Top 10 most exploited vulnerabilities from 2020
Vulnerability intelligence-as-a-service outfit vFeed has compiled a list of the top 10 most exploited vulnerabilities from 2020, and among them are SMBGhost, Zerologon, and SIGRed.
What is vFeed?
vFeed analyzes a variety of vendor advisories and third-party sources, correlates the gathered info, and compiles and constantly updates a vulnerability and threat intelligence database/feed that SOC and security teams can use to prioritize the remediation of security issues.
In most cases, securing and protecting companies networks from attack is as easy as downloading the update containing a patch for the indicated vulnerability, but when exploit code is freely available – distributed through diverse channels such as Github and Twitter – for potential attackers to use, it’s vital to do so as soon as possible, notes NJ Ouchn, founder of vFeed.
The list
The company compiled the top 10 most exploited vulnerabilities from 2020 list based on how many proof-of-concept exploits are out there (per vulnerability), how easily the vulnerability can be exploited, how many malware-based campaigns are using it, and so on.
The list includes:
- CVE-2020-0796 (aka SMBGhost)
- CVE-2020-5902
- CVE-2020-1472 (aka Zerologon)
- CVE-2020-0601 (aka CurveBall)
- CVE-2020-14882
- CVE-2020-1938 (aka GhostCat)
- CVE-2020-3452
- CVE-2020-0688
- CVE-2020-16898 (aka Bad Neighbor)
- CVE-2020-1350 (aka SIGRed)