top of page

FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022

Updated: Aug 23, 2023

Take steps to reduce the risk of compromise by malicious actors still exploiting these vulnerabilities.


Released August 3, 2023 – Alert Code AA23-215A

Five Eyes cybersecurity authorities, including the FBI, CISA, and the NSA, have released a list of the 12 most exploited vulnerabilities of 2022. 

Cybersecurity agencies worldwide are being asked to address these security flaws and deploy patch management systems to reduce potential attacks. Threat actors focused on outdated software vulnerabilities rather than recently disclosed ones, specifically targeting unpatched systems left exposed on the internet. 

The joint advisory notes that proof of concept code was publicly available for many of the software vulnerabilities, which likely facilitated exploitation by a broader range of malicious cyber actors. Despite over 25,000 new security vulnerabilities being published by the Common Vulnerabilities and Exposures (CVE) Program, only five made it to the top 12 list of exploited flaws in 2022. 

Below is the list of the 12 most exploited security flaws last year and relevant links to the National Vulnerability Database entries.






FortiOS and FortiProxy

SSL VPN credential exposure

CVE-2021-34473 (Proxy Shell)


Exchange Server


CVE-2021-31207 (Proxy Shell)


Exchange Server

Security Feature Bypass

CVE-2021-34523 (Proxy Shell)


Exchange Server

Elevation of Privilege


ADSelfService Plus

RCE/Auth Bypass


Confluence Server/Data Center

Arbitrary code execution

CVE-2021- 44228 (Log4Shell)





Workspace ONE



Workspace ONE

Improper Privilege Management

F5 Networks


Missing Authentication


Multiple Products



Confluence Server/Data Center


The first spot goes to CVE-2018-13379, a Fortinet SSL VPN vulnerability the company fixed four years ago, in May 2019. The bug was abused by state hackers to breach U.S. government elections support systems.

"Organizations continue using unpatched software and systems, leaving easily discovered openings for cyber actors to target," warned Neal Ziring, the Technical Director for NSA's Cybersecurity Directorate.

"Older vulnerabilities can provide low-cost and high impact means for these actors to access sensitive data."


  • IT Infrastructure Security


  • Apply timely patches to systems.

  • Check for signs of compromise if CVEs identified in this CSA have not been patched.

  • Implement a centralized patch management system.

  • Maintain and update cybersecurity incident response plan that is tested at least annually.

  • Use security tools, such as endpoint detection and response (EDR), web application firewalls, and network protocol analyzers.

Incident Response

  • Isolate any infected systems and quarantine the system.

  • Notify relevant parties according to your Incident Response Plan

  • Reach out to cybersecurity professionals to help contain the attack, analyze the risk, and devise a recovery plan.


1. FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022. (2023, August 3). BleepingComputer.

2. 2022 Top Routinely Exploited Vulnerabilities. (2023, August 3).


How can CyberForce|Q services help you address this risk?

Partner with CyberForce|Q our cybersecurity experts can assist with writing and implementing a patch management system for your organization. Also, our Incident Response team can work with you to help develop, implement, and test your incident response plan. Customized Tabletop exercises are encouraged for all organizations. Our cutting-edge Security Operations Center is purpose-bult to tackle the challenge of monitoring your systems 24x7x265. By leveraging our services, we can help minimize the risk associated with an IT Infrastructure Security risk with measurable results.

Learn more about CyberForce|Q.

Learn more about our Q|FRAME Assessment Services.

26 views0 comments


bottom of page