Share this article on:
The Australian Cyber Security Centre, alongside partner organisations from the United States, Canada, New Zealand and the United Kingdom, released an advisory on the most frequently exploited vulnerabilities and exposures of 2022.
The advisory outlined that threat actors were more likely to target older vulnerabilities, aided by the accessibility of proof-of-concept code online.
These exploits are most effective in the first two years following identification as systems gradually become patched, the advisory explained.
Those most routinely exploited vulnerabilities include vulnerabilities affecting Fortinet SSL VPNs, Microsoft Exchange and the Atlassian Confluence Server and Data Center.
CVE |
Vendor |
Product |
CVE-2018-13379 |
Fortinet |
FortiOS and FortiProxy |
CVE-2021-34473 |
Microsoft |
Exchange Server |
CVE-2021-31207 |
Microsoft |
Exchange Server |
CVE-2021-34523 |
Microsoft |
Exchange Server |
CVE-2021-40539 |
Zoho ManageEngine |
ADSelfService Plus |
CVE-2021-26084 |
Atlassian |
Confluence Server and Data Center |
CVE-2021- 44228 |
Apache |
Log4j2 |
CVE-2022-22954 |
VMware |
Workspace ONE Access and Identity Manager |
CVE-2022-22960 |
VMware |
Workspace ONE Access, Identity Manager, and vRealize Automation |
CVE-2022-1388 |
F5 Networks |
BIG-IP |
CVE-2022-30190 |
Microsoft |
Multiple Products |
CVE-2022-26134 |
Atlassian |
Confluence Server and Data Center |
The advisory includes recommendations for both vendors and developers of the products, as well as the end user.
Among the ACSC’s recommendations for vendors and developers were suggestions that businesses take strides to rule out entire classes of threats rather than relying on simply patching vulnerabilities as they become known.
“Business leaders should ensure that proactive steps to eliminate entire classes of security vulnerabilities rather than only making one-off patches when new vulnerabilities are discovered,” the advisory read.
Meanwhile, it recommends implementing secure-by-default protocols “such as eliminating default passwords, implementing single sign-on (SSO) technology via modern open standards, and providing high-quality audit logs to customers with no additional configuration and at no extra charge.”
For the end user, the advisory includes recommendations that users routinely update systems, catalogue their assets and perform backups.