The Most Commonly Exploited Vulnerabilities in Technology in 2018
Most Commonly Exploited Vulnerabilities
In 2018, cyber threat actors were able to take advantage of new, publicly disclosed vulnerabilities to compromise systems, making them a prime target for hackers. While the vast majority of these vulnerabilities are preventable, some are particularly egregious and may even be difficult to detect. According to the US Cybersecurity and Infrastructure Security Agency, 85 percent of targeted attacks can be prevented. This alert identifies the 30 most commonly exploited vulnerabilities in technology. These flaws can result in disastrous consequences, compromising an organization’s reputation and exposing confidential information.
One of the most commonly exploited vulnerabilities is a flaw in Microsoft’s Object Linking and Embedding (OLE) technology. This flaw allows documents to contain embedded content, such as spreadsheets. This type of attack can be triggered through a variety of vulnerabilities, including remote work and malicious software. This list also includes dated vulnerabilities that have been linked to remote work. However, the list is not comprehensive.
The Log4Shell vulnerability was disclosed at the end of last year. Its details quickly went public, leaving responsible organizations scrambling to understand its exposure and apply patches to their systems in a timely manner. Researchers noted that early attempts at patching this bug were inadequate, and it’s no wonder it’s on the list of most commonly exploited vulnerabilities for 2018.
Another widely exploited vulnerability is the XSS flaw. While it’s a very common flaw, it has become harder to exploit in recent years, due to better browser-based protection. XSS flaws allow an attacker to execute scripts on a victim’s web browser without the victim’s knowledge. The flaw can result in remote code execution, replay attacks, and injection attacks. Fortunately, the most common exploits of XSS are relatively easy to prevent with proper validation, careful application design, and significant architectural changes.
The Most Commonly Exploited Vulnerabilities in Technology in 2018
Another widely exploited vulnerability affects Microsoft Exchange Server. The attack chain involves a remote code execution flaw in the Exchange server. An attacker must first find a server running Exchange and then determine which account they can extract email from. Threat actors often use web shells to maintain persistence in the compromised server and conduct malicious actions. This flaw, originally discovered as a small bug, quickly turned into a full-blown panic. Using a series of Exchange bugs to access vulnerable servers, attackers were able to set up a web shell and steal information.
In a nutshell, vulnerabilities are holes in the software or hardware that allow an attacker to access sensitive data. When exploited, these vulnerabilities can allow an attacker to obtain direct access to the system, run code, and even install malware. Some of these vulnerabilities can even let attackers pose as a system administrator or super user and access sensitive data. The possibilities are endless! So it is imperative to protect your systems and data from these risks.
The increasing number of attacks stems from proof-of-concept (POC) code releases by hackers. IT researchers release these proof-of-concept codes weeks after publicly releasing the vulnerability. Malicious actors can then use these codes to target a wider network of organizations. This bug was discovered in December and the North Korean government began mass exploitation in September 2021. The latest vulnerability was CVE-2021-26084.
