{"id":7738,"date":"2022-05-16T18:20:29","date_gmt":"2022-05-17T01:20:29","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=7738"},"modified":"2022-05-16T18:20:29","modified_gmt":"2022-05-17T01:20:29","slug":"2021-most-exploited-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/","title":{"rendered":"2021 Most Exploited Vulnerabilities"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the <\/span><a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\"><span style=\"font-weight: 400;\">CISA Known Exploited Vulnerabilities Catalog.<\/span><\/a><\/p>\n<h3><b>The 1,000-Foot View<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Throughout 2021, dangerous threat actors targeted newly disclosed critical software vulnerabilities against targeted entities to include both public and private sector organizations worldwide. Malicious cyber actors targeted internet-facing systems, such as email servers and virtual private network (VPN) servers, with exploits of newly disclosed vulnerabilities. For most of the top exploited vulnerabilities, researchers or other actors released proof of concept (POC) code within two weeks of the vulnerability\u2019s disclosure, likely facilitating exploitation by a broader range of malicious actors.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Threat actors continued to exploit publicly known, older software vulnerabilities across a broad spectrum of targets. The exploitation of older vulnerabilities illustrates the continued risk to organizations that fail to patch software in a timely manner or are using software that is no longer supported by a vendor.<\/span><\/p>\n<h3><b>Highlighting Some Top Exploited 2021 Vulnerabilities<\/b><\/h3>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>CVE-2021-44228.<\/b><span style=\"font-weight: 400;\"> This vulnerability, known as Log4Shell, affects Apache\u2019s Log4j library, an open-source logging framework. An actor can exploit this vulnerability by submitting a specially crafted request to a vulnerable system that causes that system to execute arbitrary code. The request allows a cyber actor to take full control over the system. The actor can then steal information, launch ransomware, or conduct other malicious activity. Log4j is incorporated into thousands of products worldwide. This vulnerability was disclosed in December 2021; the rapid widespread exploitation of this vulnerability demonstrates the ability of malicious actors to quickly weaponize known vulnerabilities and target organizations before they patch.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, CVE-2021-27065.<\/b><span style=\"font-weight: 400;\"> These vulnerabilities, known as ProxyLogon, affect Microsoft Exchange email servers. Successful exploitation of these vulnerabilities in combination (i.e., \u201cvulnerability chaining\u201d) allows an unauthenticated cyber actor to execute arbitrary code on vulnerable Exchange Servers, which, in turn, enables the actor to gain persistent access to files and mailboxes on the servers, as well as to credentials stored on the servers. Successful exploitation may additionally enable the cyber actor to compromise trust and identity in a vulnerable network.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>CVE-2021-34523, CVE-2021-34473, CVE-2021-31207<\/b><span style=\"font-weight: 400;\">. These vulnerabilities, known as ProxyShell, also affect Microsoft Exchange email servers. Successful exploitation of these vulnerabilities in combination enables a remote actor to execute arbitrary code. These vulnerabilities reside within the Microsoft Client Access Service (CAS), which typically runs on port 443 in Microsoft Internet Information Services (IIS) (e.g., Microsoft\u2019s web server). CAS is commonly exposed to the internet to enable users to access their email via mobile devices and web browsers.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>CVE-2021-26084.<\/b><span style=\"font-weight: 400;\"> This vulnerability, affecting Atlassian Confluence Server and Data Center, could enable an unauthenticated actor to execute arbitrary code on vulnerable systems. This vulnerability quickly became one of the most routinely exploited vulnerabilities after a POC was released within a week of its disclosure. Attempted mass exploitation of this vulnerability was observed in September 2021.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Three of the top 15 routinely exploited vulnerabilities were also <\/span><a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa21-209a\"><span style=\"font-weight: 400;\">routinely exploited in 2020<\/span><\/a><span style=\"font-weight: 400;\">: <\/span><b>CVE-2020-1472, CVE-2018-13379, and CVE-2019-11510<\/b><span style=\"font-weight: 400;\">. Their continued exploitation indicates that many organizations fail to patch software in a timely manner and remain vulnerable to malicious cyber actors.