- Five Eyes alliance has revealed the most exploited vulnerabilities of 2023
- Zero-day exploits were the primary concern, with CVE-2023-3519 was at the top of the list
- Businesses urged to patch as soon as possible to stay safe
The Five Eyes intelligence alliance has revealed the most routinely exploited vulnerabilities for 2023. The joint advisory, made with contributions from agencies in the US, UK, Australia, New Zealand, and Canada, has called for organizations to patch the security flaws to mitigate network exposure.
The agencies confirmed what many in the industry will know all too well, that threat actors focus their attacks on zero-day attacks, with 12 out of the top 15 exploited vulnerabilities initially exploited as a zero-day.
“In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets,” the advisory warned.
Injections and escalations
The top vulnerability for 2023 was CVE-2023-3519, a code injection in NetScaler ADC/Gateway using Citrix as the vendor, which was the tactic used in critical infrastructure attacks in the US last year, and had a severity rating of 9.8, making it a critical flaw.
Another high severity flaw in the top three, CVE-2023-20198, was one that Cisco issued a patch for in October 2023, which allowed attackers to create accounts on affected devices with privileged access, gaining full control over the device.
The agencies, as always, strongly encouraged end-user organizations to continually update software and applications, implement a robust patch management process, and perform regular secure systems backups to ensure your company stays safe against cyberattacks.
“Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability,” the advisory warned,
“The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities.”