In collaboration with CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities have issued today a list of the 12 most exploited vulnerabilities throughout 2022.
“In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems,” the joint advisory reads.
“Proof of concept code was publicly available for many of the software vulnerabilities or vulnerability chains, likely facilitating exploitation by a broader range of malicious cyber actors.”
While the Common Vulnerabilities and Exposures Program published over 25,000 new security vulnerabilities until the end of 2022, only five vulnerabilities made it to the list of the top 12 flaws exploited in attacks the same year.
Below is the list of the 12 most exploited security flaws last year and relevant links to the National Vulnerability Database entries.
CISA warns of breach risks from IDOR web app vulnerabilities.
