MITRE shared today this year’s list of the top 25 most dangerous weaknesses plaguing software during the previous two years.
Software weaknesses encompass a wide range of issues, including flaws, bugs, vulnerabilities, and errors in software solutions’ code, architecture, implementation, or design.
“After the collection, scoping, and remapping process, a scoring formula was used to calculate a rank order of weaknesses that combines the frequency, with the average severity of each of those vulnerabilities when they are exploited,” MITRE said.
MITRE’s 2023 top 25 weaknesses are dangerous due to their significant impact and widespread occurrence in software released over the past two years.
In a collaborative effort involving cybersecurity authorities worldwide, a comprehensive compilation of the top 15 vulnerabilities commonly exploited in attacks throughout 2021 was released in April 2022.
“Over the coming weeks, the CWE program will be publishing a series of further articles on the CWE Top 25 methodology, vulnerability mapping trends, and other useful information that help illustrate how vulnerability management plays an important role in Shifting the Balance of Cybersecurity Risk.”.
