Chinese State-Sponsored Actors Exploit Publicly Known Vulnerabilities
NJCCIC Advisory
Original Release Date: 10/20/2020
Summary
The National Security Agency (NSA) Cybersecurity Advisory details 25 vulnerabilities known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors. Since these techniques include the exploitation of publicly known vulnerabilities, it is critical that network defenders prioritize patching and mitigation efforts.
This NSA Cybersecurity Advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Most of the vulnerabilities listed can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access (T1133) or for external web services (T1190), and should be prioritized for immediate patching. While some vulnerabilities have specific additional mitigations, the mitigations listed in the Cybersecurity Advisory generally apply.
Reporting
We encourage recipients who discover signs of malicious cyber activity to contact us via the cyber incident report form by clicking here.
Please do not hesitate to contact us at njccic@cyber.nj.gov with any questions. Also, for more background on our recent cybersecurity efforts please visit cyber.nj.gov
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.