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The table below shows the top 15 vulnerabilities:<\/span><\/p>\n<h3><b>Top 15 Routinely Exploited Vulnerabilities in 2021<\/b><\/h3>\n<table>\n<tbody>\n<tr>\n<td><b>CVE<\/b><\/td>\n<td><b>Vulnerability Name<\/b><\/td>\n<td><b>Vendor and Product<\/b><\/td>\n<td><b>Type<\/b><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\"><span style=\"font-weight: 400;\">CVE-2021-44228<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">Log4Shell<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Apache Log4j<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Remote code execution (RCE)<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-40539\"><span style=\"font-weight: 400;\">CVE-2021-40539<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Zoho ManageEngine AD SelfService Plus<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34523\"><span style=\"font-weight: 400;\">CVE-2021-34523<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyShell<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Elevation of privilege<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-34473\"><span style=\"font-weight: 400;\">CVE-2021-34473<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyShell<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-31207\"><span style=\"font-weight: 400;\">CVE-2021-31207<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyShell<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Security feature bypass<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27065\"><span style=\"font-weight: 400;\">CVE-2021-27065<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyLogon<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26858\"><span style=\"font-weight: 400;\">CVE-2021-26858<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyLogon<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26857\"><span style=\"font-weight: 400;\">CVE-2021-26857<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyLogon<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26855\"><span style=\"font-weight: 400;\">CVE-2021-26855<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ProxyLogon<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26084\"><span style=\"font-weight: 400;\">CVE-2021-26084<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Atlassian Confluence Server and Data Center<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Arbitrary code execution<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-21972\"><span style=\"font-weight: 400;\">CVE-2021-21972<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">VMware vSphere Client<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-1472\"><span style=\"font-weight: 400;\">CVE-2020-1472<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">ZeroLogon<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Netlogon Remote Protocol (MS-NRPC)<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Elevation of privilege<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-0688\"><span style=\"font-weight: 400;\">CVE-2020-0688<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Microsoft Exchange Server<\/span><\/td>\n<td><span style=\"font-weight: 400;\">RCE<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11510\"><span style=\"font-weight: 400;\">CVE-2019-11510<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Pulse Secure Pulse Connect Secure<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Arbitrary file reading<\/span><\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-13379\"><span style=\"font-weight: 400;\">CVE-2018-13379<\/span><\/a><\/td>\n<td><span style=\"font-weight: 400;\">\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Fortinet FortiOS and FortiProxy<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Path traversal<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span style=\"font-weight: 400;\">The cybersecurity authorities encourage organizations to apply the recommendations which are delineated within the Mitigations section of the alert. These mitigations include applying timely patches to systems and implementing a centralized patch management system to reduce the risk of compromise by malicious cyber actors.<\/span><\/p>\n<h3><b>DNS Remains a Dangerous Attack Vector<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">DNS, as always, is constantly leveraged by threat actors. It is almost impossible for attack chains to unfold without using DNS services. Security through DNS, such as that provided by BloxOne Threat Defense, is designed to prevent users\u2019 connection to malicious destinations, and to detect anomalous behaviors in the network such as C&amp;C communications, advanced persistent threat activity, domain generation algorithm (DGA) activity, botnet communications, DNS tunneling, and data exfiltration.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Infoblox security also integrates with Security Orchestration Automation and Remediation (SOAR) systems, ITSM solutions, vulnerability scanners and other security ecosystem tools to trigger remediation actions automatically when any malicious activity is detected. This can help speed up an organization\u2019s response to security events and rapid threat containment.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DNS logs hold a wealth of data which can be leveraged across your cybersecurity ecosystem. Analyzing DNS logs is a highly effective way to see what resources a client has been accessing historically. DHCP fingerprint and IPAM (IP Address Management) metadata provide contextual information on compromised devices such as type of device, OS information, network location and current and historical IP address allocations. All this information helps your security operations center (SOC) team more rapidly correlate events and understand the scope of a breach.