Top 10 most exploited vulnerabilities that that attackers commonly exploit to gain unauthorized access, disrupt operations, or steal data.
Reason for Exploitation:
Unpatched System
Misconfiguration
Zero-Day Exploit
ZeroLogon: CVE-2020-1472
CVE Published: 08/11/2020
Severity: Critical
Affected Software: Zerologon
Log4Shell: CVE-2021-44228
CVE Published: 12/10/2021
Severity: Critical (As per CVSS 3.x)
Affected Software: Log4j
ICMAD: CVE-2022-22536
CVE Published: 02/09/2022
Severity: Critical (As per CVSS 3.x)
Affected Software: SAP NetWeaver Application Server ABAP & Java, ABAP Platform, SAP Content Server 7.53, and SAP Web Dispatcher
ProxyLogon: CVE-2021-26855
CVE Published: 03/02/2021
Severity: Critical (As per CVSS 3.x)
Affected Software: Microsoft Exchange Server
Spring4Shell: CVE-2022-22965
CVE Published: 04/01/2022
Severity: Critical (As per CVSS 3.x)
Affected Software: Spring MVC or Spring WebFlux
Atlassian Confluence RCE: CVE-2022-26134
CVE Published: 06/03/2022
Severity: Critical (As per CVSS 3.x)
Affected Software: Atlassian Confluence Server
VMware vSphere: CVE-2021-21972
CVE Published: 02/24/2021
Severity: Critical (As per CVSS 3.x)
Affected Software: vCenter Server plugin
Google Chrome Zero-Day: CVE-2022-0609
CVE Published: 04/04/2022
Severity: High (As per CVSS 3.x)
Affected Software: Google Chrome
Follina: CVE-2022-30190
CVE Published: 06/01/2022
Severity: High (As per CVSS 3.x)
Affected Software: MSDT
PetitPotam: CVE-2021-36942
CVE Published: 08/12/2021
Severity: Medium (As per CVSS 3.x)
Affected Software: vCenter Server plugin
Kommentare