Security News > 2021 > February > 57% of vulnerabilities in 2020 were classified as critical or high severity
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity - an all-time high.
CVEs in 2020 More security vulnerabilities were disclosed in 2020 than in any other year to date - at an average rate of 50 CVEs per day.
57% of vulnerabilities in 2020 were classified as being 'critical' or 'high' severity.
"When analysing the potential risk that vulnerabilities pose, organizations must consider more than just their severity score. Many CVEs are never or rarely exploited in the real world because they are too complex or require attackers to have access to high level privileges."
"Underestimating what appear to be low risk vulnerabilities can leave organizations open to 'chaining', in which attackers move from one vulnerability to another to gradually gain access at increasingly critical stages."
"Identifying which vulnerabilities to prioritise is a perennial challenge in IT security, especially as the number of CVEs only continues to grow. To aid decision-making, security teams need a practical understanding of the potential impact vulnerabilities pose and how readily they are being exploited in the wild."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/2r3OeEcWhz4/