August 2021 Vulnerability Trends

Facebook
Twitter
LinkedIn
StumbleUpon

Vulnerability Trends Summary

As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cybersecurity communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.

Subscribe to the monthly vulnerability digest report by clicking here.

The following chart shows the trends.

Vulnerability Trends August 2021

In August 2021 there are no major vulnerabilities that hijacked all community attentions. However, still critical vulnerabilities are hitting the Windows Print Spooler service.

Other important vulnerabilities were disclosed in some IoT devices, Cisco Routers, and OpenSSL.

The following table shows the details of the trends.

CVEVulnerabilityPublish DateExploitedTrends*
CVE-2021-26084Confluence Server RCE26/08/2021Yes24%
CVE-2021-36958RCE in Windows Print Spooler Service11/08/2021Yes18%
CVE-2021-39137Consensus Vulnerability in Go-Ethereum24/08/2021No15%
CVE-2021-28372Credential Leak in TUTK device17/08/2021Yes13%
CVE-2021-22937Code Execution in Pulse Connect Secure05/08/2021Yes9%
CVE-2021-35395Realtek APRouter SDK Remote Code Execution  16/08/2021Yes6%
CVE-2021-34730Denial of Service in Cisco Routers18/08/2021No6%
CVE-2021-30563Elevation of Privilege in Windows10/08/2021No4%
CVE-2021-33910Code Execution in OpenSSL24/08/2021No3%
CVE-2021-36936RCE in Windows Print Spooler10/08/2021No2%

Subscribe to the monthly vulnerability digest report by clicking here.

1. CVE-2021-26084 Confluence Server RCE

OGNL (Object-Graph) injection vulnerability exists that would allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance.

CVSS Rate9.8 Critical
ExploitedYes
Linkshttps://jira.atlassian.com/browse/CONFSERVER-67940https://packetstormsecurity.com/files/164013/Confluence-Server-7.12.4-OGNL-Injection-Remote-Code-Execution.html

2. CVE-2021-36958 RCE in Windows Print Spooler Service

Remote Code Execution vulnerability exists in Windows Print Spooler service. This vulnerability is different than the previous ones.

CVSS Rate7.8 High
ExploitedYes
Linkshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36958https://platform.twitter.com/embed/Tweet.html?creatorScreenName=scantitan&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416429860566847490&lang=en&origin=https%3A%2F%2Fscantitan.com%2Fblog%2Fmonthly-vulnerability-digest%2Faugust-2021-vulnerability-trends%2F&sessionId=a572f66b6328eda27132aaf89c9fc10044bbebc8&siteScreenName=scantitan&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px 

3. CVE-2021-39137 Consensus Vulnerability in Go-Ethereum 

The library go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions, a consensus vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain.

CVSS Rate7.5 High
ExploitedNo
Linkshttps://github.com/ethereum/go-ethereum/releases/tag/v1.10.8

4. CVE-2021-28372 Credential Leak in TUTK device 

ThroughTek’s Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID). This could result in an attacker hijacking a victim’s connection and forcing them into supplying credentials needed to access the victim’s TUTK device.

CVSS Rate8.3 High
ExploitedYes
Linkshttps://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0020/FEYE-2021-0020.md

5. CVE-2021-22937 Code Execution in Pulse Connect Secure 

A vulnerability in Pulse Connect Secure could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface.

CVSS Rate7.2 High
ExploitedYes
Linkshttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAChttps://research.nccgroup.com/2021/08/05/technical-advisory-pulse-connect-secure-rce-via-uncontrolled-archive-extraction-cve-2021-22937-patch-bypass/embed/#?secret=aNpkbCKpxf

6. CVE-2021-35395 Realtek APRouter SDK Remote Code Execution

Buffer overflow vulnerability exists in Realtek ARPRouter SDK that causes remote code execution in the devices that utilize this SDK.

CVSS Rate9.8 Critical
ExploitedYes
Linkshttps://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdfhttps://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/

7. CVE-2021-34730 Denial of Service in Cisco Routers

A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.

CVSS Rate9.8 Critical
ExploitedNo
Linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5

8. CVE-2021-30563 Elevation of Privilege in Windows

An actively exploited vulnerability exists in the Windows Update Medic service that allows an elevation of privileges.

CVSS Rate7.8 High
ExploitedNo
Linkshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36948

9. CVE-2021-33910 Code Execution in OpenSSL

In OpenSSL SM2 decryption code has a buffer overflow that leads to code execution when calling the API function to decrypt SM2 encrypted data.

CVSS Rate9.8 Critical
ExploitedNo
Linkshttps://www.openssl.org/news/secadv/20210824.txt

10. CVE-2021-36936 RCE in Windows Print Spooler

Again, a vulnerability exists in the Windows Pring Spooler servicer that leads to remote code execution. The relation with the last month’s RCE (CVE-2021-34527) is not clear.

CVSS Rate9.8 Critical
ExploitedNo
Linkshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36936

ScanTitan is the leading website security portal that offers website vulnerability scanning, website malware scanning, uptime monitoring, cyber brand monitoring, defacement monitoring, and continuous threat monitoring and alerting.

Now you can find the latest Scantitan promotions through our official coupon store

Related Post

Vulnerability Trends December 2020

Vulnerability Trends Summary As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware,

Read More

Vulnerability Trends January 2021

Vulnerability Trends Summary As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware,

Read More

Vulnerability Trends March 2021

Vulnerability Trends Summary As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware,

Read More

Vulnerability Trends February 2021

Vulnerability Trends Summary As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware,

Read More