Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

ACSC reveals top 12 exploited vulnerabilities of 2022

The Australian Cyber Security Centre, alongside partner organisations from the United States, Canada, New Zealand and the United Kingdom, released an advisory on the most frequently exploited vulnerabilities and exposures of 2022.

user icon
Mon, 07 Aug 2023
ACSC reveals top 12 exploited vulnerabilities of 2022
expand image

The advisory outlined that threat actors were more likely to target older vulnerabilities, aided by the accessibility of proof-of-concept code online.

These exploits are most effective in the first two years following identification as systems gradually become patched, the advisory explained.

Those most routinely exploited vulnerabilities include vulnerabilities affecting Fortinet SSL VPNs, Microsoft Exchange and the Atlassian Confluence Server and Data Center.

============
============

CVE

Vendor

Product

CVE-2018-13379

Fortinet

FortiOS and FortiProxy

CVE-2021-34473
(Proxy Shell)

Microsoft

Exchange Server

CVE-2021-31207
(Proxy Shell)

Microsoft

Exchange Server

CVE-2021-34523
(Proxy Shell)

Microsoft

Exchange Server

CVE-2021-40539

Zoho ManageEngine

ADSelfService Plus

CVE-2021-26084

Atlassian

Confluence Server and Data Center

CVE-2021- 44228
(Log4Shell)

Apache

Log4j2

CVE-2022-22954

VMware

Workspace ONE Access and Identity Manager

CVE-2022-22960

VMware

Workspace ONE Access, Identity Manager, and vRealize Automation

CVE-2022-1388

F5 Networks

BIG-IP

CVE-2022-30190

Microsoft

Multiple Products

CVE-2022-26134

Atlassian

Confluence Server and Data Center

The advisory includes recommendations for both vendors and developers of the products, as well as the end user.

Among the ACSC’s recommendations for vendors and developers were suggestions that businesses take strides to rule out entire classes of threats rather than relying on simply patching vulnerabilities as they become known.

“Business leaders should ensure that proactive steps to eliminate entire classes of security vulnerabilities rather than only making one-off patches when new vulnerabilities are discovered,” the advisory read.

Meanwhile, it recommends implementing secure-by-default protocols “such as eliminating default passwords, implementing single sign-on (SSO) technology via modern open standards, and providing high-quality audit logs to customers with no additional configuration and at no extra charge.”

For the end user, the advisory includes recommendations that users routinely update systems, catalogue their assets and perform backups.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.