Top 3 security vulnerabilities in Austria: How secure are your servers?

18. October, 2021

One of the most important security rules is: Keep your systems up-to-date and patch any vulnerabilities you find as quickly as possible. Up-to-date software offers fewer attack surfaces and makes it much more difficult for cybercriminals to gain unauthorized access to your systems.

In order to find vulnerabilities, both security officers and cybercriminals use different methods, such as security scanners. Applications can be used to search for specific systems and services, publicly accessible web servers, webcams, Raspberry Pis, game consoles or other IoT control systems. They provide the firmware version, the operating system, or indicate whether the systems are accessible with standard passwords or operated with outdated, faulty software.

Top 3 security vulnerabilities in Austria

The team from cert.at (Computer Emergency Response Team Austria) thus took a look at the domestic security situation at the beginning of October. [1] According to the cumulative result, the three most widespread critical security vulnerabilities in Austria are as follows:

1^st place: Server with OpenSSL vulnerabilities “Logjam” and “Freak” from 2015: 7.334 gaps found (CVE-2015-0204 & CVE-2015-4000) [2]
2^nd place: Microsoft Exchange Server Remote Code Execution Vulnerability: 2.458 gaps found (CVE-2021-31206) [3]
3^rd place: Microsoft Exchange ProxyShell 2.349 (3*783) gaps found
(CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) [4]

The almost historic OpenSSL vulnerabilities on rank 1 are not exactly uncritical, but rank 2 and 3 are much more worrying. Particularly worrying vulnerabilities are still widespread on the widely used Microsoft Exchange platform.

It could be deduced from the results that approximately 3,000 to 4,000 central communication servers of companies in Austria could be easily taken over by external attackers and misused as a springboard into internal areas – although security updates have been available for some time to fix the vulnerabilities.

Have you installed all updates?

Worth reading:

5 tips for secure remote management

IBM Data Breach Report 2021: the four main findings

Sources:

[1] https://cert.at/de/aktuelles/2021/10/shodan-verified-vulns-2021-10-01

[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204

[3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31206

[4] https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell

Security tips conveniently in your inbox: Subscribe to IKARUS News now