CISA, the NSA, and the FBI, in collaboration with cybersecurity authorities from Australia, Canada, New Zealand, and the United Kingdom, have published a list of the 12 most exploited vulnerabilities of 2022.
The knowledge of the 12 most exploited vulnerabilities of 2022 allows organizations to prioritize their patch management operations to minimize the attack surface.
“This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).” reads the advisory published by US agencies.
“The authoring agencies strongly encourage vendors, designers, developers, and end-user organizations to implement the recommendations found within the Mitigations section of this advisory to reduce the risk of compromise by malicious cyber actors.”
Government experts warn that in 2022, most of the exploited flaws were older software vulnerabilities and that threat actors targeted unpatched, internet-facing systems.
The availability of Proof of concept (PoC) code for many of the vulnerabilities in the list make it easy for threat actors the exploitation these issues to carry out a broad range of malicious activities.
According to the advisory, threat actors generally have the most success exploiting known vulnerabilities within the first two years of public disclosure.
Below is the list 12 most exploited vulnerabilities of 2022:
In 2022, the most exploited vulnerability is a flaw in Fortinet SSL VPN tracked as CVE-2018-13379. The vulnerability was exploited by multiple threat actors [1, 2, 3, 4, 5], including Russia-linked APT groups that targeted critical infrastructure.
The advisory also includes 30 additional routinely exploited vulnerabilities in 2022.
The advisory also provides mitigations for vendors and developers.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, most exploited vulnerabilities)