{"id":15548,"date":"2023-03-02T07:03:58","date_gmt":"2023-03-02T14:03:58","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=15548"},"modified":"2023-04-06T14:04:06","modified_gmt":"2023-04-06T21:04:06","slug":"why-are-some-ransomware-vulnerabilities-more-dangerous-than-others","status":"publish","type":"post","link":"https:\/\/10.42.32.162\/articles\/why-are-some-ransomware-vulnerabilities-more-dangerous-than-others\/","title":{"rendered":"Why Are Some Ransomware-Associated Vulnerabilities More Dangerous than Others?"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"15548\" class=\"elementor elementor-15548\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-c2158df elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"c2158df\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-23689822\" data-id=\"23689822\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-442d4f9 elementor-widget elementor-widget-heading\" data-id=\"442d4f9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What are the MITRE Kill Chain Vulnerabilities?<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e09c22d elementor-widget elementor-widget-text-editor\" data-id=\"e09c22d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: left;\">A MITRE kill chain is a model where each stage of a cyberattack can be defined, described, and tracked, visualizing each move made by the attacker. Using this framework, security teams can stop an attack and design stronger security processes to protect their assets.<\/p><p style=\"text-align: left;\">This framework also has detailed procedures for each technique and catalogs the tools, protocols, and malware strains used in real-world attacks. Consequently, security researchers use these frameworks to understand attack patterns and focus on detecting exposures, evaluating current defenses, and tracking attacker groups.<\/p><p style=\"text-align: left;\">Securin\u2019s ransomware research, elucidated further in the <a href=\"\/ransomware\/\" target=\"_blank\" rel=\"noopener\">Ransomware Spotlight Report 2023<\/a>, has discovered 57 extremely dangerous vulnerabilities associated with ransomware that can be exploited as a complete MITRE ATT&amp;CK kill chain, from initial access to exfiltration.<\/p><p style=\"text-align: left;\">A total of 81 unique products across 20 major vendors, such as Microsoft, SonicWall, Apache, Atlassian, VMware, F5, and Oracle were identified by Securin experts.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-49ad634 elementor-widget elementor-widget-heading\" data-id=\"49ad634\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">ATT&CK Kill Chain Vulnerabilities<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f5061a1 elementor-widget elementor-widget-text-editor\" data-id=\"f5061a1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\" style=\"text-align: left;\">Our analysis of the 57 dangerous vulnerabilities produced the following findings:<\/p><ul><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><strong>49<\/strong>\u00a0of the\u00a0<strong>57<\/strong>\u00a0vulnerabilities already feature in the DHS CISA KEV catalog.<\/p><\/li><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><strong>32\u00a0<\/strong>vulnerabilities are rated critical as per their CVSS v3 scores, while\u00a0<strong>20\u00a0<\/strong>are rated high, and\u00a0<strong>5\u00a0<\/strong>have no ratings available.<\/p><\/li><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><a href=\"\/vulnerability-intelligence\/\" target=\"_blank\" rel=\"noopener\">Securin\u2019s Vulnerability Intelligence platform<\/a> assigned\u00a0<strong>34\u00a0<\/strong>of 57 vulnerabilities a predictive score of 38.46, a critical severity rating, while\u00a0<strong>23\u00a0<\/strong>were assigned high-severity scores, providing an insight into the likelihood of the vulnerabilities being exploited in the wild.<\/p><\/li><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"1\"><p dir=\"ltr\" role=\"presentation\"><strong>33\u00a0<\/strong>vulnerabilities are categorized as remote code execution (RCE),\u00a0<strong>16\u00a0<\/strong>vulnerabilities are categorized as privilege escalation (PE),\u00a0<strong>5\u00a0<\/strong>CVEs are classified as DOS,\u00a0<strong>24\u00a0<\/strong>vulnerabilities are WEBAPP, and\u00a0<strong>34\u00a0<\/strong>CVEs have both RCE and PE issues.