/sup><em><strong>Definitive-VRS or D-VRS<\/strong>\u00a0is the Vulnerability Risk Score (VRS) ranging from 0 to 10 assigned to every vulnerability based on its CVE attributes, CVSS rating, ransomware, and APT associations, exploit code availability, past exploitation, and trending factors.<\/em><\/p><p dir=\"ltr\"><sup>3<\/sup><em><strong>Predictive-VRS or P-VRS<\/strong>\u00a0is a predictive indicator for the likelihood of exploitability of every vulnerability. Ranging from 1 to 38.4615, P-VRS considers factors such as CVE chatter on the deep and dark web, vulnerability interest in hacker forums, exploitation in the wild, and mentions in the news and social media to provide early warnings to organizations about vulnerabilities that pose a threat.<\/em><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9f11a2b elementor-widget elementor-widget-spacer\" data-id=\"9f11a2b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-118e0a7 elementor-widget elementor-widget-heading\" data-id=\"118e0a7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Other Noteworthy Trending Vulnerabilities<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-36c1f26 elementor-widget elementor-widget-text-editor\" data-id=\"36c1f26\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">Although not part of the top 10 trending vulnerabilities on Google, we call out few noteworthy vulnerabilities that trended in 2022.<\/p><table border=\"1\" cellpadding=\"3\" align=\"center\"><colgroup> <col \/> <col \/> <col \/> <col \/> <col \/> <col \/> <col \/><\/colgroup><thead><tr><th scope=\"col\"><p dir=\"ltr\">Vulnerability<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Affected Platform<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">CVSS<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">D-VRS<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">P-VRS<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Exploitation in the Wild<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">In CISA KEV?<\/p><\/th><\/tr><tr><td scope=\"col\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-5734\" target=\"_blank\" rel=\"noopener\">CVE-2016-5734<\/a><\/td><td scope=\"col\"><p dir=\"ltr\">phpMyAdmin<\/p><\/td><td scope=\"col\"><p dir=\"ltr\">Critical<\/p><\/td><td scope=\"col\"><p dir=\"ltr\">Critical<\/p><\/td><td scope=\"col\"><p dir=\"ltr\">Critical<\/p><\/td><td scope=\"col\"><p dir=\"ltr\">True<\/p><\/td><td scope=\"col\"><p dir=\"ltr\">No<\/p><\/td><\/tr><\/thead><tbody><tr><td><p dir=\"ltr\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-3152\" target=\"_blank\" rel=\"noopener\">CVE-2012-3152<\/a><\/p><\/td><td><p dir=\"ltr\">Oracle (Fusion Middleware)<\/p><\/td><td><p dir=\"ltr\">Medium<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">True<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2021-0920\" target=\"_blank\" rel=\"noopener\">CVE-2021-0920<\/a><\/p><\/td><td><p dir=\"ltr\">Google (Android), Debian (Linux)<\/p><\/td><td><p dir=\"ltr\">Medium<\/p><\/td><td><p dir=\"ltr\">Medium<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">True<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-14578\" target=\"_blank\" rel=\"noopener\">CVE-2020-14578<\/a><\/p><\/td><td><p dir=\"ltr\">Multiple vendor products<\/p><\/td><td><p dir=\"ltr\">Medium<\/p><\/td><td><p dir=\"ltr\">Medium<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">True<\/p><\/td><td><p dir=\"ltr\">No<\/p><\/td><\/tr><\/tbody><\/table><p>The above list of vulnerabilities makes for a compelling study. The CVEs flagged are all of diverse complexities ranging from those already in the CISA KEV catalog, ones with maximum D-VRS\/P-VRS scores, to those exploited in the wild. All these factors contribute to a vulnerability being a \u2018risk\u2019 to an organization and highlights the importance of a wholesome risk analysis.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b06b991 elementor-widget elementor-widget-spacer\" data-id=\"b06b991\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-61ced82 elementor-widget elementor-widget-heading\" data-id=\"61ced82\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Special Callouts:<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3c4667f elementor-widget elementor-widget-text-editor\" data-id=\"3c4667f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-5734\" target=\"_blank\" rel=\"noopener\">CVE-2016-5734<\/a> ( phpMyAdmin) is a code injection vulnerability that results from improper control of code generation. The CVE has exploit codes that can be used for remote code execution, privilege escalation, or web app exploitation, making it a highly sought-out vulnerability by attackers with malicious intent.