Vulnerability Report 2024: A Year of Exploitation

Introduction

As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year.

Exploitation Trends

Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said that 23.6% of known exploited vulnerabilities (KEV) were known to be weaponized either on or before the day their CVEs were publicly disclosed.

Comparison with 2023

This marks a slight decrease from 2023’s 26.8%, indicating that exploitation attempts can take place at any time in a vulnerability’s lifecycle.

Publicly Exploited CVEs

"During 2024, 1% of the CVEs published were reported publicly as exploited in the wild," VulnCheck’s Patrick Garrity said in a report shared with The Hacker News. "This number is expected to grow as exploitation is often discovered long after a CVE is published."

Top Exploited Vulnerabilities

The report comes over two months after the company revealed that 15 different Chinese hacking groups out of a total of 60 named threat actors have been linked to the abuse of at least one of the top 15 routinely exploited vulnerabilities in 2023.

Log4j CVE

"Not surprisingly, the Log4j CVE (CVE-2021-44228) is associated with the most threat actors overall, with 31 named threat actors linked to its exploitation," Garrity noted late last year, adding the company identified 65,245 hosts potentially vulnerable to the flaw.

Potential Vulnerable Systems

In all, there are roughly 400,000 internet-accessible systems likely susceptible to attacks stemming from the exploitation of 15 security shortcomings in Apache, Atlassian, Barracuda, Citrix, Cisco, Fortinet, Microsoft, Progress, PaperCut, and Zoho products.

Recommendations

"Organizations should evaluate their exposure to these technologies, enhance visibility into potential risks, leverage robust threat intelligence, maintain strong patch management practices, and implement mitigating controls, such as minimizing internet-facing exposure of these devices wherever possible," VulnCheck said.

Stay Informed

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.