<\/p><\/li><li dir=\"ltr\" aria-level=\"1\"><p dir=\"ltr\" style=\"text-align: left;\" role=\"presentation\">CVEs with the highest ransomware associations include:<\/p><ul><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"2\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0034\" target=\"_blank\" rel=\"noopener\">CVE-2016-0034<\/a> has the highest number of ransomware associations with\u00a0<strong>43<\/strong><\/p><\/li><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"2\"><p dir=\"ltr\" role=\"presentation\">Closely followed by <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2012-1723\" target=\"_blank\" rel=\"noopener\">CVE-2012-1723<\/a> at\u00a0<strong>42<\/strong><\/p><\/li><li dir=\"ltr\" style=\"text-align: left;\" aria-level=\"2\"><p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2021-34473\" target=\"_blank\" rel=\"noopener\">CVE-2021-34473<\/a> and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34523\" target=\"_blank\" rel=\"noopener\">CVE-2021-34523<\/a> are tied at\u00a0<strong>11\u00a0<\/strong>each<\/p><\/li><li dir=\"ltr\" aria-level=\"2\"><p dir=\"ltr\" style=\"text-align: left;\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-1472\" target=\"_blank\" rel=\"noopener\">CVE-2020-1472<\/a> has\u00a0<strong>9\u00a0<\/strong>associations<\/p><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ccd3149 elementor-widget elementor-widget-heading\" data-id=\"ccd3149\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Securin Recommends DHS CISA to Add 8 Kill-Chain Vulnerabilities to its KEV Catalog<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-75b078c elementor-widget elementor-widget-text-editor\" data-id=\"75b078c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: left;\">Eight of the 57 MITRE kill-chain vulnerabilities are not in the CISA KEV catalog. Our Securin experts recommend CISA to add the following to the KEVs:<\/p><ul><li dir=\"ltr\" aria-level=\"2\"><p dir=\"ltr\" style=\"text-align: left;\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-10401\" target=\"_blank\" rel=\"noopener\">CVE-2016-10401<\/a> &#8211; A vulnerability affecting Zyxel home routers<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f5308d4 elementor-widget elementor-widget-image\" data-id=\"f5308d4\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"962\" height=\"297\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS1.png\" class=\"attachment-full size-full wp-image-15555\" alt=\"Ransomware\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS1.png 962w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS1-300x93.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS1-768x237.png 768w\" sizes=\"(max-width: 962px) 100vw, 962px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fcc6c2a elementor-widget elementor-widget-text-editor\" data-id=\"fcc6c2a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 9.00\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0 CVSS v3 &#8211; 8.80\u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0 \u00a0\u00a0Securin VRS &#8211; 8.48<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6325f87 elementor-widget elementor-widget-text-editor\" data-id=\"6325f87\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-6884\" target=\"_blank\" rel=\"noopener\">CVE-2017-6884<\/a> &#8211; A command injection vulnerability affecting Zyxel home routers<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8af6ece elementor-widget elementor-widget-image\" data-id=\"8af6ece\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"952\" height=\"303\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS2.png\" class=\"attachment-full size-full wp-image-15558\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS2.png 952w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS2-300x95.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS2-768x244.png 768w\" sizes=\"(max-width: 952px) 100vw, 952px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-702d212 elementor-widget elementor-widget-text-editor\" data-id=\"702d212\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 9.00\u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0\u00a0\u00a0CVSS v3 &#8211; 8.80\u00a0 \u00a0 <\/strong>\u00a0|<strong>\u00a0 \u00a0 \u00a0Securin VRS &#8211; 9.39<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aeb824c elementor-widget elementor-widget-text-editor\" data-id=\"aeb824c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8389\" target=\"_blank\" rel=\"noopener\">CVE-2018-8389<\/a> &#8211; A Scripting Engine Memory Corruption Vulnerability affecting Internet Explorer<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0740a52 elementor-widget elementor-widget-image\" data-id=\"0740a52\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"962\" height=\"291\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS3.png\" class=\"attachment-full size-full wp-image-15559\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS3.png 962w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS3-300x91.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS3-768x232.png 768w\" sizes=\"(max-width: 962px) 100vw, 962px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c9746d1 elementor-widget elementor-widget-text-editor\" data-id=\"c9746d1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><b><strong>CVSS v2 &#8211; 7.60\u00a0 \u00a0 \u00a0<\/strong><\/b>|<b><strong>\u00a0 \u00a0\u00a0\u00a0 CVSS v3 &#8211; 7.50\u00a0 \u00a0 \u00a0 <\/strong><\/b>|<b><strong>\u00a0 \u00a0 \u00a0 \u00a0Securin VRS &#8211; 7.76<\/strong><\/b><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aa0c0a3 elementor-widget elementor-widget-text-editor\" data-id=\"aa0c0a3\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-2729\" target=\"_blank\" rel=\"noopener\">CVE-2019-2729<\/a> &#8211; Vulnerability in the Oracle WebLogic Server component<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-783e85b elementor-widget elementor-widget-image\" data-id=\"783e85b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"965\" height=\"302\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS4.png\" class=\"attachment-full size-full wp-image-15564\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS4.png 965w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS4-300x94.