top of page
Search

FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022

Updated: Aug 23, 2023


Take steps to reduce the risk of compromise by malicious actors still exploiting these vulnerabilities.

 

Released August 3, 2023 – Alert Code AA23-215A

Five Eyes cybersecurity authorities, including the FBI, CISA, and the NSA, have released a list of the 12 most exploited vulnerabilities of 2022. 

Cybersecurity agencies worldwide are being asked to address these security flaws and deploy patch management systems to reduce potential attacks. Threat actors focused on outdated software vulnerabilities rather than recently disclosed ones, specifically targeting unpatched systems left exposed on the internet. 

The joint advisory notes that proof of concept code was publicly available for many of the software vulnerabilities, which likely facilitated exploitation by a broader range of malicious cyber actors. Despite over 25,000 new security vulnerabilities being published by the Common Vulnerabilities and Exposures (CVE) Program, only five made it to the top 12 list of exploited flaws in 2022. 

Below is the list of the 12 most exploited security flaws last year and relevant links to the National Vulnerability Database entries.


CVE

Vendor

Product

Type

Fortinet

FortiOS and FortiProxy

SSL VPN credential exposure

CVE-2021-34473 (Proxy Shell)

Microsoft

Exchange Server

RCE

CVE-2021-31207 (Proxy Shell)

Microsoft

Exchange Server

Security Feature Bypass

CVE-2021-34523 (Proxy Shell)

Microsoft

Exchange Server

Elevation of Privilege

Zoho

ADSelfService Plus

RCE/Auth Bypass

Atlassian

Confluence Server/Data Center

Arbitrary code execution

CVE-2021- 44228 (Log4Shell)

Apache

Log4j2

RCE

VMware

Workspace ONE

RCE

VMware

Workspace ONE

Improper Privilege Management

F5 Networks

BIG-IP

Missing Authentication

Microsoft

Multiple Products

RCE

Atlassian

Confluence Server/Data Center

RCE

The first spot goes to CVE-2018-13379, a Fortinet SSL VPN vulnerability the company fixed four years ago, in May 2019. The bug was abused by state hackers to breach U.S. government elections support systems.


"Organizations continue using unpatched software and systems, leaving easily discovered openings for cyber actors to target," warned Neal Ziring, the Technical Director for NSA's Cybersecurity Directorate.


"Older vulnerabilities can provide low-cost and high impact means for these actors to access sensitive data."


Relevance

  • IT Infrastructure Security


Recommendations

  • Apply timely patches to systems.

  • Check for signs of compromise if CVEs identified in this CSA have not been patched.

  • Implement a centralized patch management system.

  • Maintain and update cybersecurity incident response plan that is tested at least annually.

  • Use security tools, such as endpoint detection and response (EDR), web application firewalls, and network protocol analyzers.

Incident Response

  • Isolate any infected systems and quarantine the system.

  • Notify relevant parties according to your Incident Response Plan

  • Reach out to cybersecurity professionals to help contain the attack, analyze the risk, and devise a recovery plan.


References


1. FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022. (2023, August 3). BleepingComputer. https://www.bleepingcomputer.com/news/security/fbi-cisa-and-nsa-reveal-top-exploited-vulnerabilities-of-2022/?&web_view=true

2. 2022 Top Routinely Exploited Vulnerabilities. (2023, August 3). Cisa.gov https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a



 

How can CyberForce|Q services help you address this risk?


Partner with CyberForce|Q our cybersecurity experts can assist with writing and implementing a patch management system for your organization. Also, our Incident Response team can work with you to help develop, implement, and test your incident response plan. Customized Tabletop exercises are encouraged for all organizations. Our cutting-edge Security Operations Center is purpose-bult to tackle the challenge of monitoring your systems 24x7x265. By leveraging our services, we can help minimize the risk associated with an IT Infrastructure Security risk with measurable results.


Learn more about CyberForce|Q.

Learn more about our Q|FRAME Assessment Services.



26 views0 comments

Recent Posts

See All

コメント


bottom of page