25 critical vulnerabilities exploited by Chinese hackers.
Most of the vulnerabilities can be exploited to gain initial access to victim networks using their products that are directly accessible from the Internet and the gateways for internal networks. The majority of the products are either for remote access or for external web services and should be prioritized for immediate patching
The list of vulnerabilities exploited by Chinese hackers:-
CVE-2019-11510 – affecting Pulse Secure VPNs
CVE-2020-5902 – affecting F5 BIG-IP proxy/load balancer devices
CVE-2019-19781 – affecting Citrix Application Delivery Controller (ADC) and Gateway
CVE-2020-8193, CVE-2020-8195, CVE-2020-8196 – affecting Citrix ADC and Citrix Gateway and Citrix SDWAN WAN-OP
CVE-2019-0708 – affecting Microsoft Windows and Microsoft Windows Server Remote Desktop Services
CVE-2020-15505 – affecting MobileIron mobile device management (MDM)
CVE-2020-1350 – affecting Windows (Domain Name System) Server
CVE-2020-1472 – affecting Microsoft Windows Server
CVE-2019-1040 – affecting Microsoft Windows and Microsoft Windows Server
CVE-2018-6789 – affecting Exim mail transfer agent
CVE-2020-0688 – affecting Microsoft Exchange Server
CVE-2018-4939 – affecting Adobe ColdFusion
CVE-2015-4852 – affecting Oracle WebLogic Server
CVE-2020-2555 – affecting Oracle Coherence
CVE-2019-3396 – affecting Atlassian Confluence
CVE-2019-11580 – affecting Atlassian Crowd and Crowd Data Center
CVE-2020-10189 – affecting Zoho ManageEngine Desktop Central
CVE-2019-18935 – affecting Progress Telerik UI for ASP.NET AJAX
CVE-2020-0601 – affecting Microsoft Windows and Microsoft Windows Server
CVE-2019-0803 – affecting Microsoft Windows and Microsoft Windows Server
CVE-2017-6327 – affecting Symantec Messaging Gateway
CVE-2020-3118 – affecting Cisco IOS XR
CVE-2020-8515 – affecting DrayTek Vigor devices
We recommend the organizations should need to update their relevant machines if they are exploitable with these CVE’s.