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS4-768x240.png 768w\" sizes=\"(max-width: 965px) 100vw, 965px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b456bfc elementor-widget elementor-widget-text-editor\" data-id=\"b456bfc\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><b><strong>CVSS v2 &#8211; 7.50\u00a0 \u00a0 \u00a0 \u00a0<\/strong><\/b>|<b><strong>\u00a0 \u00a0 \u00a0 \u00a0CVSS v3 &#8211; 9.80\u00a0 \u00a0 \u00a0 <\/strong><\/b>|<b><strong>\u00a0 \u00a0 \u00a0 \u00a0Securin VRS &#8211; 9.98<\/strong><\/b><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-778eab7 elementor-widget elementor-widget-text-editor\" data-id=\"778eab7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-1210\" target=\"_blank\" rel=\"noopener\">CVE-2020-1210<\/a> &#8211; An RCE vulnerability in Microsoft SharePoint<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-99639bc elementor-widget elementor-widget-image\" data-id=\"99639bc\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"950\" height=\"305\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS5.png\" class=\"attachment-full size-full wp-image-15565\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS5.png 950w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS5-300x96.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS5-768x247.png 768w\" sizes=\"(max-width: 950px) 100vw, 950px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fc71cc3 elementor-widget elementor-widget-text-editor\" data-id=\"fc71cc3\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 6.50\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0CVSS v3 &#8211; 8.80\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0 Securin VRS &#8211; 8.47<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ca8518d elementor-widget elementor-widget-text-editor\" data-id=\"ca8518d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-16875\" target=\"_blank\" rel=\"noopener\">CVE-2020-16875<\/a> &#8211; An RCE vulnerability in Microsoft Exchange server<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8a7f52b elementor-widget elementor-widget-image\" data-id=\"8a7f52b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"863\" height=\"317\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS6.png\" class=\"attachment-full size-full wp-image-15568\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS6.png 863w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS6-300x110.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS6-768x282.png 768w\" sizes=\"(max-width: 863px) 100vw, 863px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8a3165f elementor-widget elementor-widget-text-editor\" data-id=\"8a3165f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 9.00\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0 CVSS v3 &#8211; 7.20\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0Securin VRS &#8211; 9.08<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8adafa0 elementor-widget elementor-widget-text-editor\" data-id=\"8adafa0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-36195\" target=\"_blank\" rel=\"noopener\">CVE-2020-36195<\/a> &#8211; \u00a0SQL injection vulnerability affecting QNAP NAS devices<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7bfffd5 elementor-widget elementor-widget-image\" data-id=\"7bfffd5\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"956\" height=\"294\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS7.png\" class=\"attachment-full size-full wp-image-15572\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS7.png 956w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS7-300x92.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS7-768x236.png 768w\" sizes=\"(max-width: 956px) 100vw, 956px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-afef2dc elementor-widget elementor-widget-text-editor\" data-id=\"afef2dc\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 7.50\u00a0 \u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0 \u00a0 CVSS v3 &#8211; 9.80\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0 Securin VRS &#8211; 8.79<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3f3bb26 elementor-widget elementor-widget-text-editor\" data-id=\"3f3bb26\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-31206\" target=\"_blank\" rel=\"noopener\">CVE-2021-31206<\/a> &#8211; Microsoft Exchange Server RCE vulnerability<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bc2bfa1 elementor-widget elementor-widget-image\" data-id=\"bc2bfa1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"962\" height=\"307\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS8.png\" class=\"attachment-full size-full wp-image-15575\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS8.png 962w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS8-300x96.