The Five Eyes intelligence alliance [1] [5] [6], comprised of security agencies from the US, UK [6], Canada [1] [6], Australia [1] [6], and New Zealand [1] [6], has recently released a report on the top exploited vulnerabilities of 2022. This report aims to raise awareness and prompt action in addressing these vulnerabilities [2].
Description
The report builds upon the previous year’s findings and highlights the persistence of certain vulnerabilities due to companies failing to apply the latest patches. It emphasizes the critical importance of promptly patching vulnerabilities, as cybercriminals tend to exploit known weaknesses within the first two years of public disclosure. One of the most frequently exploited vulnerabilities is CVE-2018-13379, which was fixed by Fortinet four years ago. The report also provides technical details on 30 other commonly exploited vulnerabilities and offers advice on mitigating their impact [1]. It calls upon organizations to promptly apply security updates and urges software vendors to prioritize security in their product design.
The report aligns with a newly released advisory from the Cybersecurity and Infrastructure Security Agency (CISA), NSA [3] [4] [5] [8], FBI [3] [4] [5] [8], and cybersecurity agencies from the Five Eyes countries [3] [7]. This advisory reveals the top exploited vulnerabilities for 2022 [3], including CVE-2018-13379 [1] [3] [6], a vulnerability in Fortinet SSL VPN products that has been consistently targeted since 2020 [3]. It also highlights three CVE vulnerabilities affecting Microsoft Exchange [3], known as ProxyShell [3], which enable remote code execution (RCE) [3]. Furthermore, the advisory identifies other exploited flaws in 2022, such as Log4Shell and more. In addition to these specific vulnerabilities, the advisory provides a list of 30 CVE flaws commonly exploited to compromise organizations and state agencies [3]. Organizations are advised to take action to strengthen their cyber defenses and stay informed [4], vigilant [4], and proactive to fortify their defenses and contribute to a safer online environment [4].
The advisory from the Five Eyes intelligence alliance [1], FBI [3] [4] [5] [8], CISA [4] [5] [8], and NSA emphasizes the need for organizations worldwide to address the 12 most exploited security vulnerabilities of 2022. These vulnerabilities were targeted by cyber threat actors who focused on exploiting outdated software vulnerabilities, particularly those affecting unpatched and internet-facing systems [5]. Proof of concept code was publicly available for many of these vulnerabilities [5], making them easier to exploit [5]. The most exploited vulnerability was CVE-2018-13379 [5] [6], a Fortinet SSL VPN vulnerability [5] [6]. The agencies involved in the advisory urge vendors [5], designers [2] [5], developers [2] [5], and end-user organizations to implement mitigation measures [5]. MITRE has also released a list of the 25 most prevalent and dangerous software weaknesses [5]. Additionally, CISA and the FBI have released a list of the top 10 most exploited security flaws between 2016 and 2019 [5]. The Technical Director for NSA’s Cybersecurity Directorate has warned that organizations using unpatched software and systems are leaving openings for cyber actors to target and access sensitive data [5].
Conclusion
The report and advisory highlight the significant impacts of exploited vulnerabilities and the urgent need for organizations to take action to strengthen their cyber defenses. Promptly applying security updates [1], prioritizing security in product design [1], and implementing mitigation measures are crucial steps in fortifying defenses and contributing to a safer online environment. The release of these findings also underscores the ongoing threat posed by cybercriminals and the need for organizations to remain informed, vigilant [4], and proactive in addressing vulnerabilities [2].
References
[1] https://www.infosecurity-magazine.com/news/legacy-flaws-dominate-top-12/
[2] https://techmonitor.ai/technology/cybersecurity/ncsc-five-eyes-security-vulnerabilities-2022
[3] https://www.techspot.com/news/99667-five-eyes-intelligence-agencies-discloses-12-top-exploited.html
[4] https://www.yeoandyeo.com/resource/top-12-exploited-vulnerabilities-of-2022
[5] https://vulnera.com/newswire/top-exploited-cybersecurity-vulnerabilities-of-2022-unveiled-by-fbi-cisa-and-nsa/
[6] https://fieldeffect.com/blog/top-exploited-vulnerabilities-of-2022-revealed
[7] https://satproviders.com/news/five-eyes-nations-list-12-most-exploited-vulnerabilities/161641/
[8] https://cyber.vumetric.com/security-news/2023/08/03/fbi-cisa-and-nsa-reveal-top-exploited-vulnerabilities-of-2022/