Vulnerability Trends Summary

 

As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cybersecurity communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.

Subscribe to the monthly vulnerability digest report by clicking here.

The following chart shows the trends.

In June 2021 we see that Windows Print Spooler services grabbed all attention of the cybersecurity community as this vulnerability alone has more than half of June’s cybersecurity trends. Also, Linux systems were not safe as PolKit has a critical vulnerability discovered in June as well.

Additionally, we see in June 2021 critical vulnerabilities in security products like Carbon Black, SonicOS, and ForgeRock.

The following table shows the details of the trends.

CVEVulnerabilityPublish DateExploitedTrends*
CVE-2021-1675Print Spooler Service RCE in Windows08/05/2021Yes53%
CVE-2021-3560Privilege Escalation in PolKit03/05/2021Yes18%
CVE-2021-32934ThroughTek P2P Credential Access16/05/2021Yes5%
CVE-2021-30724Privilege Escalation in MacOs and iOS03/05/2021No5%
CVE-2021-21998Carbon Black Authentication Bypass22/05/2021No4%
CVE-2021-31955Windows Kernel Information Disclosure08/05/2021Yes4%
CVE-2021-31956Windows Privilege Escalation08/05/2021Yes4%
CVE-2021-20019Information Leakage in SonicOS23/05/2021Yes3%
CVE-2021-33739Windows Privilege Escalation08/05/2021Yes3%
CVE-2021-35464RCE in ForgeRock Access Manager29/05/2021Yes2%

Subscribe to the monthly vulnerability digest report by clicking here.

 

1. CVE-2021-1675 Print Spooler Service RCE in Windows

A remote code execution vulnerability exists in Print Spooler Service. This vulnerability is dubbed as PrintNightmare.

CVSS Rate8.8 High
ExploitedYes
Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675

https://github.com/calebstewart/CVE-2021-1675

 

2. CVE-2021-3560 Privilege Escalation in PolKit

Local privilege escalation in PolKit allows an attacker to bypass credential checks and to create a local user with root/administrator privileges.

CVSS Rate7.8 High
ExploitedYes
Links

 

3. CVE-2021-32934 ThroughTek P2P Credential Access

ThroughTek P2P SDK has allows attacker to access credential and other sensitive information as the P2P productions do not sufficiently protect data transferred between the local device and ThroughTek servers.

CVSS Rate9.1 Critical
ExploitedYes
Links

https://us-cert.cisa.gov/ics/advisories/icsa-21-166-01

 

4. CVE-2021-30724 Privilege Escalation in MacOS and iOS 

A privilege escalation vulnerability was discovered in Core Virtual Machine Server (CVMServer) of MacOS. The vulnerability is triggered by an integer overflow leading to an out-of-bounds memory access, from which point privilege escalation can be attained. It affects devices running older versions of macOS Big Sur 11.4, iOS 14.6, and iPadOS 14.6.

CVSS Rate7.3 High
Exploited

No

Links

https://www.trendmicro.com/en_ae/research/21/f/CVE-2021-30724_CVMServer_Vulnerability_in_macOS_and_iOS.html

 

5. CVE-2021-21998 Carbon Black Authentication Bypass

VMware Carbon Black App Control has an authentication bypass that allows a malicious actor with network access to the management server might be able to obtain administrative access without the need to authenticate.

CVSS Rate9.8 Critical
ExploitedNo
Linkshttps://www.vmware.com/security/advisories/VMSA-2021-0012.html

 

6. CVE-2021-31955 Windows Kernel Information Disclosure

A vulnerability exists in Windows that allows a local unprivileged user toread contents of Kernel memory from a user mode process. An attacker could use this vulnerability to disclose information from the system, such as kernel addresses.

CVSS Rate5.5 Medium
ExploitedYes
Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31955

 

7. CVE-2021-31956 Privilege Escalation in Windows

A local privilege escalation vulnerability exists in Windows NTFS where an attacker can exploit this vulnerability to take control of the vulnerability system.

CVSS Rate7.8 High
ExploitedYes
Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956

 

8. CVE-2021-20019 Information Leakage in SonicOS

A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.

CVSS Rate7.5 High
ExploitedNo
Links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006

 

9. CVE-2021-33739 Privilege Escalation in Windows

Improper privilege management vulnerability exists in Microsoft Windows Desktop Manager that allows privilege escalation.

CVSS Rate7.8 High
ExploitedYes
Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33739

https://github.com/mavillon1/CVE-2021-33739-POC

 

10. CVE-2021-35464 RCE in ForgeRock Access Manager

Remote access code execution vulnerability was found in ForgeRock Access Management solution. This vulnerability requires authentication.

CVSS Rate8.0 High
ExploitedYes
Links

https://backstage.forgerock.com/knowledge/kb/article/a47894244

https://portswigger.net/research/pre-auth-rce-in-forgerock-openam-cve-2021-35464

 

ScanTitan is the leading website security portal that offers website vulnerability scanning, website malware scanning, uptime monitoring, cyber brand monitoring, defacement monitoring, and continuous threat monitoring and alerting.

Now you can find the latest Scantitan promotions through our official coupon store