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS8-768x245.png 768w\" sizes=\"(max-width: 962px) 100vw, 962px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-70f5802 elementor-widget elementor-widget-text-editor\" data-id=\"70f5802\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 7.90\u00a0 \u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0 \u00a0 CVSS v3 &#8211; 8.00\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0Securin\u00a0VRS &#8211; 8.36<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e855b22 elementor-widget elementor-widget-heading\" data-id=\"e855b22\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Auld Lang Syne: Ghosts of the Past<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-05d5f0a elementor-widget elementor-widget-text-editor\" data-id=\"05d5f0a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: left;\">Securin analysts identified 25 vulnerabilities that are old, dating from between 2012 and 2019. The oldest CVEs belong to Oracle. <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1710\" target=\"_blank\" rel=\"noopener\">CVE-2012-1710<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2012-1723\" target=\"_blank\" rel=\"noopener\">CVE-2012-1723<\/a> and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2012-4681\" target=\"_blank\" rel=\"noopener\">CVE-2012-4681<\/a> affect multiple products apart from Oracle. <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2012-1723\" target=\"_blank\" rel=\"noopener\">CVE-2012-1723<\/a> and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2012-4681\" target=\"_blank\" rel=\"noopener\">CVE-2012-4681<\/a> both have CVSS v3 scores of 10.0.<\/p><p style=\"text-align: left;\">While all 25 have multiple ransomware associated with them, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-0034\" target=\"_blank\" rel=\"noopener\">CVE-2016-0034<\/a> (Microsoft) takes the cake with a whopping 43 ransomware associations, followed closely by <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2012-1723\" target=\"_blank\" rel=\"noopener\">CVE-2012-1723<\/a> with 42.<\/p><p style=\"text-align: left;\">Of the 25 old vulnerabilities, 17 CVEs are categorized as RCE and RCE\/PE respectively, eight are privilege escalation vulnerabilities, two are categorized as DOS, and 12 as Webapp.<\/p><p style=\"text-align: left;\">The majority of the old vulnerabilities affect two specific vendors \u2013 eight CVEs plague 70 unique Oracle products, while seven CVEs affect 51 unique Microsoft products.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bc86cfe elementor-widget elementor-widget-heading\" data-id=\"bc86cfe\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Top 5 Kill Chain CVEs with Highest Number of Products Affected<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1ce8d6e0 elementor-widget elementor-widget-text-editor\" data-id=\"1ce8d6e0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h2 dir=\"ltr\">\u00a0<\/h2><table border=\"1\" align=\"center\"><colgroup> <col \/> <col \/> <col \/><\/colgroup><tbody><tr><td><p dir=\"ltr\" style=\"text-align: center;\"><strong>CVE ID<\/strong><\/p><\/td><td><p dir=\"ltr\" style=\"text-align: center;\"><strong>CVE Description<\/strong><\/p><\/td><td><p dir=\"ltr\"><strong>Number of Products Affected<\/strong><\/p><\/td><\/tr><tr><td><p dir=\"ltr\" style=\"text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\" target=\"_blank\" rel=\"noopener\">CVE-2021-44228<\/a><\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">Apache Log4J<\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">379<\/p><\/td><\/tr><tr><td><p dir=\"ltr\" style=\"text-align: center;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2021-40539\" target=\"_blank\" rel=\"noopener\">CVE-2021-40539<\/a><\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">Zoho ManageEngine ADSelfService Plus<\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">170<\/p><\/td><\/tr><tr><td style=\"text-align: center;\"><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2019-11539\" target=\"_blank\" rel=\"noopener\">CVE-2019-11539<\/a><\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">Pulse Secure Pulse Connect Secure<\/p><\/td><td><p dir=\"ltr\" style=\"text-align: center;\">97<\/p><\/td><\/tr><tr><td style=\"text-align: center;\"><p dir=\"ltr\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-5902\" target=\"_blank\" rel=\"noopener\">CVE-2020-5902<\/a><\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">BIG IP RCE<\/p><\/td><td><p dir=\"ltr\" style=\"text-align: