"More Than 26,000 Vulnerabilities Discovered in 2023"
According to security researchers at Qualys Threat Research Unit (TRU), a total of 26,447 vulnerabilities were disclosed in 2023, surpassing the previous year by over 1500 CVEs. Notably, less than 1% of these vulnerabilities posed the highest risk, being actively exploited in the wild by ransomware, threat actors, and malware. The researchers also found that 97 high-risk vulnerabilities, likely to be exploited, were not part of the CISA Known Exploited Vulnerabilities catalog, and 25% of high-risk vulnerabilities were exploited the same day they were published. The deep dive into the vulnerability threat landscape also highlighted that over 7000 vulnerabilities had proof-of-concept exploit code, while 206 had weaponized exploit code, increasing the likelihood of successful compromises. The researchers revealed that 32.5% of high-risk vulnerabilities affected network devices and web applications, emphasizing the need for a comprehensive vulnerability management strategy. The researchers also shed light on the mean time to exploit high-risk vulnerabilities in 2023, standing at 44 days.
Infosecurity reports: "More Than 26,000 Vulnerabilities Discovered in 2023"