August 14, 2023

Cybersecurity authorities from the Five Eyes intelligence alliance have published a list of the top 12 most exploited software vulnerabilities in 2022. The list, which was compiled by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and its partners, found that hackers disproportionately targeted older vulnerabilities that had been known for years.

Of the 12 vulnerabilities on the list, only five were discovered in 2022. The remaining seven had been known for at least two years, and some had been around for even longer. This suggests that many organizations are failing to patch their software in a timely manner, leaving them vulnerable to attack.

The most exploited vulnerability on the list was CVE-2018-13379, a critical flaw in Fortinet’s FortiOS and FortiProxy SSL VPN software. This vulnerability was first disclosed in 2018, but it was still being exploited by hackers in 2022.

Other frequently exploited vulnerabilities included CVE-2021-34473, a remote code execution (RCE) vulnerability in Microsoft Exchange Server, CVE-2022-22954, an RCE vulnerability in VMWare Workspace ONE Access and Identity Manager, CVE-2022-1388, a missing authentication vulnerability in F5 Networks BIG-IP, CVE-2022-30190, an RCE vulnerability in multiple Microsoft products, and CVE-2022-26134, an RCE vulnerability in Atlassian Confluence Server and Data Center.

The CISA advisory noted that threat actors are increasingly targeting older vulnerabilities because they are often easier to exploit. In addition, proof-of-concept (POC) code for many of these vulnerabilities is publicly available, which makes it easier for attackers to develop exploit kits.

The sources for this piece include an article in CPOMAGAZINE.