Trend Micro produced a comprehensive analysis of the Linux threat landscape, highlighting the barriers and vulnerabilities that have plagued the operating system in the first half of the year. The information was gathered using honeypots, sensors and anonymous telemetry.
According to the company, which has detected about 15 million malware attacks targeting Linux-based cloud environments, ransomware and coin miners account for 54% of all malware, while web shells represent 29% of all recorded events.
Researchers evaluated over 50 million events from 100,000 unique Linux servers and identified 15 separate vulnerabilities used in the wild. What’s more concerning is that the vulnerabilities are part of the 15 Docker images widely used in the Docker Hub Official Repository. This demonstrates the critical requirement during the development phase to safeguard and secure containers from attacks of all kinds.
The following are the most commonly exploited Linux vulnerabilities:
CVE-2017-9805 – Apache Struts 2 REST plugin XStream RCE Flaw, with a CVSS score of 8.1
CVE-2020-14750 – Oracle WebLogic Server RCE Flaw, with a CVSS score of 9.8
CVE-2020-17496 – vBulletin ‘subwidgetConfig’ unauthenticated RCE Flaw, with a CVSS score of 9.8
CVE-2017-12611 – Apache Struts OGNL expression RCE Flaw, with a CVSS score of 9.8
CVE-2021-29441 – Alibaba Nacos AuthFilter authentication bypass Flaw, with a CVSS score of 9.8
CVE-2013-4547 – Nginx crafted URI string handling access restriction bypass Flaw, with a CVSS score of 8.0
CVE-2018-11776 – Apache Struts OGNL expression RCE Flaw, with a CVSS score of 8.1
CVE-2017-5638 – Apache Struts 2 remote code execution (RCE) Flaw, with a CVSS score of 10
CVE-2018-7600 – Drupal Core RCE Flaw, with a CVSS score of 9.8
CVE-2020-25213 – WordPress File Manager (wp-file-manager) plugin RCE Flaw, with a CVSS score of 10.0
CVE-2020-11651 – SaltStack Salt authorization weakness Flaw, with a CVSS score of 9.8
CVE-2017-7657 – Eclipse Jetty chunk length parsing integer overflow Flaw, with a CVSS score of 9.8
CVE-2020-14179 – Atlassian Jira information disclosure Flaw, with a CVSS score of 5.3
CVE-2019-0230 – Apache Struts 2 RCE Flaw, with a CVSS score of 9.8
CVE-2020-7961 – Liferay Portal untrusted deserialization Flaw, with a CVSS score of 9.8
The researchers found that consumers and businesses should always adopt security best practices, such as security by design, layered virtual patching or vulnerability protection, and the shared responsibility model.
- Hackers Targeted Major Linux Flaws
- Check all news and articles from the latest Security news updates.