Jump to content
  • FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022

    Karlston

    • 701 views
    • 3 minutes
     Share


    • 701 views
    • 3 minutes

    In collaboration with CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities have issued today a list of the 12 most exploited vulnerabilities throughout 2022.

     

    Cybersecurity agencies in the United States, Australia, Canada, New Zealand, and the United Kingdom called on organizations worldwide to address these security flaws and deploy patch management systems to minimize their exposure to potential attacks.

     

    Threat actors increasingly focused their attacks on outdated software vulnerabilities rather than recently disclosed ones during the previous year, specifically targeting systems left unpatched and exposed on the Internet.

     

    "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," the joint advisory reads.

     

    "Proof of concept (PoC) code was publicly available for many of the software vulnerabilities or vulnerability chains, likely facilitating exploitation by a broader range of malicious cyber actors."

     

    While the Common Vulnerabilities and Exposures (CVE) Program published over 25,000 new security vulnerabilities until the end of 2022, only five vulnerabilities made it to the list of the top 12 flaws exploited in attacks the same year.

     

    Below is the list of the 12 most exploited security flaws last year and relevant links to the National Vulnerability Database entries.

     

    CVE Vendor Product Type
    CVE-2018-13379 Fortinet FortiOS and FortiProxy SSL VPN credential exposure
    CVE-2021-34473 (Proxy Shell) Microsoft Exchange Server RCE
    CVE-2021-31207 (Proxy Shell) Microsoft Exchange Server Security Feature Bypass
    CVE-2021-34523 (Proxy Shell) Microsoft Exchange Server Elevation of Privilege
    CVE-2021-40539 Zoho ADSelfService Plus RCE/Auth Bypass
    CVE-2021-26084 Atlassian Confluence Server/Data Center Arbitrary code execution
    CVE-2021- 44228 (Log4Shell) Apache Log4j2 RCE
    CVE-2022-22954 VMware Workspace ONE RCE
    CVE-2022-22960 VMware Workspace ONE Improper Privilege Management
    CVE-2022-1388 F5 Networks BIG-IP Missing Authentication
    CVE-2022-30190 Microsoft Multiple Products RCE
    CVE-2022-26134 Atlassian Confluence Server/Data Center RCE

     

    The first spot goes to CVE-2018-13379, a Fortinet SSL VPN vulnerability the company fixed four years ago, in May 2019. The bug was abused by state hackers to breach U.S. government elections support systems.

     

    Today's advisory also highlights an additional 30 vulnerabilities often used to compromise organizations, including information on how security teams can decrease their exposure to attacks exploiting them.

     

    To secure their systems and reduce the risk of a breach, the authoring agencies urged vendors, designers, developers, and end-user organizations to implement mitigation measures outlined in the advisory.

     

    In June, MITRE unveiled the list of the 25 most prevalent and dangerous software weaknesses that persisted over the last two years. Two years ago, it also shared the topmost dangerous programming, design, and architecture hardware security flaws.

     

    CISA and the FBI also released a compilation of the top 10 most exploited security flaws between 2016 and 2019.

     

    "Organizations continue using unpatched software and systems, leaving easily discovered openings for cyber actors to target," warned Neal Ziring, the Technical Director for NSA's Cybersecurity Directorate.

     

    "Older vulnerabilities can provide low-cost and high impact means for these actors to access sensitive data."

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...