CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK)  have released a joint Cybersecurity Advisory that provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.

Key Takeaways

• Log4Shell, despite being disclosed only at the end of 2021, topped the list of most-exploited vulnerabilities.
• This report serves as a reminder that bad actors don’t need to develop sophisticated tools when they can just exploit publicly known vulnerabilities.
• The vulnerabilities listed allow bad actors to perform a variety of attacks, including stealing credentials, gaining access to networks, remotely executing commands, downloading and executing malware, or stealing information from devices.
• To mitigate the threats, the cybersecurity authorities recommend prioritizing and strengthening:
  • Vulnerability and configuration management (including software updates, operating systems, applications, and firmware in a timely manner and replace end-of-life software
  • Identity and access management, including enforce multifactor authentication (MFA) for all users, without exception
  • Properly configure and secure internet-facing network devices, disable unused or unnecessary network ports and protocols, encrypt network traffic, and disable unused network services and devices