In the fast-evolving world of technology and interconnectedness, cyberthreats have become a formidable challenge for businesses, governments, and individuals alike. To stay ahead in this relentless cat-and-mouse game with cybercriminals, the Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive report on the "2022 Top Routinely Exploited Vulnerabilities." This report sheds light on some of the most pervasive vulnerabilities that threat actors have consistently targeted and are expected to continue targeting in the future. To get ahead of threat actors, Cortex Xpanse uses policies to alert customers of any vulnerable assets facing the internet.
The Landscape of Major Vulnerabilities
The "2022 Top Routinely Exploited Vulnerabilities" touches on significant vulnerabilities spanning various technologies, including VMware, Fortinet, and Microsoft products. These widely used platforms have been exploited repeatedly, making them attractive targets for cybercriminals seeking to compromise digital assets.
Empowering Organizations with Xpanse's Cutting-Edge Solutions
While security teams may have the capacity to remediate these issues, being able to find every vulnerable asset connected to your organization can be a challenge. Automating discovery and inventory of assets and exposures it a necessity in a world where assets move, change, and are created in dynamic fashion.
Through continuous indexing of assets across the internet, Xpanse's researchers have discovered vulnerable instances of several critical technologies:
- VMWare Workspace One Access: At least 1,072 instances
- VMWare Workspace One Intelligence: 385 instances
- VMWare Workspace One Administrative Configurator: 80 instances
Xpanse has created a series of robust policies in the platform to identify assets exposed to these popular exploits.
Below is a list of top CVEs according to CISA and their associated Xpanse policy:
| CVE | Xpanse Policy |
|---|---|
| CVE-2018-13379 | Fortinet FortiOS |
| CVE-2021-34473 | Insecure Microsoft Exchange Server |
| CVE-2021-31207 | Insecure Microsoft Exchange Server |
| CVE-2021-34523 | Insecure Microsoft Exchange Server |
| CVE-2021-40539 | Zoho ManageEngine ADSelfService Plus |
| CVE-2021-26084 | Atlassian Confluence Data Center |
| CVE-2021-26084 | Insecure Atlassian Confluence Data Center |
| CVE-2021-26084 | Atlassian Confluence Server |
| CVE-2021-26084 | Insecure Atlassian Confluence Server |
| CVE-2022-22960 | VMware Workspace ONE Access Server |
| CVE-2022-22960 | VMware Workspace One Administrative Configurator |
| CVE-2022-22954 | VMware Workspace ONE Access Server |
| CVE-2022-22954 | VMware Workspace One Administrative Configurator |
| CVE-2022-1388 | F5 BIG-IP Advanced Web Application Firewall |
| CVE-2022-1388 | F5 BIG-IP Access Policy Manager |
| CVE-2022-1388 | F5 BIG-IP TMUI |
| CVE-2022-1388 | F5 BIG-IP Platform |
| CVE-2022-30190 | Microsoft Windows Server 2012 R2 |
| CVE-2022-26134 | Atlassian Confluence Data Center |
| CVE-2022-26134 | Insecure Atlassian Confluence Data Center |
| CVE-2022-26134 | Atlassian Confluence Server |
| CVE-2022-26134 | Insecure Atlassian Confluence Server |
| CVE-2021-44228 | Log4Shell-Vulnerable Apache Solr |
| CVE-2021-44228 | Log4Shell-Vulnerable IBM WebSphere Application Server |
| CVE-2021-44228 | Log4Shell-Vulnerable SonicWall Email Security |
| CVE-2021-44228 | Log4Shell-Vulnerable VMware Workspace ONE Access Server |
As the digital landscape continues to expand, so do the cyberthreats. The topics covered in the "2022 Top Routinely Exploited Vulnerabilities” report highlights how critical attack surface management solutions are to a fully holistic approach to Zero Trust. By leveraging Xpanse’s ability to index the global internet, organizations fill crucial gaps in their data and can truly leverage the rest of their security toolbox to safeguard all critical assets.