Leading cybersecurity agencies, including the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and their international counterparts, have jointly issued a Cybersecurity Advisory (CSA) focusing on the most frequently exploited software vulnerabilities in 2022. The CSA aims to address the critical issue of malicious actors targeting unpatched systems and applications using known vulnerabilities, some of which have been in circulation for over five years.
The 2022 Top Routinely Exploited Vulnerabilities advisory delineates the Common Vulnerabilities and Exposures (CVEs) most consistently leveraged by cybercriminals to infiltrate unpatched systems. This advisory encapsulates vulnerabilities known from 2017 to 2022 that remain unmitigated. The collaborating agencies urge immediate patching of these CVEs to curtail the risk of compromise.
The collaboration extends beyond U.S. borders, involving esteemed partners like the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK).
Neal Ziring, Technical Director for NSA’s Cybersecurity Directorate, highlighted the persistent issue of organizations employing outdated software, creating potential entry points for cyber actors. Ziring noted that older vulnerabilities can be cost-effective yet impactful methods for cyber actors to gain access to sensitive data.
In 2022, more than 25,000 new security vulnerabilities were documented by the Common Vulnerabilities and Exposures (CVE) Program. From this vast pool, the CSA underscores that only five vulnerabilities were among the top 12 routinely exploited by malicious cyber actors in 2022.
Notably, several vulnerabilities listed in this advisory were also present in the “2021 Top Routinely Exploited Vulnerabilities” CSA and were exploited anew in 2022. Some vulnerabilities listed were exploited by People’s Republic of China State-Sponsored Cyber Actors, including PRC state-sponsored cyber actors, underlining their continued relevance.
To enhance cybersecurity readiness, the advisory prescribes the implementation of the suggested mitigations. The participating agencies advocate for prioritizing the scanning and patching of vulnerable software. These recommendations emphasize secure design principles and tactics, timely application of patches, and the use of security tools such as endpoint detection and response (EDR), web application firewalls, and network protocol analyzers.
In a rapidly evolving digital landscape, this collaborative effort demonstrates a collective commitment to fortify defenses against persistent cyber threats and underscores the significance of proactive patch management to thwart potential breaches.