2021 Ransomware Quarterly Index Update is here!

May 31: CSW Patch Watch & Security Updates

Posted on 11th Jun, 2021 | By Pavithra Shankar

Highlights of Patch Watch Issue 14

Weaponized Vulnerabilities

We have 11 vulnerabilities that are known exploits. Here are our findings –

  • 7 CVEs are RCE bugs.

  • 2 CVEs linked to Webapps.     

  • 7 CVEs are rated critical and 1 is of medium severity.

Click here for our analysis and download patches.

Old Vulnerabilities

245 Old vulnerabilities have been fixed, ranging from the year 2015 to 2020.

  • 4 CVEs have known exploits with RCE and webapp.

  • 39 CVEs are rated high and 108 are of high severity.

Click here for our analysis and download patches.

Notably, 52% of vulnerabilities are older weaknesses, and RCE flaws continue to be the major source of attack vectors that result in increasing cyber incidents and data breaches.

CISA Alerts

CISA has issued an alert for two vulnerabilities that have a high severity rating. Based on Common Weakness Enumeration (CWE) analysis, CVE-2021-1531 is categorized under CWE -74 (Improper Neutralization of Input During Web Page Generation), and CVE-2020-7774 as CWE - 20 (Improper Input Validation), which falls under the Top 3 dangerous Software Weaknesses 2020

Click here for our analysis and download patches.

Table: Security Patches

We know that security teams are inundated with more patches than they can handle but attackers need only one vulnerability to bring down an organization or halt a supply chain. 

CSW’s Patch Watch helps organizations and their overworked security teams patch the most critical vulnerabilities and improve their security posture.  Get on our mailing list for more information about emerging threats.

Protect your organization with Attack Surface Management as a Service. Talk to us.

 

Test your defense to know how secure you are…