In 2022, malicious cyber actors continued exploiting known software vulnerabilities to target unpatched systems and applications, including some vulnerabilities that have been known for more than five years, according to a newly released joint Cybersecurity Advisory (CSA) from U.S. and foreign partner intelligence agencies.
The “2022 Top Routinely Exploited Vulnerabilities” CSA provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors who continue targeting unpatched systems and applications – all known vulnerabilities from 2017 to 2022 that have not been mitigated. The authoring agencies recommend immediate patching of these CVEs to reduce the risk of compromise.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released the CSA in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Communication Security Establishment’s Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK).
“Organizations continue using unpatched software and systems, leaving easily discovered openings for cyber actors to target,” said Neal Ziring, the Technical Director for NSA’s Cybersecurity Directorate. “Older vulnerabilities can provide low-cost and high impact means for these actors to access sensitive data.”
In 2022, over 25,000 new security vulnerabilities were published by the Common Vulnerabilities and Exposures (CVE) Program. From those, only five are within the top 12 software vulnerabilities exploited by malicious cyber actor during 2022, according to the CSA.
Several vulnerabilities listed in the advisory were also reported in the “2021 Top Routinely Exploited Vulnerabilities” CSA and continued to be exploited by cyber actors in 2022. PRC state-sponsored cyber actors, for example, have been using some of the vulnerabilities listed in the CSA to actively target U.S. and allied networks, as indicated in the “Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors."
To improve cybersecurity posture, the co-authoring agencies recommend organizations implement the mitigations listed in the advisory primarily by prioritizing scanning for and patching of vulnerable software.
Read the full report here.
Visit our full library for more cybersecurity information and technical guidance.
NSA Media Relations