Security News > 2020 > February > A third of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above

A third of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above
2020-02-19 06:00

Risk Based Security's VulnDB team aggregated 22,316 newly-disclosed vulnerabilities during 2019, finding that 37.26% had available exploit code or a Proof of Concept and that 33.43% of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above.

Risk Based Security also identified a total of 302 vulnerabilities impacting Electronic Voting Machines, 289 of which have no known solution.

"As with any device that relies on code, there are vulnerabilities that can affect the system's integrity and you don't want anyone tampering with them. Only 13 EVM vulnerabilities have a known solution. To make matters worse, of those, only one has a CVE ID assigned and can be found cataloged in the U.S. National Vulnerability Database," said Brian Martin, VP of Vulnerability Intelligence at Risk Based Security.

The full research is highlighted in the just released 2019 Year End Vulnerability QuickView Report.

With 2019 reaching an all-time high of 327 vulnerabilities being disclosed in a single day, Risk Based Security maintains that the practice, despite its initial good intentions is turning into a "Nightmare" for many organizations.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/QVNcCArplAk/