The US Government Reveals Top Vulnerabilities Exploited by Chinese-state Actors

  |  Source: 
Critical Infrastructure

The US Government Reveals Top Vulnerabilities Exploited by Chinese-state Actors

Category: Vulnerabilities | Industries: Critical Infrastructure, Industrial, Technology and Telecommunications | Level: Tactical | Source: CISA

A joint advisory shared by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) provides a list of the most exploited vulnerabilities by the People’s Republic of China (PRC) since 2020. The list includes notable CVEs, such as Log4Shell (CVE-2021-44228), ProxyLogon (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), VMware file upload (CVE-2021-22005) and others. "PRC state-sponsored cyber actors continue to target government and critical infrastructure networks with an increasing array of new and adaptive techniques—some of which pose a significant risk to Information Technology Sector organizations (including telecommunications providers), Defense Industrial Base (DIB) Sector organizations, and other critical infrastructure organizations." The US agencies’ recommendations against these threats include patching vulnerable hosts as soon as possible, implementing MFA, removing network infrastructure when it reached its end-of-life cycle, and implementing robust logging for detection.

Anvilogic Use Cases:

  • Potential Exploit: CVE-2021-22005
  • Potential CVE-2021-44228 - Log4Shell
  • Potential Confluence: CVE-2021-26084
  • Potential ProxyShell
  • Directory Traversal

Get trending threats published weekly by the Anvilogic team.

Sign Up Now