Cybersecurity report shows 30% rise in vulnerabilities

According to the Qualys 2024 Midyear Threat Landscape Review, the number of reported Common Vulnerabilities and Exposures (CVEs) has risen by 30% in the last year, reaching a total of 22,254.

This increase underscores the growing complexity of software and the widespread adoption of technology, both of which require advanced and dynamic strategies to mitigate evolving cybersecurity threats.

The report indicates a 10% increase in the weaponisation of older CVE vulnerabilities. This trend highlights the importance of not only staying ahead in the cybersecurity landscape but also ensuring that legacy vulnerabilities are adequately addressed. Despite the fact that only 1% of CVEs identified this year have been weaponised, these represent the most severe threats, actively exploited through ransomware, threat actors, malware or confirmed instances of wild exploitation.

Qualys' findings also note a heightened focus on exploiting public-facing applications for initial access, as well as leveraging remote services for lateral movement within networks. This shift in tactics necessitates a strategic approach to securing public-facing assets and monitoring remote services closely.

Sam Salehi, Managing Director for Australia and New Zealand, commented on the evolving threat landscape: "No company has the resources and skills available to address every vulnerability, especially in today's world where the threats landscape continues to grow in volume, velocity, and variety. It is therefore critical that they address those critical vulnerabilities that present significant and material risks to the business, first."

"Tools like Qualys Vulnerability Score (QVS) for proactive prioritisation and response are crucial in helping organisations use advanced threat intelligence so that they can protect critical assets and foster trust in our interconnected world."

The report emphasises the ongoing need to prioritise vulnerabilities, with 62.6% of vulnerabilities ranked 95 or higher out of 100 on the Qualys Vulnerability Score (QVS). Nearly half of these, amounting to 49.4%, were considered CVSS critical, signalling their critical importance for enterprises.

The Qualys Threat Research Unit (TRU) has identified a group of the most exploited vulnerabilities in 2024 as particularly prevalent targets for cyberattacks. These top 10 critical vulnerabilities require immediate attention and action from cybersecurity teams to mitigate risks effectively and protect sensitive systems.

In addition to these top ten, the report identified three other critical vulnerabilities that organisations must address immediately. Each of these vulnerabilities presents a significant risk to network security and requires prompt action. The vulnerabilities are:

- CVE-2023-22527 (Atlassian Confluence): This severe remote code execution vulnerability, with a QVS of 95 and a CVSS score of 9.8, allows attackers to run arbitrary code on affected installations.

- CVE-2023-48788 (FortiClient EMS): This SQL injection flaw, which scores a QVS of 95 and a CVSS of 9.8, poses a high risk by allowing attackers to manipulate databases and access sensitive information.

- CVE-2024-24919 (Check Point Security Gateways): This information disclosure vulnerability, although it has a slightly lower CVSS score of 8.6 and a QVS of 95, can leak sensitive data.

The 2024 Midyear Threat Landscape Review was compiled by the Qualys TRU using rigorously anonymised data to maintain confidentiality and integrity. The vulnerabilities are ranked based on their prevalence and impact, integrating multiple factors such as CVSS base scores, exploit code maturity, real-time threat indicators, and evidence of active exploitation for a comprehensive assessment.