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To find out more about how Infoblox can help improve your security posture, please reach out to us via <\/span><a href=\"https:\/\/info.infoblox.com\/contact-form\/\"><span style=\"font-weight: 400;\">https:\/\/info.infoblox.com\/contact-form\/<\/span><\/a><span style=\"font-weight: 400;\">.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Download the full <\/span><a href=\"https:\/\/www.cisa.gov\/uscert\/sites\/default\/files\/publications\/AA22-117A_Joint_CSA_2021_Top_Routinely_Exploited_Vulnerabilities_Final.pdf\"><span style=\"font-weight: 400;\">Joint Cybersecurity Advisory: 2021 top Routinely Exploited Vulnerabilities (pdf, 777kb).<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">A June 2021 <\/span><a href=\"https:\/\/info.infoblox.com\/resources-whitepapers-gartner-how-can-organizations-use-dns-to-improve-their-security-posture.html\"><span style=\"font-weight: 400;\">Gartner report<\/span><\/a><span style=\"font-weight: 400;\"> recommends organizations leverage DNS logs for threat detection and forensic purposes with their Security Information and Event Management platforms.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-7683 size-full\" src=\"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/shields-up.png\" alt=\"\" width=\"512\" height=\"137\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/shields-up.png 512w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/shields-up-300x80.png 300w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Russia\u2019s invasion of Ukraine could impact organizations both within and beyond the region, to include <\/span><a href=\"https:\/\/www.cisa.gov\/uscert\/russia\"><span style=\"font-weight: 400;\">malicious cyber activity<\/span><\/a><span style=\"font-weight: 400;\"> against the U.S. homeland, including as a response to the unprecedented economic costs imposed on Russia by the U.S. and our allies and partners. Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization\u2014large and small\u2014must be prepared to respond to disruptive cyber incidents. As the nation\u2019s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. When cyber incidents are reported quickly, we can use this information to render assistance and as a warning to prevent other organizations and entities from falling victim to a similar attack.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Organizations should report anomalous cyber activity and\/or cyber incidents 24\/7 to report@cisa.gov or (888) 282-0870.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key [&hellip;]<\/p>\n","protected":false},"author":324,"featured_media":7741,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[527,381,620,700,701,360],"class_list":{"0":"post-7738","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-vulnerability","9":"tag-exploit","10":"tag-log4shell","11":"tag-proxyshell","12":"tag-zerologon","13":"tag-dns-security","14":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>2021 Most Exploited Vulnerabilities<\/title>\n<meta name=\"description\" content=\"2021 Most Exploited Vulnerabilities. Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the CISA Known Exploited Vulnerabilities Catalog.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"2021 Most Exploited Vulnerabilities\" \/>\n<meta property=\"og:description\" content=\"2021 Most Exploited Vulnerabilities. Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the CISA Known Exploited Vulnerabilities Catalog.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-17T01:20:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/unlocked-lock-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"441\" \/>\n\t<meta property=\"og:image:height\" content=\"340\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Zuckerman\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Zuckerman\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/\"},\"author\":{\"name\":\"Michael Zuckerman\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/212816c17be869578ba1574b5fc7abf4\"},\"headline\":\"2021 Most Exploited Vulnerabilities\",\"datePublished\":\"2022-05-17T01:20:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/\"},\"wordCount\":1195,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/unlocked-lock-1.jpg\",\"keywords\":[\"vulnerability\",\"exploit\",\"log4shell\",\"proxyshell\",\"zerologon\",\"DNS Security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/\",\"name\":\"2021 Most Exploited Vulnerabilities\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/unlocked-lock-1.jpg\",\"datePublished\":\"2022-05-17T01:20:29+00:00\",\"description\":\"2021 Most Exploited Vulnerabilities. Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the CISA Known Exploited Vulnerabilities Catalog.