"Most Disclosed ICS Vulnerabilities are Low Complexity"

Securing researchers at Claroty during new research have found that industrial control system (ICS) vulnerability disclosures have surged, and most vulnerabilities reported are low complexity.  The researchers found that the volume of disclosures has increased by 110% over the last four years.  In the second half of 2021, 797 vulnerabilities were published, representing a 25% increase from the 637 reported over the first six months of 2021.  The researchers noted that 87% of vulnerabilities are low complexity, meaning they don’t require special conditions, and an attacker can expect repeatable success every time.  ICS vulnerabilities are not limited to operational technology (OT), as just over a third (34%) of disclosures affected IoT, IoMT, and IT assets.  The researchers stated that nearly two-thirds (64%) of vulnerabilities reported require no user interaction, and 70% don’t require special privileges before successfully exploiting a vulnerability.  Just under two-thirds of the vulnerabilities (63%) disclosed may be exploited remotely through a network attack vector.  The researchers found that the leading potential impact of the vulnerabilities disclosed is remote code execution (prevalent in 53% of vulnerabilities), followed by denial-of-service conditions (42%), bypassing protection mechanisms (37%), and allowing the adversary to read application data (33%).

Infosecurity reports: "Most Disclosed ICS Vulnerabilities are Low Complexity"