Outbreak Alert: Top Routinely Exploited Vulnerabilities 2022

FortiRecon provides outside-in coverage for risks toward customers.   

External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise.   

The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.   

CVE ID   

CVE-2018-13379

CVE Title   

 Fortinet FortiOS SSL VPN Path Traversal Vulnerability

CVE Severity   

 High

ACI Coverage   

• 44 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 30 articles referencing this CVE on the security blog.  
• 12 public code repositories containing possible POC exploits for this vulnerability  
• 4 articles referencing possibly working exploit(s) for this vulnerability 
• 534 mentions on social media for this vulnerability.  
• Discussion on 4 Telegram channels.  
• 318 Darknet mentions

EASM Scanner   

No   

CVE ID   

CVE-2021-34473 

CVE Title   

Microsoft Exchange Server Remote Code Execution Vulnerability 

CVE Severity   

 Critical  

ACI Coverage   

• 76 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 15 articles referencing this CVE on the security blog.  
• 15 public code repositories containing possible POC exploits for this vulnerability  
• 1 articles referencing possibly working exploit(s) for this vulnerability 
• 132 mentions on social media for this vulnerability.  
• Discussion on 8 Telegram channels.  
• 4 Darknet mentions

EASM Scanner   

No   

CVE ID   

CVE-2021-31207 

CVE Title   

Microsoft Exchange Server Security Feature Bypass Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 62 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 15 articles referencing this CVE on the security blog.  
• 4 public code repositories containing possible POC exploits for this vulnerability  
• 1 articles referencing possibly working exploit(s) for this vulnerability 
• 50 mentions on social media for this vulnerability.  
• Discussion on 6 Telegram channels.  
• 2 Darknet mentions for this vulnerability 

EASM Scanner   

No   

CVE ID   

CVE-2021-34523 

CVE Title   

Microsoft Exchange Server Privilege Escalation Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 68 ACI reporting (TECHINT, Darknet, and OSINT) for this vulnerability.  
• 15 articles referencing this CVE on the security blog.  
• 4 public code repositories containing possible POC exploits for this vulnerability  
• 1 articles referencing possibly working exploit(s) for this vulnerability 
• 100 mentions on social media for this vulnerability.  
• Discussion on 6 Telegram channels.  
• 2 Darknet mentions

EASM Scanner   

No   

CVE ID   

CVE-2021-40539 

CVE Title   

Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 25 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 10 articles referencing this CVE on the security blog.  
• 2 public code repositories containing possible POC exploits for this vulnerability  
• 1 articles referencing possibly working exploit(s) for this vulnerability 
• 121 mentions on social media for this vulnerability.  
• Discussion on 7 Telegram channels.  
• 2 Darknet mentions

EASM Scanner   

No   

CVE ID   

CVE-2021-26084 

CVE Title   

Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 24 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 10 articles referencing this CVE on the security blog.  
• 41 public code repository containing possible POC exploits for this vulnerability  
• 4 articles referencing possibly working exploit(s) for this vulnerability 
• 287 mentions on social media for this vulnerability.  
• Discussion on 9 Telegram channels.  
• 50 Darknet mentions for this vulnerability 

EASM Scanner   

No 

CVE ID   

CVE-2021-44228 

CVE Title   

Apache Log4j2 Remote Code Execution Vulnerability 

CVE Severity   

 Critical  

ACI Coverage   

• 95 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 40 articles referencing this CVE on the security blog.  
• 440 public code repository containing possible POC exploits for this vulnerability  
• 13 articles referencing possibly working exploit(s) for this vulnerability 
• 2828 mentions on social media for this vulnerability.  
• Discussion on 21 Telegram channels.  
• 6 Darknet mentions for this vulnerability 

EASM Scanner   

No 

CVE ID   

CVE-2022-22954 

CVE Title   

VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability 

CVE Severity   

 Critical  

ACI Coverage   

• 25 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 12 articles referencing this CVE on the security blog.  
• 32 public code repositories containing possible POC exploits for this vulnerability  
• 1 articles referencing possibly working exploit(s) for this vulnerability 
• 173 mentions on social media for this vulnerability.  
• Discussion on 8 Telegram channels. 

EASM Scanner   

No 

CVE ID   

CVE-2022-22960 

CVE Title   

VMware Multiple Products Privilege Escalation Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 10 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 20 articles referencing this CVE on the security blog.  
• 1 public code repository containing possible POC exploits for this vulnerability  
• 1 articles referencing possibly working exploit(s) for this vulnerability 
• 50 mentions on social media for this vulnerability. 
• 11 Darknet mentions
  
  

EASM Scanner   

No 

CVE ID   

CVE-2022-1388 

CVE Title   

F5 BIG-IP Missing Authentication Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 20 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 16 articles referencing this CVE on the security blog.  
• 65 public code repositories containing possible POC exploits for this vulnerability  
• 4 articles referencing possibly working exploit(s) for this vulnerability 
• 588 mentions on social media for this vulnerability.  
• Discussion on 10 Telegram channels.  
• 2 Darknet mentions for this vulnerability 

EASM Scanner   

No 

CVE ID   

CVE-2022-30190 

CVE Title   

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Follina) 

CVE Severity   

 Critical  

ACI Coverage   

• 79 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 45 articles referencing this CVE on the security blog.  
• 85 public code repositories containing possible POC exploits for this vulnerability  
• 3 articles referencing possibly working exploit(s) for this vulnerability 
• 1000 mentions on social media for this vulnerability.  
• Discussion on 12 Telegram channels.  
• 2 Darknet mentions

EASM Scanner   

No 

CVE ID   

CVE-2022-26134 

CVE Title   

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability 

CVE Severity   

 High  

ACI Coverage   

• 56 ACI reporting (TECHINT and OSINT) for this vulnerability.  
• 22 articles referencing this CVE on the security blog.  
• 70 public code repositories containing possible POC exploits for this vulnerability  
• 4 articles referencing possibly working exploit(s) for this vulnerability 
• 822 mentions on social media for this vulnerability.  
• Discussion on 11 Telegram channels.  
• 2 Darknet mentions

EASM Scanner   

No