Original release date: April 27, 2022

CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK)  have released a joint Cybersecurity Advisory that provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.

CISA encourages users and administrators to review joint Cybersecurity Advisory: 2021 Top Routinely Exploited Vulnerabilities  and apply the recommended mitigations to reduce the risk of compromise by malicious cyber actors. 

This product is provided subject to this Notification and this Privacy & Use policy.