center;\">84<\/p><\/td><\/tr><tr><td style=\"text-align: center;\"><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-36195\" target=\"_blank\" rel=\"noopener\">CVE-2020-36195<\/a><\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">QNAP SQL Injection<\/p><\/td><td><p dir=\"ltr\" style=\"text-align: center;\">57<\/p><\/td><\/tr><\/tbody><\/table>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e658bf8 elementor-widget elementor-widget-heading\" data-id=\"e658bf8\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Top 5 Products Affected by the Kill Chain Vulnerabilities<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-00875a0 elementor-widget elementor-widget-text-editor\" data-id=\"00875a0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<table border=\"1\" align=\"center\">\n<tbody>\n<tr>\n<td>\n<p dir=\"ltr\"><strong>Vendor Name<\/strong><\/p>\n<\/td>\n<td>\n<p dir=\"ltr\"><strong>Number of Products Affected<\/strong><\/p>\n<\/td>\n<td>\n<p dir=\"ltr\"><strong>Worst Affected Product(s)<\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p dir=\"ltr\">Microsoft<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">23<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">Microsoft Exchange Server<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p dir=\"ltr\">Oracle<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">16<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">JRE, JDK and WebLogic Servers<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p dir=\"ltr\">F5<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">14<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">&#8211;<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p dir=\"ltr\">Apache<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">3<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">Log4J, Struts<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p dir=\"ltr\">Atlassian<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">3<\/p>\n<\/td>\n<td>\n<p dir=\"ltr\">Confluence Server<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ed53ce9 elementor-widget elementor-widget-heading\" data-id=\"ed53ce9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Top 5 CWEs of the Kill Chain Vulnerabilities<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c0c277a elementor-widget elementor-widget-text-editor\" data-id=\"c0c277a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Securin experts analyzed the weakness category of the vulnerabilities and found five CWEs that are ranked among the top 10 in\u00a0<a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2022\/2022_cwe_top25.html\" target=\"_blank\" rel=\"noopener\">MITRE\u2019s top 40 dangerous weaknesses (2022)<\/a>.<\/p><table border=\"1\" align=\"center\"><colgroup> <col \/> <col \/> <col \/> <col \/> <col \/><\/colgroup><tbody><tr><td colspan=\"5\"><p dir=\"ltr\"><strong>Top 10 MITRE CWEs (and Count of Vulnerabilities)<br \/>with CVEs having a complete Kill Chain<\/strong><\/p><\/td><\/tr><tr><td><p dir=\"ltr\" style=\"text-align: center;\">CWE-20<\/p><p dir=\"ltr\" style=\"text-align: center;\">11<\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">CWE-22<\/p><p dir=\"ltr\">7<\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">CWE-787<\/p><p dir=\"ltr\">4<\/p><\/td><td style=\"text-align: center;\"><p dir=\"ltr\">CWE-89<\/p><p dir=\"ltr\">4<\/p><\/td><td><p dir=\"ltr\" style=\"text-align: center;\">CWE-78<\/p><p dir=\"ltr\" style=\"text-align: center;\">4<\/p><\/td><\/tr><\/tbody><\/table><p dir=\"ltr\">CWE-20, an improper input validation vulnerability, has the maximum number of CVEs categorized within it. CWE-22, an Improper Limitation of a Pathname to a Restricted Directory or &#8216;Path Traversal&#8217; vulnerability, has the second highest number of CVEs. The other noteworthy weaknesses, CWE-787, CWE-89 and CWE-78, are rated 1st, 3rd and 6th in the list of MITRE\u2019s Most Dangerous Software Weaknesses.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-224eff1 elementor-widget elementor-widget-heading\" data-id=\"224eff1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Scanner Detection Gone Awry<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1708850 elementor-widget elementor-widget-text-editor\" data-id=\"1708850\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\" style=\"text-align: left;\">Three kill chain vulnerabilities are especially dangerous, thanks to their evasive nature from the roving eyes of common scanners like Qualys, Nessus and Nexpose. Let us take a deeper dive into these vulnerabilities:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0b668d6 elementor-widget elementor-widget-text-editor\" data-id=\"0b668d6\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li style=\"text-align: left;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18362\" target=\"_blank\" rel=\"noopener\">CVE-2017-18362<\/a>&#8211; ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. The Securin Vulnerability Intelligence platform assigned it a score of 38.46, deeming it extremely critical since June 2019. Though the vulnerability was exploited as far back as November 2019 by GandCrab ransomware group, DHS CISA added the CVE to the KEV catalog in May 2022. Securin experts had called out the vulnerability and its inclusion in the KEV catalog in our Ransomware Spotlight Report Q3.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e28473e elementor-widget elementor-widget-image\" data-id=\"e28473e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"969\" height=\"299\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS9.png\" class=\"attachment-full size-full wp-image-15578\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS9.png 969w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS9-300x93.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS9-768x237.png 768w\" sizes=\"(max-width: 969px) 100vw, 969px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1f6ec8d elementor-widget elementor-widget-text-editor\" data-id=\"1f6ec8d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong style=\"text-align: center;\">CVSS v2 &#8211; 7.50\u00a0 \u00a0 \u00a0 <\/strong>|<strong style=\"text-align: center;\">\u00a0 \u00a0 \u00a0 CVSS v3 &#8211; 9.80\u00a0 \u00a0 \u00a0 <\/strong>|<strong style=\"text-align: center;\">\u00a0 \u00a0 \u00a0 Securin VRS &#8211; 8.80<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a8ab1b2 elementor-widget elementor-widget-text-editor\" data-id=\"a8ab1b2\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18362\" target=\"_blank\" rel=\"noopener\">CVE-2017-18362<\/a> was initially assigned a CVSS v2 score of just 7.50, later to be revised to a critical score of 9.80 (CVSS v3). The Securin VRS definitive score of 8.80 is due to the reduced frequency of attacks exploiting the vulnerability. However, it is important to note that the vulnerability is not detectable by popular scanners, making it difficult for security teams to patch.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-861605d elementor-widget elementor-widget-text-editor\" data-id=\"861605d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li style=\"text-align: left;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6884\" target=\"_blank\" rel=\"noopener\">CVE-2017-6884<\/a> &#8211; A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00 (AAQT.4)b8. The vulnerability was assigned a critical score of 38.46 by Securin\u2019s VI platform in May 2020. Despite being six years old, being associated with Ryuk ransomware, being invisible to popular scanners and having a critical severity, the DHS CISA is still yet to add the vulnerability to the KEV catalog.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-507aa1f elementor-widget elementor-widget-image\" data-id=\"507aa1f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"986\" height=\"300\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS10.png\" class=\"attachment-full size-full wp-image-15598\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS10.png 986w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS10-300x91.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS10-768x234.png 768w\" sizes=\"(max-width: 986px) 100vw, 986px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ce53033 elementor-widget elementor-widget-text-editor\" data-id=\"ce53033\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 9.00\u00a0 \u00a0 \u00a0<\/strong>|<strong>\u00a0 \u00a0 \u00a0 CVSS v3 &#8211; 8.80\u00a0 \u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0 \u00a0 Securin VRS &#8211; 9.39<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bdafcdb elementor-widget elementor-widget-text-editor\" data-id=\"bdafcdb\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: left;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-6884\" target=\"_blank\" rel=\"noopener\">CVE-2017-6884<\/a> received a critical CVSS v2 score of 9.00, only to be downgraded to a CVSS v3 score of 8.80, in spite of its dangerousness. Thus, the Securin VRS reaffirms the criticality of the issue with a score of 9.39.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ec07ad6 elementor-widget elementor-widget-text-editor\" data-id=\"ec07ad6\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li style=\"text-align: left;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-36195\" target=\"_blank\" rel=\"noopener\">CVE-2020-36195<\/a>&#8211; An SQL injection vulnerability reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. The vulnerability was assigned a critical score of 38.46 by Securin\u2019s VI platform in July 2021. Despite being three years old, having been associated with QLocker ransomware and eCh0raix ransomware, being undetectable to popular scanners, having a critical severity, and being actively trending, the DHS CISA is still yet to add the vulnerability to the KEV catalog.