SlideShare a Scribd company logo

Annual Vulnerability Report Insights - 2022

Download as PPTX, PDF
SecPod
SecPod

The document is SecPod Labs' 2022 annual vulnerability report. It summarizes key findings from SecPod's research in 2022, including over 26,000 vulnerabilities discovered, 191 widely exploited vulnerabilities, and 37 zero-day vulnerabilities. The top vulnerabilities of 2022 are described. SecPod's security intelligence coverage for 2022 is also summarized, including coverage of over 22,000 CVEs and 124 malware exploits. The report concludes with SecPod's milestones in 2022 and predictions for 2023 vulnerabilities.

Related slideshows

July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
 
2023 May Patch Tuesday
2023 May Patch Tuesday2023 May Patch Tuesday
2023 May Patch Tuesday
 
1 of 21
SecPod Labs Intelligence Series 2022 Annual Vulnerability Report Insights Webcasts Host – Sakshi Dhiman Veerendra GG and Pooja Shetty Security Intelligence Team
TODAY’S AGENDA 2023 Vulnerability Predictions Questions and Answers Top Vulnerabilities of 2022 02 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY SecPod’s Security Coverage
Annual Vulnerability Report  Vulnerabilities Discovered January - December 2022  Top Vulnerabilities  Top Affected Products  SecPod’s Security Coverage  Key Insights and Predictions 03 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Key Findings From SecPod’s Research 04 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY 26288 Vulnerabilities discovered in 2022 191 Vulnerabilities wildly exploited 37 Zero Day Vulnerabilities 124 Malware Exploiting Vulnerabilities
Vulnerability Trend 2022 05 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Vulnerabilities Discovered in 2022 06 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Vulnerability Severity Distribution Based on CVSSv3 07 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Top 10 Affected Operating Systems 08 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Top 10 Affected Applications 09 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Top Vulnerabilities of 2022 01 0 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
Products Affected  Remote PHP Code Execution  Web shell deployment  Remote access trojan (RAT) Adobe Commerce versions 2.4.3-p1 and earlier and 2.3.7- p2 and earlier CVE ID CVE-2022-24086 Unauthenticated Remote Code Execution in Adobe Commerce 11 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
Products Affected  An authentication bypass vulnerability allows remote code execution. Sophos Firewall v18.5 MR3 (18.5.3) and older CVE ID CVE-2022-1040 An Authentication Bypass Vulnerability in Sophos Firewall 12 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
Products Affected   Once privilege escalation is achieved attackers use it for further deploying malware, accessing confidential information.  This could allow them to spread laterally inside the network, create new administrator users, and run privileged command  The vulnerability was under active exploitation Windows 10 1809 and above including servers CVE ID CVE-2022-21882 Local Privilege Escalation Vulnerability in Microsoft Windows 13 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
Products Affected  Type confusion vulnerability in Apple's Webkit web browser browsing engine. This bug was actually reported and initially fixed in 2013. In 2016 the fix was regressed  The vulnerability was under active exploitation Safari 15.3, iOS 15.3, macOS 12.2 and earlier CVE ID CVE-2022-42856 Type confusion vulnerability in Apple's Webkit web browser engine. 14 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
Products Affected  StringSubstitutor interpolator is not as widely used as the string substitution in Log4j, which led to Log4Shell.  The severity is Critical due to the easy exploitability and the huge potential impacts in terms of confidentiality, integrity and availability. Apache Commons Text Library CVE ID CVE-2022-42889 Text4shell RCE in String Substitutor interpolator class in Apache Commons Text Library 15 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
Products Affected  The issue results from the lack of validating the existence of an object prior to performing operations on the object Linux kernel: before 5.15.61 CVE ID CVE-2022-47939 Linux Kernel ksmbd Critical Use-After-Free Remote Code Execution Vulnerability 16 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
SecPod’s Security Intelligence Coverage in 2022 7 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY  Total CVEs Covered: 22597  Zero-day CVEs Covered: 34  CISA Vulnerability Coverage: 741/868  Total Misconfigurations covered: 2938  Total MVEs Covered: 124 Posture Anomaly Computation Rules  75+ rules to discover anomalies, outliers, and aberrations in IT infrastructure Common Remediation Enumeration (CRE) Coverage  Application Patches: 1152  Third-party patches: 802  Misconfiguration patches: 2812  OS Patches: All Latest Versions CVE Coverage Based on Platforms  Windows: 1380  Linux: 8074  macOS: 2416
2022’s Milestones 18 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY 24-30 hours is the average time taken to support latest vulnerabilities 85% of Microsoft & Apple security advisories were covered within 30 hours 100% of discovered Zero Days were covered 86.4% of the Zero days can be fixed using SanerNow (except Mobile and Network devices) 1.1+ billion scans performed in 2022 99.999645%scan accuracy rate achieved
2023 Vulnerability Predictions 19 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
QUESTIONS? 20 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
ACHIEVE CYBER HYGIENE TRY SANERNOW FREE For enquiries, contact us at: Email: info@secpod.com | Tech Support: support@secpod.com Phone: (+1) 918 625 3023 (US) | (+91) 80 4121 4020 (IN) WWW.SECPOD.COM To request a free trial account, visit our website or email us at info@secpod.com