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/unlocked-lock-1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/unlocked-lock-1.jpg\",\"width\":441,\"height\":340},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/2021-most-exploited-vulnerabilities\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"2021 Most Exploited Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/212816c17be869578ba1574b5fc7abf4\",\"name\":\"Michael Zuckerman\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"caption\":\"Michael Zuckerman\"},\"description\":\"Michael Zuckerman is a seasoned B2B product marketing and marketing strategy consultant with experience in the cybersecurity marketplace. Zuckerman\u2019s domain experience in cybersecurity over the past 10 years includes DNS security, threat intelligence, threat intelligence platforms (TIP), container security, mobile device security, moving target defense, network threat analysis (AI), sandbox, deception technology, cloud access security brokers (CASB), SASE, AI based SIEM, secure collaborative governance, and related technology sets to include data loss prevention (DLP), user and entity behavior analytics (UEBA), and encryption.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/michael-zuckerman\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"2021 Most Exploited Vulnerabilities","description":"2021 Most Exploited Vulnerabilities. Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the CISA Known Exploited Vulnerabilities Catalog.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"2021 Most Exploited Vulnerabilities","og_description":"2021 Most Exploited Vulnerabilities. Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the CISA Known Exploited Vulnerabilities Catalog.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/","og_site_name":"Infoblox Blog","article_published_time":"2022-05-17T01:20:29+00:00","og_image":[{"width":441,"height":340,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/unlocked-lock-1.jpg","type":"image\/jpeg"}],"author":"Michael Zuckerman","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Michael Zuckerman","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/"},"author":{"name":"Michael Zuckerman","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/212816c17be869578ba1574b5fc7abf4"},"headline":"2021 Most Exploited Vulnerabilities","datePublished":"2022-05-17T01:20:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/"},"wordCount":1195,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/unlocked-lock-1.jpg","keywords":["vulnerability","exploit","log4shell","proxyshell","zerologon","DNS Security"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/","url":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/","name":"2021 Most Exploited Vulnerabilities","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/unlocked-lock-1.jpg","datePublished":"2022-05-17T01:20:29+00:00","description":"2021 Most Exploited Vulnerabilities. Cybersecurity authorities just issued alert AA22-117A, which provides information on the top 15 Common Vulnerabilities and Exposures (CVEs) most frequently used and exploited by malicious cyber actors in 2021. This important alert was co-authored by the cybersecurity authorities from the United States, Australia, New Zealand, Canada, and the United Kingdom. In the United States, key participants included the Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Please note that there are approximately 611 more dangerous CVEs in the CISA Known Exploited Vulnerabilities Catalog.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/unlocked-lock-1.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/unlocked-lock-1.jpg","width":441,"height":340},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/2021-most-exploited-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"2021 Most Exploited Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/212816c17be869578ba1574b5fc7abf4","name":"Michael Zuckerman","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","caption":"Michael Zuckerman"},"description":"Michael Zuckerman is a seasoned B2B product marketing and marketing strategy consultant with experience in the cybersecurity marketplace. Zuckerman\u2019s domain experience in cybersecurity over the past 10 years includes DNS security, threat intelligence, threat intelligence platforms (TIP), container security, mobile device security, moving target defense, network threat analysis (AI), sandbox, deception technology, cloud access security brokers (CASB), SASE, AI based SIEM, secure collaborative governance, and related technology sets to include data loss prevention (DLP), user and entity behavior analytics (UEBA), and encryption.","url":"https:\/\/www.infoblox.com\/blog\/author\/michael-zuckerman\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/7738","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/324"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=7738"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/7738\/revisions"}],"predecessor-version":[{"id":7742,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/7738\/revisions\/7742"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/7741"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=7738"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=7738"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=7738"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}