This week we analyzed all the assets that are currently exposed to the internet for unpatched vulnerabilities.
Here are a few fun facts:
94% of The Unpatched Vulnerabilities are More Than 1 Year Old
Is it any surprise that so many vulnerabilities remain unpatched for so long when on average 64% of organizations' internet-facing assets are under security teams' radar?
9 Out of the 10 Most Commonly Unpatched Critical CVEs Affect Web Servers
- Verizon’s 2020 data breach investigations report states that web applications are the top hacking vector in breaches and were involved in 43% of breaches.
- Another fun fact is that vulnerability exploitation is the second most common type of hacking in breaches.
- Reposify's data reveals that exposed web servers are the asset type most affected by unpathced critical CVEs. It is no surprise then that they are hackers' favorite.
5 CWEs Groups Cover 40% of the Unpatched CVEs of Exposed Assets
We analyzed all the exposed assets for unpatched critical CVEs. This chart presents the 5 most common CWE groups.
Discover the Unknown Risks in Your Attack Surface