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0d46e6a elementor-widget elementor-widget-image\" data-id=\"0d46e6a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"979\" height=\"301\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS11.png\" class=\"attachment-full size-full wp-image-15599\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS11.png 979w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS11-300x92.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/03\/Blog_Predictive-VRS11-768x236.png 768w\" sizes=\"(max-width: 979px) 100vw, 979px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b9766f1 elementor-widget elementor-widget-text-editor\" data-id=\"b9766f1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong>CVSS v2 &#8211; 7.50\u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0 \u00a0CVSS v3 &#8211; 9.80\u00a0 \u00a0 <\/strong>|<strong>\u00a0 \u00a0 \u00a0Securin VRS &#8211; 8.79<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8b9a04c elementor-widget elementor-widget-text-editor\" data-id=\"8b9a04c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\" style=\"text-align: left;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-36195\" target=\"_blank\" rel=\"noopener\">CVE-2020-36195<\/a>\u00a0received a high severity\u00a0CVSS v2 score of 7.50, only to be upgraded to a CVSS v3 score of 9.80. In spite of the danger it poses, Securin VRS assigns it a high score of 8.79 owing to the reduced chatter on hacker forums, thereby reducing its likelihood of being attacked.<\/p><p dir=\"ltr\" style=\"text-align: left;\">In our <a href=\"\/ransomware-report-2022-q2-q3-download\/\" target=\"_blank\" rel=\"noopener\">Ransomware Report Q2-Q3<\/a>, Securin analysts noted and warned about a flawed open source code used in Oracle products. Since the DHS CISA KEV catalog does not feature the trending critical vulnerability, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-2729\" target=\"_blank\" rel=\"noopener\">CVE-2019-2729<\/a>, Securin experts emphasized how important it is to add to the catalog. Oracle, on the other hand, used the same code in newer products in spite of the warning, as a result of which, eight new products reflect the same ransomware kill chain vulnerability.<\/p><p style=\"text-align: left;\">Securin experts have been constantly analyzing vulnerabilities associated with ransomware and mapping each CVE to their corresponding MITRE ATT&amp;CK framework to continuously develop a better understanding into how a threat actor thinks, how they behave, and what attack patterns they deploy. Keeping abreast of the kill chain vulnerabilities by ensuring they are aware of their organization\u2019s complete attack surface.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-87c81da elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"87c81da\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-844529a\" data-id=\"844529a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-355e19b elementor-widget elementor-widget-spacer\" data-id=\"355e19b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a6010ec elementor-widget elementor-widget-text-editor\" data-id=\"a6010ec\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: center;\"><strong><span style=\"color: #000000;\">Securin\u2019s Attack Surface Management platform provides organizations with a hacker\u2019s view of their attack surface, enabling them to see exposures, misconfigurations, shadow IT, and vulnerable products that have ransomware-associated vulnerabilities. Securin ASM helps companies gain visibility into their true attack surface, helping them to improve their security posture through actionable insights by leveraging our excellent threat hunting expertise, and by expediting remediation before being attacked.<\/span><\/strong><\/p><p style=\"text-align: center;\"><strong>Learn more about <a href=\"\/attack-surface-management\/\" target=\"_blank\" rel=\"noopener\">Securin\u2019s ASM platform<\/a>.<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-3cb981d elementor-widget elementor-widget-spacer\" data-id=\"3cb981d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Securin experts mapped ransomware vulnerabilities to the MITRE Att&#038;ck framework and identified 57 vulnerabilities that can be exploited from initial access to exfiltration.<\/p>\n","protected":false},"author":1,"featured_media":16089,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":""},"categories":[80,117,123,137],"tags":[89,116,607,91,250],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/15548"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/comments?post=15548"}],"version-history":[{"count":22,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/15548\/revisions"}],"predecessor-version":[{"id":17465,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/15548\/revisions\/17465"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/16089"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=15548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/categories?post=15548"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/tags?post=15548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}