Article Details
Scrape Timestamp (UTC): 2024-11-12 16:50:45.449
Original Article Text
Click to Toggle View
FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023. The FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance have released today a list of the top 15 routinely exploited vulnerabilities throughout last year. A joint advisory published on Tuesday calls for organizations worldwide to immediately patch these security flaws and deploy patch management systems to minimize their networks' exposure to potential attacks. "In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets," the cybersecurity agencies warned. "In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day." As they also revealed, 12 out of the top 15 vulnerabilities routinely abused in the wild were addressed last year, lining up with the agencies warning that threat actors focused their attacks on zero-days (security flaws that have been disclosed but are yet to be patched). Here is the complete list of last year's most exploited vulnerabilities and relevant links to the National Vulnerability Database entries. CVE-2023-3519, a code injection vulnerability in NetScaler ADC / Gateway that enables attackers to gain remote code execution on unpatched servers, took the first spot after state hackers abused it to breach U.S. critical infrastructure organizations. By early August 2023, this security flaw had been leveraged to backdoor at least 640 Citrix servers worldwide and over 2,000 by mid-August. Today's advisory highlights 32 other vulnerabilities often exploited last year to compromise organizations and provides information on how defenders can decrease their exposure to attacks abusing them in the wild. This June, MITRE also unveiled the 25 most dangerous software weaknesses for the previous two calendar years and, in November 2021, a list of the most important hardware weaknesses. "All of these vulnerabilities are publicly known, but many are in the top 15 list for the first time," said Jeffrey Dickerson, NSA's cybersecurity technical director, on Tuesday. "Network defenders should pay careful attention to trends and take immediate action to ensure vulnerabilities are patched and mitigated. Exploitation will likely continue in 2024 and 2025."
Daily Brief Summary
The FBI, NSA, and authorities from the Five Eyes released a joint advisory detailing the top 15 exploited vulnerabilities of 2023.
Agencies highlighted an increase in zero-day vulnerabilities exploitation from 2022, with 12 out of the top 15 initially exploited as zero-days.
CVE-2023-3519, a critical code injection flaw in NetScaler ADC / Gateway, topped the list after being used by state actors to breach U.S. infrastructure.
The exploited vulnerabilities were responsible for severe breaches, compromising over 2,000 Citrix servers globally by mid-August 2023.
Cybersecurity advisory underscores the urgency for organizations to implement effective patch management systems to protect against these vulnerabilities.
The report includes mitigation strategies and emphasizes the importance of rapid response to vulnerability disclosures to prevent ongoing and future attacks.
The NSA and other agencies urge heightened vigilance and proactive cybersecurity measures as they predict continued targeted exploitation through 2024 and 2025.