More Related Content

Annual Vulnerability Report Insights - 2022

  • 1. SecPod Labs Intelligence Series 2022 Annual Vulnerability Report Insights Webcasts Host – Sakshi Dhiman Veerendra GG and Pooja Shetty Security Intelligence Team
  • 2. TODAY’S AGENDA 2023 Vulnerability Predictions Questions and Answers Top Vulnerabilities of 2022 02 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY SecPod’s Security Coverage
  • 3. Annual Vulnerability Report  Vulnerabilities Discovered January - December 2022  Top Vulnerabilities  Top Affected Products  SecPod’s Security Coverage  Key Insights and Predictions 03 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 4. Key Findings From SecPod’s Research 04 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY 26288 Vulnerabilities discovered in 2022 191 Vulnerabilities wildly exploited 37 Zero Day Vulnerabilities 124 Malware Exploiting Vulnerabilities
  • 5. Vulnerability Trend 2022 05 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 6. Vulnerabilities Discovered in 2022 06 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 7. Vulnerability Severity Distribution Based on CVSSv3 07 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 8. Top 10 Affected Operating Systems 08 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 9. Top 10 Affected Applications 09 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 10. Top Vulnerabilities of 2022 01 0 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 11. Products Affected  Remote PHP Code Execution  Web shell deployment  Remote access trojan (RAT) Adobe Commerce versions 2.4.3-p1 and earlier and 2.3.7- p2 and earlier CVE ID CVE-2022-24086 Unauthenticated Remote Code Execution in Adobe Commerce 11 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
  • 12. Products Affected  An authentication bypass vulnerability allows remote code execution. Sophos Firewall v18.5 MR3 (18.5.3) and older CVE ID CVE-2022-1040 An Authentication Bypass Vulnerability in Sophos Firewall 12 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
  • 13. Products Affected   Once privilege escalation is achieved attackers use it for further deploying malware, accessing confidential information.  This could allow them to spread laterally inside the network, create new administrator users, and run privileged command  The vulnerability was under active exploitation Windows 10 1809 and above including servers CVE ID CVE-2022-21882 Local Privilege Escalation Vulnerability in Microsoft Windows 13 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
  • 14. Products Affected  Type confusion vulnerability in Apple's Webkit web browser browsing engine. This bug was actually reported and initially fixed in 2013. In 2016 the fix was regressed  The vulnerability was under active exploitation Safari 15.3, iOS 15.3, macOS 12.2 and earlier CVE ID CVE-2022-42856 Type confusion vulnerability in Apple's Webkit web browser engine. 14 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
  • 15. Products Affected  StringSubstitutor interpolator is not as widely used as the string substitution in Log4j, which led to Log4Shell.  The severity is Critical due to the easy exploitability and the huge potential impacts in terms of confidentiality, integrity and availability. Apache Commons Text Library CVE ID CVE-2022-42889 Text4shell RCE in String Substitutor interpolator class in Apache Commons Text Library 15 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
  • 16. Products Affected  The issue results from the lack of validating the existence of an object prior to performing operations on the object Linux kernel: before 5.15.61 CVE ID CVE-2022-47939 Linux Kernel ksmbd Critical Use-After-Free Remote Code Execution Vulnerability 16 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Impact
  • 17. SecPod’s Security Intelligence Coverage in 2022 7 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY  Total CVEs Covered: 22597  Zero-day CVEs Covered: 34  CISA Vulnerability Coverage: 741/868  Total Misconfigurations covered: 2938  Total MVEs Covered: 124 Posture Anomaly Computation Rules  75+ rules to discover anomalies, outliers, and aberrations in IT infrastructure Common Remediation Enumeration (CRE) Coverage  Application Patches: 1152  Third-party patches: 802  Misconfiguration patches: 2812  OS Patches: All Latest Versions CVE Coverage Based on Platforms  Windows: 1380  Linux: 8074  macOS: 2416
  • 18. 2022’s Milestones 18 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY 24-30 hours is the average time taken to support latest vulnerabilities 85% of Microsoft & Apple security advisories were covered within 30 hours 100% of discovered Zero Days were covered 86.4% of the Zero days can be fixed using SanerNow (except Mobile and Network devices) 1.1+ billion scans performed in 2022 99.999645%scan accuracy rate achieved
  • 19. 2023 Vulnerability Predictions 19 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 20. QUESTIONS? 20 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
  • 21. ACHIEVE CYBER HYGIENE TRY SANERNOW FREE For enquiries, contact us at: Email: info@secpod.com | Tech Support: support@secpod.com Phone: (+1) 918 625 3023 (US) | (+91) 80 4121 4020 (IN) WWW.SECPOD.COM To request a free trial account, visit our website or email us at info@secpod.com