Vulnerability Trends Summary
As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cybersecurity communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.
Subscribe to the monthly vulnerability digest report by clicking here.
The following chart shows the trends.
In August 2021 there are no major vulnerabilities that hijacked all community attentions. However, still critical vulnerabilities are hitting the Windows Print Spooler service.
Other important vulnerabilities were disclosed in some IoT devices, Cisco Routers, and OpenSSL.
The following table shows the details of the trends.
| CVE | Vulnerability | Publish Date | Exploited | Trends* |
| CVE-2021-26084 | Confluence Server RCE | 26/08/2021 | Yes | 24% |
| CVE-2021-36958 | RCE in Windows Print Spooler Service | 11/08/2021 | Yes | 18% |
| CVE-2021-39137 | Consensus Vulnerability in Go-Ethereum | 24/08/2021 | No | 15% |
| CVE-2021-28372 | Credential Leak in TUTK device | 17/08/2021 | Yes | 13% |
| CVE-2021-22937 | Code Execution in Pulse Connect Secure | 05/08/2021 | Yes | 9% |
| CVE-2021-35395 | Realtek APRouter SDK Remote Code Execution | 16/08/2021 | Yes | 6% |
| CVE-2021-34730 | Denial of Service in Cisco Routers | 18/08/2021 | No | 6% |
| CVE-2021-30563 | Elevation of Privilege in Windows | 10/08/2021 | No | 4% |
| CVE-2021-33910 | Code Execution in OpenSSL | 24/08/2021 | No | 3% |
| CVE-2021-36936 | RCE in Windows Print Spooler | 10/08/2021 | No | 2% |
Subscribe to the monthly vulnerability digest report by clicking here.
1. CVE-2021-26084 Confluence Server RCE
OGNL (Object-Graph) injection vulnerability exists that would allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance.
| CVSS Rate | 9.8 Critical |
| Exploited | Yes |
| Links | https://jira.atlassian.com/browse/CONFSERVER-67940https://packetstormsecurity.com/files/164013/Confluence-Server-7.12.4-OGNL-Injection-Remote-Code-Execution.html |
2. CVE-2021-36958 RCE in Windows Print Spooler Service
Remote Code Execution vulnerability exists in Windows Print Spooler service. This vulnerability is different than the previous ones.
| CVSS Rate | 7.8 High |
| Exploited | Yes |
| Links | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36958https://platform.twitter.com/embed/Tweet.html?creatorScreenName=scantitan&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416429860566847490&lang=en&origin=https%3A%2F%2Fscantitan.com%2Fblog%2Fmonthly-vulnerability-digest%2Faugust-2021-vulnerability-trends%2F&sessionId=a572f66b6328eda27132aaf89c9fc10044bbebc8&siteScreenName=scantitan&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px |
3. CVE-2021-39137 Consensus Vulnerability in Go-Ethereum
The library go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions, a consensus vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain.
| CVSS Rate | 7.5 High |
| Exploited | No |
| Links | https://github.com/ethereum/go-ethereum/releases/tag/v1.10.8 |
4. CVE-2021-28372 Credential Leak in TUTK device
ThroughTek’s Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID). This could result in an attacker hijacking a victim’s connection and forcing them into supplying credentials needed to access the victim’s TUTK device.
| CVSS Rate | 8.3 High |
| Exploited | Yes |
| Links | https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0020/FEYE-2021-0020.md |
5. CVE-2021-22937 Code Execution in Pulse Connect Secure
A vulnerability in Pulse Connect Secure could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface.
| CVSS Rate | 7.2 High |
| Exploited | Yes |
| Links | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858/?kA23Z000000L6oySAChttps://research.nccgroup.com/2021/08/05/technical-advisory-pulse-connect-secure-rce-via-uncontrolled-archive-extraction-cve-2021-22937-patch-bypass/embed/#?secret=aNpkbCKpxf |
6. CVE-2021-35395 Realtek APRouter SDK Remote Code Execution
Buffer overflow vulnerability exists in Realtek ARPRouter SDK that causes remote code execution in the devices that utilize this SDK.
7. CVE-2021-34730 Denial of Service in Cisco Routers
A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.
| CVSS Rate | 9.8 Critical |
| Exploited | No |
| Links | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5 |
8. CVE-2021-30563 Elevation of Privilege in Windows
An actively exploited vulnerability exists in the Windows Update Medic service that allows an elevation of privileges.
| CVSS Rate | 7.8 High |
| Exploited | No |
| Links | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36948 |
9. CVE-2021-33910 Code Execution in OpenSSL
In OpenSSL SM2 decryption code has a buffer overflow that leads to code execution when calling the API function to decrypt SM2 encrypted data.
| CVSS Rate | 9.8 Critical |
| Exploited | No |
| Links | https://www.openssl.org/news/secadv/20210824.txt |
10. CVE-2021-36936 RCE in Windows Print Spooler
Again, a vulnerability exists in the Windows Pring Spooler servicer that leads to remote code execution. The relation with the last month’s RCE (CVE-2021-34527) is not clear.
| CVSS Rate | 9.8 Critical |
| Exploited | No |
| Links | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36936 |
ScanTitan is the leading website security portal that offers website vulnerability scanning, website malware scanning, uptime monitoring, cyber brand monitoring, defacement monitoring, and continuous threat monitoring and alerting.
Now you can find the latest Scantitan promotions through our official coupon store.
