2 min read

CISA Names Top 12 Vulnerabilities for 2021

Featured Image


The Cybersecurity & Infrastructure Security Agency (CISA) along side the Australian Cyber Security Center (ACSC), the United Kingdom's National Cyber Security Center (NCSC), and the Federal Bureau of Investigation (FBI) have named their TOP 30 vulnerabilities (so far) for 2021.

You can find the whole list over at CISA.gov but we've reposted the top 12 threats below. They are:

Vendor CVE Type



arbitrary code execution


CVE 2019-11510

arbitrary file reading


CVE 2018-13379

path traversal

F5- Big IP

CVE 2020-5902

remote code execution (RCE)


CVE 2020-15505












CVE 2019-18935







elevation of privilege



elevation of privilege

There's a LOT of information in regards to the vulnerabilities. The authors of the post go very, very in depth. It's worth the read if you've got a chance. 

There are mitigation recommendations and indicators of compromise included as well. Again, you can read the full article at the link above but we've included the pertinent information here.

Mitigations and Indicators of Compromise

One of the most effective best practices to mitigate many vulnerabilities is to update software versions once patches are available and as soon as is practicable. If this is not possible, consider applying temporary workarounds or other mitigations, if provided by the vendor. If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the largest number of potential attackers (such as internet-facing systems). This advisory highlights vulnerabilities that should be considered as part of the prioritization process. To further assist remediation, automatic software updates should be enabled whenever possible. 

Focusing scarce cyber defense resources on patching those vulnerabilities that cyber actors most often use offers the potential of bolstering network security while impeding our adversaries’ operations. For example, nation-state APTs in 2020 extensively relied on a single RCE vulnerability discovered in the Atlassian Crow, a centralized identity management and application (CVE-2019-11580) in its reported operations. A concerted focus on patching this vulnerability could have a relative broad impact by forcing the actors to find alternatives, which may not have the same broad applicability to their target set. 

Additionally, attackers commonly exploit weak authentication processes, particularly in external-facing devices. Organizations should require multi-factor authentication to remotely access networks from external sources, especially for administrator or privileged accounts.

Again, worth the read if you get the chance.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Are Passkeys the Future? Apple Seems to Think So...

It's no secret that passwords are a pain in the butt. They can be difficult to remember, they're a huge target for cybercriminals, etc.

Read More

Alert: Follina aka CVE-2022-30190

A newly discovered exploit is using a flaw in Microsoft's Support Diagnostic Tool (MSDT) to remotely take over end-points via compromised Word...

Read More

Chaos/Yashma: The Torrid Tale of a GUI Based Ransomware Builder...

It used to take a good deal of coding knowledge to build a website or an application. That's not the case anymore. You can build a website in...

Read More