Canberra, November 14, 2024 – The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has collaborated with international partners to publish a report detailing the most commonly exploited vulnerabilities of 2023, highlighting a concerning rise in zero-day exploits.
The joint advisory, titled 2023 Top Routinely Exploited Vulnerabilities,” was co-authored by agencies from the Five Eyes alliance, including the US Cybersecurity and Infrastructure Security Agency, the UK’s National Cyber Security Centre, and New Zealand’s National Cyber Security Centre. The report identifies the 15 most frequently exploited vulnerabilities used by threat actors this year.
One of the advisory’s most alarming findings is the increase in zero-day exploits, with the majority of the top exploited vulnerabilities in 2023 initially being exploited as zero-days. This marks a significant rise from 2022, where less than half of the top exploited vulnerabilities fell into this category. The agencies noted that vulnerabilities tend to be most effective within two years of their disclosure, after which systems are typically patched or remediated.
The report lists CVE-2023-3519 and CVE-2023-4966 as the two most exploited vulnerabilities, both affecting Citrix NetScaler ADC and NetScaler Gateway. Other notable vulnerabilities include CVE-2023-20198 and CVE-2023-20273, impacting Cisco IOS XE, and CVE-2023-27997, which affects Fortinet FortiOS and FortiProxy SSL-VPN.
Experts emphasize the necessity of automation in vulnerability management. James Greenwood, regional vice president at Tanium, stated, “It’s impossible for the average IT operations teams to keep up with zero-day, and even existing, vulnerabilities without automation.” He highlighted that automated patching enables teams to transition from reactive to proactive vulnerability management, ensuring systems remain up-to-date.
Janine Morris, industry engagement lead at AvePoint, stressed the importance of proper data governance to mitigate risks associated with vulnerabilities. She advocated for classifying and controlling access to critical data to limit exposure and prevent unauthorized access in the event of a breach. “Strong governance ensures sensitive data remains protected, even when vulnerabilities are exploited,” Morris added.
The ACSC’s advisory underscores the urgent need for organizations to adopt real-time monitoring tools to manage vulnerabilities effectively and respond swiftly to potential threats.
