In 2022, malicious cyber actors continued exploiting known software vulnerabilities to target unpatched systems and applications, including some vulnerabilities that have been known for more than five years, according to a newly released joint Cybersecurity Advisory (CSA) from U.S. and foreign partner intelligence agencies.
The “2022 Top Routinely Exploited Vulnerabilities” CSA provides details on the top common vulnerabilities and exposures (CVEs) routinely exploited by malicious cyber actors who continue targeting unpatched systems and applications – all known vulnerabilities from 2017 to 2022 that have not been mitigated. The authoring agencies recommend immediate patching of these CVEs to reduce the risk of compromise.