US Authorities List Vulnerabilities That Chinese Hackers Attack

Chinese hackers attacked vulnerabilities
Written by Emma Davis

Specialists from the Cybersecurity and Infrastructure Protection Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) have disclosed data on vulnerabilities that Chinese hackers mostly use to attack government networks and critical US infrastructure.

In a joint report, federal agencies write that China’s “government hackers” are attacking U.S. and allied networks and technology companies to gain access to closed networks and steal intellectual property.

Such cyberattacks in the report are called “one of the largest and most dynamic threats to government and civilian networks in the United States.”

Let me remind you that we also wrote that Chinese hack group APT10 attacks Taiwanese financial sector, and also that Chinese Hackers Attack Script-Kiddies Using SMS Bomber.

The joint study builds on previous reports from the NSA, CISA, and FBI that are regularly released to inform federal, state, local, and other authorities, as well as companies (including critical infrastructure organizations and the defense sector) of apparent attacker trends, tactics, and methods.

The bulletin also lists recommended mitigations for each of the vulnerabilities that Chinese hackers most commonly exploit, as well as methods for detecting them, which can help identify and block attempts at such attacks.

The final table of the most exploited vulnerabilities by Chinese hackers (starting from 2020) is as follows:

Software manufacturer
CVE
Type of vulnerability
Apache Log4jCVE-2021-44228Remote code execution
Pulse Connect SecureCVE-2019-11510Reading an arbitrary file
GitLab CE/EECVE-2021-22205Remote code execution
AtlassianCVE-2022-26134Remote code execution
Microsoft ExchangeCVE-2021-26855Remote code execution
F5 Big-IPCVE-2020-5902Remote code execution
VMware vCenter ServerCVE-2021-22005Uploading an arbitrary file
Citrix ADCCVE-2019-19781Directory traversal
Cisco HyperflexCVE-2021-1497Command execution
Buffalo WSRCVE-2021-20090Directory traversal
Atlassian Confluence Server and Data CenterCVE-2021-26084Remote code execution
Hikvision WebserverCVE-2021-36260Command Injection
Sitecore XPCVE-2021-42237Remote code execution
F5 Big-IPCVE-2022-1388Remote code execution
ApacheCVE-2022-24112Authentication Bypass
ZOHOCVE-2021-40539Remote code execution
MicrosoftCVE-2021-26857Remote code execution
MicrosoftCVE-2021-26858Remote code execution
MicrosoftCVE-2021-27065Remote code execution
Apache HTTP ServerCVE-2021-41773Directory traversal
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending