Attack Surface Status - Week 24

Posted by Reposify on Jun 17, 2020 7:01:32 PM
Reposify
Find me on:

This week we analyzed all the assets that are currently exposed to the internet for unpatched vulnerabilities.

Here are a few fun facts:

94% of The Unpatched Vulnerabilities are More Than 1 Year Old

Is it any surprise that so many vulnerabilities remain unpatched for so long when on average 64% of organizations' internet-facing assets are under security teams' radar? 

 

Picture2

 

9 Out of the 10 Most Commonly Unpatched Critical CVEs Affect Web Servers

  • Verizon’s 2020 data breach investigations report states that web applications are the top hacking vector in breaches and were involved in 43% of breaches.
  • Another fun fact is that vulnerability exploitation is the second most common type of hacking in breaches.
  • Reposify's data reveals that exposed web servers are the asset type most affected by unpathced critical CVEs. It is no surprise then that they are hackers' favorite. 

175 CWEs Groups Cover 40% of the Unpatched CVEs of Exposed Assets 

We analyzed all the exposed assets for unpatched critical CVEs. This chart presents the 5 most common CWE groups.

CWE

 


Discover the Unknown Risks in Your Attack Surface

Get Free Report

 

Topics: "Respoify IoT Scanner", "risk assessment", "Attack Surface Management", "CVE"