MITER Reveals 25 Most Dangerous Software Flaws in 2023: Are You at Risk?


June 30, 2023Ravie LakshmananSoftware Vulnerability/Security

The Most Dangerous Software Flaws

MITER has released its annual list of the top 25 “most dangerous software vulnerabilities” for 2023.

“This flaw creates a serious software vulnerability,” the US Cybersecurity and Infrastructure Agency (CISA) said. said. “An attacker can often exploit these vulnerabilities to take control of an affected system, steal data, or prevent applications from running.”

That list based on a analysis public vulnerability data in the National Vulnerability Data (NVD) for mapping the root causes of weakness in CWE over the previous two years. A total of 43,996 CVE entries were examined and scores are attached to each based on prevalence and severity.

Top exit is Out-of-bounds Write, followed by Cross-site Scripting, SQL Injection, Use After Free, OS Command Injection, Improper Input Validation, Read Out-of-bounds, Path Traversal, Cross-Site Request Forgery ( CSRF ), and Unlimited File Upload of Malicious Types. Out-of-bounds Write also takes the top spot in 2022.

Cyber ​​security

70 vulnerabilities added to the Known Exploited Vulnerabilities (KEV) catalog in 2021 and 2022 are Write Out of Bounds bugs. One weakness category that fell out of the Top 25 was Improper XML External Entity Reference Restrictions.

“Trend analysis on vulnerability data like this enables organizations to make better investment and policy decisions in vulnerability management,” the Common Weakness Enumeration (CWE) research team said.

Apart from software, MITER also keeps lists important hardware flaws with the aim of “preventing hardware security problems at their source by educating designers and programmers on how to eliminate critical errors early in the product development lifecycle.”

The revelations came as CISA, along with the US National Security Agency (NSA), was released recommendations and best practices for organizations to strengthen their Continuous Integration/Continuous Delivery (CI/CD) environment against malicious cyber actors.

These include implementing strong cryptographic algorithms when configuring cloud applications, minimizing the use of long-term credentials, adding secure code signing, using a two-person rule (2PR) to review developer code commitments, adopting the principle of least privilege (PoLP), using network segmentation, and regularly audit accounts, secrets, and systems.

Cyber ​​security

“By implementing the proposed mitigations, organizations can reduce the number of exploit vectors into their CI/CD environment and create a challenging environment for adversaries to penetrate,” the agency said.

The development also follows new findings from Censys that nearly 250 devices running on various US government networks have opened remote management interfaces on the open web, many of which run remote protocols such as SSH and TELNET.

“The FCEB agency is requested to take action in accordance with BOD 23-02 within 14 days of identifying any of these devices, either by securing them according to the concept of Zero Trust Architecture or removing the device from the public internet,” researcher Censys said.

Publicly accessible remote management interfaces have emerged as one of the most common avenues for attacks by hackers and cybercriminals, with remote desktop protocol (RDP) exploits and VPNs being the preferred early access techniques over the past year, according to a new report from ReliaQuest.

Found this article interesting? Follow us on Twitter And LinkedIn to read more exclusive content we post.


Source link

Related Articles

Back to top button