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-3152\" target=\"_blank\" rel=\"noopener\">CVE-2012-3152<\/a> (Oracle Fusion Middleware) is a 2012 vulnerability that only has a CVSS V2 score. However, it has five exploit codes available in the public domain, which can be used to remotely execute custom code and exploit web applications as well. The vulnerability has previously been exploited by the Volatile Cedar APT group and thus, Securin VRS rates it as being of critical severity.<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4811107 elementor-widget elementor-widget-text-editor\" data-id=\"4811107\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>A 360-degree analysis of vulnerabilities is important to understand which vulnerabilities could pose a threat to an enterprise at any given point in time and cannot be decided as a function of any one parameter alone.<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3a77c8f elementor-widget elementor-widget-spacer\" data-id=\"3a77c8f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c8c41a8 elementor-widget elementor-widget-heading\" data-id=\"c8c41a8\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Top 10 Popular CVEs of 2022<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-27cefe1 elementor-widget elementor-widget-text-editor\" data-id=\"27cefe1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">We also observed some vulnerabilities were pet favorites of threat actors and repeatedly kept popping on and off our threat actor radar in the past year. While these do not make the top 10 cut purely based on trending counts, these vulnerabilities fall under the high\/critical bracket on Securin VI and are ones organizations must be wary of.<\/p><p>Below, we present the top 10 popular vulnerabilities, which have been called out by Securin multiple times in blogs and reports. All ten are in the CISA KEV catalog, and have maxed out on their P-VRS scores\u2014a sign that there continues to be a lot of interest in these vulnerabilities from malicious actors.<\/p><p dir=\"ltr\">Only the Fortinet FortiOS vulnerability (<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-13379\" target=\"_blank\" rel=\"noopener\">CVE-2018-13379<\/a>) has no remote code execution nor privilege escalation capabilities by itself\u2014although it has a heavy exposure count and multiple threat associations. The other nine have critical D-VRS severity ratings, highlighting the possible impact these vulnerabilities could have if exploited.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2daaf98 elementor-widget elementor-widget-text-editor\" data-id=\"2daaf98\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<table border=\"1\" cellpadding=\"3\" align=\"center\"><thead><tr><th scope=\"col\"><p dir=\"ltr\">Vulnerability Name<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">CVE Identifier<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Exploit Type<sup>4<\/sup><\/p><\/th><th scope=\"col\"><p dir=\"ltr\">D-VRS<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">P-VRS<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Affected Platform<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">Ransomware Associations<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">APT Group Associations<\/p><\/th><th scope=\"col\"><p dir=\"ltr\">CISA KEV?<\/p><\/th><\/tr><\/thead><tbody><tr><td><p dir=\"ltr\">ProxyShell<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2021-34473\" target=\"_blank\" rel=\"noopener\">CVE-2021-34473<\/a><\/p><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34523\" target=\"_blank\" rel=\"noopener\">CVE-2021-34523<\/a><\/p><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2021-31207\" target=\"_blank\" rel=\"noopener\">CVE-2021-31207<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, PE, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Microsoft Exchange Server<\/p><\/td><td><p dir=\"ltr\">12+\u00a0<\/p><\/td><td><p dir=\"ltr\">7+\u00a0<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Log4Shell<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\" target=\"_blank\" rel=\"noopener\">CVE-2021-44228<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, DoS, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Multiple vendor-products<\/p><\/td><td><p dir=\"ltr\">7\u00a0<\/p><\/td><td><p dir=\"ltr\">10\u00a0<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">ProxyLogon<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26855\" target=\"_blank\" rel=\"noopener\">CVE-2021-26855<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, PE, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Microsoft Exchange Server<\/p><\/td><td><p dir=\"ltr\">7\u00a0<\/p><\/td><td><p dir=\"ltr\">15<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Fortinet FortiOS<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-13379\" target=\"_blank\" rel=\"noopener\">CVE-2018-13379<\/a><\/p><\/td><td><p dir=\"ltr\">WebApp<\/p><\/td><td><p dir=\"ltr\">High<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Fortinet