Wednesday, May 7, 2025
HomeCyber Security NewsCISA Advisory of Top 42 Frequently Exploited Flaws of 2022

CISA Advisory of Top 42 Frequently Exploited Flaws of 2022

Published on

SIEM as a Service

Follow Us on Google News

The Cybersecurity and Infrastructure Security Agency (CISA) has published a report which was co-authored by the NSA, FBI, and the FYEY (Five Eyes) from different countries.

The report provides a complete insight into the Common Vulnerabilities and Exposures (CVEs) that were frequently exploited by threat actors.

As per the report, threat actors have been relying on outdated software vulnerabilities for exploitation instead of those disclosed recently. Systems that were exposed to the internet and left unpatched were mostly targeted.

- Advertisement - Google News

The Exploitation of Vulnerabilities in 2022

In 2022, threat actors were found to be exploiting known vulnerabilities within two years of their public exposure. Most of the exploited vulnerabilities had Proof-of-concept (PoC) available publicly.

However, timely patching of these vulnerabilities will reduce threat actor operations resulting in the malicious actors switching to a more time-consuming process like a Zero-Day exploit or conducting software supply chain operations).

Top Exploited Vulnerabilities

The most exploited vulnerability of 2022 was CVE-2018-13379 which affected Fortinet SSL VPNs. Moreover, this vulnerability was one of the most exploited in 2020 as well as in 2021.

Many organizations still haven’t patched this vulnerability which gives more space for malicious actors.

Atlassian had two vulnerabilities CVE-2021-26084 (arbitrary code execution) and CVE-2022-26134 (Remote code execution), which were exploited mostly in 2022. Both of these belong to Confluence Server and Data Center.

Microsoft Exchange email servers had three CVEs CVE-2021-34473, CVE-2021-31207, and CVE-2021-34523 which were frequently exploited in 2022. All of these vulnerabilities are known as ProxyShell which can allow a threat actor to execute arbitrary code.

VMware Workspace ONE Access, Identity Manager, and other VMware products had two vulnerabilities CVE-2022-22954 and CVE-2022-22960 which were mostly targeted by threat actors.

These vulnerabilities were RCE, Privilege Escalation, and Authentication.

Furthermore, the CISA has released a list of 42 vulnerabilities that were exploited by threat actors very often and they are yet to be patched by many organisations.

Users of the specified products are recommended to upgrade their products to the latest patched version to avoid exploitation by threat actors.

It is a best practice to keep track of the recent patches and the versions of software that are under use in an organization.

Keep yourself informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by...

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution,...

CISA Warns of Cyber Threats to Oil and Gas SCADA and ICS Networks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert warning critical...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by...

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution,...