According to the Qualys 2024 Midyear Threat Landscape Review:
- The number of reported Common Vulnerabilities and Exposures (CVEs) rose by 30% in the last year to 22,254. These numbers reflect rising software complexity and the broader use of technology, necessitating advanced and dynamic vulnerability management strategies to mitigate evolving cybersecurity threats.
- Older CVE vulnerabilities are the main focus for bad actors with a 10% increase in the weaponisation of known CVEs. This is a stark reminder that cybersecurity is not just about staying ahead but also about not falling behind.
- 1% of CVE vulnerabilities identified this year have been weaponised. While this is a very small fraction, it accounts for the most severe threats that are being actively exploited through ransomware, threat actors, malware or confirmed wild exploitation instances.
- There has been an increased focus on exploiting public-facing applications for initial access and using remote services for lateral movement within networks.
Sam Salehi, Managing Director for Australia and New Zealand said, “No company has the resources and skills available to address every vulnerability, especially in todays’ world where the threats landscape continue to grow in volume, velocity and variety. It is therefore critical that they address those critical vulnerabilities that present significant and material risks to the business, first. Tools like Qualys Vulnerability Score (QVS) for proactive prioritisation and response are crucial in helping organisations use advanced threat intelligence so that they can protect critical assets and foster trust in our interconnected world.โ
Ongoing Need to Prioritise Vulnerabilities
A further 62.6% of vulnerabilities ranked 95/100 or above on the Qualys Vulnerability Score (QVS), signaling them as critically important for enterprises. Nearly half of these (49.4%) were considered CVSS critical.
Most Wanted: Top 10 Exploited Vulnerabilities
The Qualys Threat Research Unit (TRU) also identified a select group of โmost exploitedโ vulnerabilities have emerged in 2024 as particularly prevalent targets for cyberattacks.
Critical Contenders: Address Immediately
A further three vulnerabilities were identified as being critical for organizations to address immediately. While not included in the top 10, each presents a clear and present danger to network security and requires prompt attention from cybersecurity teams to mitigate risks effectively and protect sensitive systems.
- CVE-2023-22527 (Atlassian Confluence): This severe remote code execution vulnerability, with a QVS of 95 and a CVSS score of 9.8, allows attackers to run arbitrary code on affected installations.
- CVE-2023-48788 (FortiClient EMS): This SQL injection flaw, which scores a QVS of 95 and a CVSS of 9.8, poses a high risk by allowing attackers to manipulate databases and access sensitive information.
- CVE-2024-24919 (Check Point Security Gateways): This information disclosure vulnerability, although it has a slightly lower CVSS score of 8.6, and a QVS of 95, can leak sensitive data.
About the 2024 Midyear Threat Landscape Review
The report was compiled by the Qualys TRU (Threat Research Unit) using rigorously anonymised data to ensure that insights cannot be traced back to specific organisations or assets, and to maintain strict confidentiality and integrity. The vulnerabilities in it are ranked based on their prevalence and impact, integrating multiple factors such as CVSS base scores, exploit code maturity, real-time threat indicators, and evidence of active exploitation, among others, for a comprehensive assessment. For more detail, visit the Qualys blog.