FortiOS<\/p><\/td><td><p dir=\"ltr\">7<\/p><\/td><td><p dir=\"ltr\">10<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Equation Editor RCE<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2017-11882\" target=\"_blank\" rel=\"noopener\">CVE-2017-11882<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Microsoft Office<\/p><\/td><td><p dir=\"ltr\">8<\/p><\/td><td><p dir=\"ltr\">23<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Zerologon<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-1472\" target=\"_blank\" rel=\"noopener\">CVE-2020-1472<\/a><\/p><\/td><td><p dir=\"ltr\">PE, DoS, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Multiple vendor-products<\/p><\/td><td><p dir=\"ltr\">9<\/p><\/td><td><p dir=\"ltr\">8<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Follina<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2022-30190\" target=\"_blank\" rel=\"noopener\">CVE-2022-30190<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Microsoft Windows and Server versions<\/p><\/td><td><p dir=\"ltr\">1<\/p><\/td><td><p dir=\"ltr\">5<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Office\/Word RCE<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2017-0199\" target=\"_blank\" rel=\"noopener\">CVE-2017-0199<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, WebApp<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Microsoft Office, Windows and Server versions<\/p><\/td><td><p dir=\"ltr\">5<\/p><\/td><td><p dir=\"ltr\">17<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><tr><td><p dir=\"ltr\">Print Nightmare<\/p><\/td><td><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34527\" target=\"_blank\" rel=\"noopener\">CVE-2021-34527<\/a><\/p><\/td><td><p dir=\"ltr\">RCE, DoS<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Critical<\/p><\/td><td><p dir=\"ltr\">Microsoft Windows and Server versions<\/p><\/td><td><p dir=\"ltr\">5<\/p><\/td><td><p dir=\"ltr\">2<\/p><\/td><td><p dir=\"ltr\">Yes<\/p><\/td><\/tr><\/tbody><\/table><p dir=\"ltr\"><sup>4<\/sup>Exploit Type refers to the different types of exploits associated with these vulnerabilities, as described below:<\/p><ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">RCE: Remote Code Execution<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">PE: Privilege Escalation<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">DoS: Denial of Service<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">WebApp : Exploitation of Web Applications<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-deb4911 elementor-widget elementor-widget-text-editor\" data-id=\"deb4911\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">Interestingly, on mapping these vulnerabilities to their MITRE ATT&amp;CK Techniques, Tactics, and Procedures, we observed that all of them can be exploited for gaining initial access into vulnerable networks or allow for execution of custom code.\u00a0<\/p><ul><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">ProxyShell, Log4Shell, ProxyLogon, Fortinet, and PrintNightmare vulnerabilities can be mapped to initial access via exploitation of public-facing applications or external remote services.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">The ZeroLogon can be exploited for code execution and privilege escalation.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\">The Follina, Office RCE, and Equation RCE vulnerabilities allow for initial access via spearphishing using malicious files and allow for exploitation for code execution.<\/p><\/li><\/ul><p>It is worthy to note that all the above vulnerabilities are present in popular products and are regularly used in personal and organizational tech stacks. As instances of these vulnerabilities being open to the Internet are extremely high, they provide easy entry points to adversaries, if they are not addressed thoroughly.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Securin experts list and analysis the top vulnerabilities that trended on the surface web and were sought out by attackers.<\/p>\n","protected":false},"author":1,"featured_media":13484,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":""},"categories":[80,81,127],"tags":[537,446,107,539,541,542,540,91,538],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/13477"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/comments?post=13477"}],"version-history":[{"count":39,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/13477\/revisions"}],"predecessor-version":[{"id":17431,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/13477\/revisions\/17431"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/13484"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=13477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/categories?post=13477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/tags?post=13477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}