Vulnerability Trends Summary
As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cybersecurity communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.
Subscribe to the monthly vulnerability digest report by clicking here.
Download the full vulnerability digest report by clicking here.
The following chart shows the trends.
In December 2020, SolarWinds cybersecurity news grabbed the majority of community attention due to the impact that happened on big organizations, security companies, and government entities that use SolarWinds products.
However, 2020 ended with many other critical security vulnerabilities like Struts 2 RCE and Contact Form 7 arbitrary file upload.
The following table shows the details of the trends.
| CVE | Vulnerability | Publish Date | Exploited | Trends* |
| CVE-2020-17530 | Remote Code Execution in Struts 2 | 08/11/2020 | Yes | 18% |
| CVE-2020-10148 | Remote Code Execution in SolarWinds | 26/11/2020 | Yes | 15% |
| CVE-2020-8554 | MiTM in Kubernetes | 07/11/2020 | Yes | 14% |
| CVE-2020-35489 | Arbitrary File Upload in Contact Form 7 | 17/11/2020 | Yes | 10% |
| CVE-2020-29583 | Default Account in ZYXEL devices | 22/11/2020 | Yes | 10% |
| CVE-2020-35606 | Command Execution in Webmin | 21/11/2020 | Yes | 7% |
| CVE-2020-1971 | Denial of Service in OpenSSL | 08/11/2020 | No | 7% |
| CVE-2020-29492 | Insecure Configuration in Wyse Dell | 21/11/2020 | Yes | 7% |
| CVE-2020-25179 | Unprotected Credentials in GE Ultrasound Products | 09/11/2020 | No | 6% |
| CVE-2020-17141 | Remote Code Execution in MS Exchange Server | 09/11/2020 | Yes | 6% |
Subscribe to the monthly vulnerability digest report by clicking here.
Download the full vulnerability digest report by clicking here.
1.CVE-2020-17530
Apache Struts 2 has remote code execution vulnerability when using forced OGNL evaluation on untrusted
user input. This affects Struts 2.0.0 – Struts 2.5.25.
| CVSS Rate | 9.8 CRITICAL |
| Exploited | Yes |
| Links |
2.CVE-2020-10148
The SolarWinds Orion API is vulnerable to authentication bypass which allows remote code execution
without requiring authentication. This vulnerability is known as SUNBURST backdoor.
| CVSS Rate | 9.8 CRITICAL |
| Exploited | Yes |
| Links |
3.CVE-2020-8554
Man-in-The-Middle vulnerability exists in Kubernetes which affects mainly multitenant deployments where
a user with no special permission is able to exploit this vulnerability.
| CVSS Rate | 9.8 CRITICAL |
| Exploited | Yes |
| Links |
4.CVE-2020-35489
Unrestricted file upload vulnerability exists in Contact Form 7 the common WordPress plugin where there is
no validation for Unicode special character.
| CVSS Rate | 10.0 CRITICAL |
| Exploited | Yes |
| Links |
5.CVE-2020-29583
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an
unchangeable password. The password for this account can be found in cleartext in the firmware. This
account can be used by someone to login to the ssh server or web interface with admin privileges.
| CVSS Rate | 7.8 HIGH |
| Exploited | Yes |
| Links | https://www.zyxel.com/support/CVE-2020-29583.shtml https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html |
6.CVE-2020-35606
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package
Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C.
| CVSS Rate | 8.8 HIGH |
| Exploited | Yes |
| Links | https://www.exploit-db.com/exploits/49318 |
7.CVE-2020-1971
OpenSSL 1.1 has a remote denial of service (DoS) vulnerability because of NULL point reference issue.
| CVSS Rate | 5.9 MEDIUM |
| Exploited | No |
| Links | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920 |
8.CVE-2020-29492
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote
unauthenticated attacker could potentially exploit this vulnerability to access the writable file and
manipulate the configuration of any target specific station.
| CVSS Rate | 10.0 CRITICAL |
| Exploited | Yes |
| Links | https://www.dell.com/support/kbdoc/cs-cz/000180768/dsa-2020-281 https://www.cybermdx.com/vulnerability-research-disclosures/dell-wyse-thin-client-vulnerability |
9.CVE-2020-25179
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during
transport over the network.
| CVSS Rate | 9.8 CRITICAL |
| Exploited | No |
| Links | https://us-cert.cisa.gov/ics/advisories/icsma-20-343-01 |
10.CVE-2020-17141
Microsoft Exchange Server has remote code execution allows remote attackers to disclose information on
affected installations of Exchange Server. Authentication is required to exploit this vulnerability.
| CVSS Rate | 8.4 HIGH |
| Exploited | Yes |
| Links | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17140 |
