Among the 20 application vulnerabilities, half were for Adobe Flash and 20% were by Microsoft Office.
Vulnerabilities are not slowing down. Some 15,038 new vulnerabilities were found in 2017, an increase in 53% from the 9,837 in 2016, according to Tenable’s Vulnerability Intelligence Report: A Risk-Centric Approach to Prioritization released on Wednesday. Currently, 2018 is on track to reach 18,000-19,000 new vulnerabilities, said the report.
Tenable’s research analyzed the prevalence of vulnerabilities based on the number of enterprises most affected in a single day, in an effort to give businesses insight into ongoing and active threats, said the report. Businesses must pay attention to vulnerability trends, as 61% of enterprise vulnerabilities were considered high severity.
An enterprise is locating an average of 870 common vulnerabilities and exposures (CVE) a day across 960 assets, indicating an incredibly high presence of risks across the board. But application vulnerabilities in particular are being targeted now more than ever, according to the report.
Between drive-by exploitation, cryptojacking, and phishing, cybercriminals use a slew of tactics to take advantage of application vulnerabilities, said the report. These vulnerabilities are typically discovered on end-user workstations and with clients, and as workforces become more distributed and mobile, companies must stay vigilant in assessing and fixing vulnerabilities, added the report.
In order to highlight the prevalence of application risks, Tenable found the top 20 application vulnerabilities in enterprise environments. And scarily enough, the most vulnerabilities were found in some of the most popular applications, according to the report. Out of the 20 application vulnerabilities, 50% were Adobe Flash and 20% were from Microsoft Office. Microsoft Office also stood out with the highest amount of high severity CVEs.
Here are the top 20 vulnerabilities found in the enterprise:
Commentaires récents