Increase in Cybersecurity Vulnerabilities Noted in 2023
/ 3 min read
Quick take - In 2023, the rise in zero-day vulnerabilities, particularly those linked to Cisco products and critical infrastructure risks, has prompted a joint advisory from major cybersecurity agencies urging organizations to address and mitigate these threats.
Fast Facts
- In 2023, zero-day vulnerabilities have surged, particularly affecting Cisco products, with one-third of the top 15 vulnerabilities linked to them.
- The most critical vulnerability identified is CVE-2023-3519, a code injection issue impacting NetScaler ADC and Gateway, posing risks to U.S. critical infrastructure.
- A joint advisory from CISA, NSA, FBI, and Five Eyes partners highlights the urgency of addressing these vulnerabilities, including the notorious Apache Log4Shell (CVE-2021-44228).
- Experts stress the importance of immediate patching for severe vulnerabilities, particularly in HPE Aruba Networking Access Point products, despite no active exploitation evidence.
- A new vulnerability in Microsoft Bookings raises concerns about potential impersonation attacks, emphasizing the need for organizations to enhance cybersecurity measures and remain vigilant.
Zero-Day Vulnerabilities in 2023: A Growing Concern
In 2023, zero-day vulnerabilities have become a significant concern in the cybersecurity landscape. There has been an increase in exploitation compared to the previous year, with a substantial portion of these exploited vulnerabilities linked to Cisco products. Approximately one-third of the top 15 vulnerabilities are associated with Cisco.
Critical Vulnerabilities Identified
The most critical vulnerability identified is CVE-2023-3519, a code injection issue affecting NetScaler ADC and Gateway. This vulnerability poses a risk to critical infrastructure in the United States. Prominent cybersecurity agencies issued a joint advisory highlighting the urgency of these vulnerabilities. The advisory was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the FBI, with participation from their counterparts in the United Kingdom, Canada, Australia, and New Zealand, collectively known as the Five Eyes.
The advisory underscored the ongoing threat posed by various vulnerabilities, including the notorious Apache Log4Shell bug (CVE-2021-44228) and the Fortinet FortiOS/FortiProxy SSL-VPN heap-based buffer overflow (CVE-2023-27997). Jeffrey Dickerson, the NSA Cybersecurity Technical Director, emphasized the critical need for organizations to patch and mitigate these vulnerabilities, warning that exploitation trends are likely to continue into 2024 and 2025.
Urgent Call to Action
Researchers from Arctic Wolf have urged immediate patching for severe vulnerabilities affecting specific versions of HPE Aruba Networking Access Point products. The affected versions include AOS-10.4.x.x: 10.4.1.4 and below, Instant AOS-8.12.x.x: 8.12.0.2 and below, and Instant AOS-8.10.x.x: 8.10.0.13 and below. There is currently no evidence indicating active exploitation of these vulnerabilities.
Additionally, a newly discovered vulnerability in Microsoft Bookings has raised concerns. This vulnerability allows for the default creation of Shared Booking Pages, which could facilitate impersonation attacks by enabling the generation of legitimate-looking email addresses for malicious purposes, as reported by cybersecurity firm Cyberis.
The convergence of these vulnerabilities signifies an urgent call to action. Organizations are urged to enhance their cybersecurity measures and remain vigilant against potential threats.
Original Source: Read the Full Article Here
