In the first seven-and-a-half months of 2024, the number of newly-disclosed common vulnerabilities and exposures (CVEs) increased by 30%, rising from 17,114 to 22,254, as reported by Qualys researchers. Out of these vulnerabilities, only 0.9% were weaponised by threat actors, mostly targeting public-facing applications and remote services for initial access and lateral movement.
While this may seem like positive news, Qualys emphasized that these vulnerabilities still pose a significant threat and require focused defensive measures. The most severe threats are represented by the small fraction of vulnerabilities that are actively exploited, with weaponised exploits and instances of ransomware, malware, or confirmed exploitation.
To effectively combat these threats, Qualys recommends prioritising actively exploited vulnerabilities, utilizing threat intelligence, and conducting regular scans for new vulnerabilities. Integration of threat intelligence into a vulnerability management tool is crucial for enterprise security.
The most exploited vulnerabilities in 2024 so far include command injection flaws, authentication bypass flaws, security feature bypass flaws, elevation of privilege flaws, and remote code execution flaws in various software products. The majority of these vulnerabilities are included in CISA’s Known Exploited Vulnerabilities catalogue for patching across US government agencies.
The increase in CVE volumes reflects the growing complexity of software and technology usage, requiring advanced vulnerability management strategies. Additionally, there has been a 10% increase in the weaponisation of older CVEs this year, highlighting the importance of staying proactive and not falling behind threat actors. It is crucial for organizations to shift from a reactive security posture to a more proactive and preventative approach to cybersecurity.