CSW Discovers its 50th Zero Day!

August 2021: Patch Watch Digest

Posted on Sep 14, 2021 | By Pavithra Shankar

Highlights of August Digest

Weaponized Vulnerabilities

We have 195 vulnerabilities that are known exploits. Here is our analysis –

  • 4 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.

  • 4 CVEs are linked to APT 1, APT 10,  TA505,  FIN11, Carbanak, and Pinchy Spider.

  • 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and HELAUTO) are correlated to 2 CVEs.

  • 34 CVEs are classified as Remote Code Execution.

  • 32 CVEs have Privilege Escalation capabilities.

  • 8 CVEs with Cross-Site Scripting flaws.

  • 31 CVEs are linked to Denial of Service.

  • 90 CVEs fall into other categories.

  • Of these 195 weaponized CVEs, three are alerted by CISA.

  • 48 CVEs are rated critical and 92 are of high severity.

Click here for our analysis and download patches.

CSW Alerts

Our Cyber Risk Series and CSW blogs have highlighted the vulnerabilities CVE-2020-1472, CVE-2021-34527, CVE-2020-0549, CVE-2020-2555, CVE-2020-13935, and CVE-2020-9484 which were all fixed this August. All of these vulnerabilities should be patched as soon as possible with the latest security patches.

Old Vulnerabilities

449 Old vulnerabilities have been fixed by vendors, ranging from the year 2002 to 2020. 

  • 4 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.

  • 4 CVEs are linked to APT 1, APT 10,  TA505,  FIN11, Carbanak, and Pinchy Spider.

  • 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and  HELAUTO) are correlated to 2 CVEs.

  • 15 CVEs are featured by CISA.

  • Of these, 88 CVEs have known exploits.

  • 11 CVEs with Privilege Escalation.

  • 11 CVEs are Remote Code Execution bugs.

  • 67 CVEs are rated critical and 229 are of high severity. 

Click here for our analysis and download patches.

Microsoft August Patches 2021

Microsoft plugged 44 vulnerabilities including 3 zero-days. Of these 44 CVEs,  CVE-2021-36942 (PetitPotam) in Windows Update Medic Service with Elevation of Privilege have publicly available PoC and remain vulnerable to active exploitation. We recommend Microsoft users to address the  NTLM problem as top priority. 

Check out our Microsoft patch watch edition here.

CISA Alerts

CISA has issued alerts for 49 vulnerabilities, including 3 publicly-known exploits.

  • 3 CVEs are associated with LockFile, Magniber and ViceSociety Ransomware.

  • 1 CVE is classified as a Remote Code Execution bug.

  • 1 CVE with Privilege Escalation.

  • 12 CVEs are rated critical and 9 are of high severity.

Click here for our analysis and download patches.

Table: Security Patches for August 2021

According to Kaspersky report, exploits against systems with unpatched vulnerabilities were the second most prevalent initial attack vector in 2020. Hence, strong patch management and password management procedures will prevent the majority of security problems.

Test your defense to know how secure you are…