Oracle, Microsoft, and Google, Microsoft had the Most Cybersecurity Flaws in H1 2021

AtlasVPN research compiled a top 10 cybersecurity sorts. The companies listed in the analysis amassed the most security vulnerabilities earlier this year.

Alexander Alexander
Sep 22, 2021 - 06:44 Updated: Sep 22, 2021 - 06:44
Oracle, Microsoft, and Google, Microsoft had the Most Cybersecurity Flaws in H1 2021
Oracle, Microsoft, and Google, Microsoft had the Most Cybersecurity Flaws in H1 2021 | Image credits: Logsign

Critical infrastructure such as domestic meat and petroleum production has been hindered by recent intrusions, bringing the subject of security to the forefront for organizations around the globe. Atlas Research has just issued a report on which corporations will have the most security vulnerabilities in 2021.

According to Telefonica's current Telefonica Tech study, Google and Microsoft have amassed the most vulnerabilities through the beginning of 2021. AtlasVPN's study revealed that Google topped the list of organizations with the most accumulated security flaws as of January 1, 2021, with 547 vulnerabilities, followed by Microsoft with 432 vulnerabilities.

With 316 vulnerabilities, Oracle ranks third, followed by Cisco (200) and SAP (118). Oracle WebLogic Server serves as the platform for developing, deploying, and running Java-based enterprise applications. When the number 3 Oracle is attacked, these vulnerabilities are usually discovered in it. In terms of the total number of vulnerabilities, the five companies AtlasVPN examined are ahead of the rest of the pack: IBM (69), Jenkins (68), Apple (67), Linux (65), and Aruba (56).

Levels of vulnerabilities

Some flaws stand out owing to their importance or risk. Cybercriminals and corporations alike pay more attention to exploits that can be used to launch a major attack.

In the first half of 2021, there were 1023 vulnerabilities. One of these exploits is CVE-2021-22986, which has a 9.8 score. The flaw was detected in F5, BIG-IP, and BIG-IQ services. Exploiting the weakness gave full control of the system to cyber criminals.

The NVD assigned danger tier 9 to 927 vulnerabilities. The 8.8 exploit CVE-2021-28111 stood out in this category. The flaw was discovered in Draeger X-Dock gas detector firmware that holds embedded credentials. An attacker might run arbitrary code on the system by extracting and utilizing credentials.

NVD found 2,164 vulnerabilities in risk tier 8 (high). One prominent exploit was CVE-2021-24092 (7.8). The weakness in Windows Defender had been unknown for 12 years. An attacker might use this flaw to elevate a non-administrator user's privileges.

Finally, NVD identified 501 tier 7 risks. Tier 6 had the second-most vulnerabilities (1,765). Low-scoring flaws are either not dangerous or hard to exploit.

Cybercriminals can explore millions of systems by exploiting Google or Microsoft's flaws. While the IT giants are keeping up with exploits and updating their software, individuals and organizations must do the same to prevent further exploitation.

Tags: