Security News > 2024 > January > 45% of critical CVEs left unpatched in 2023
Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs remaining unpatched.
The educational services industry has a significantly higher percentage of servers with unpatched weaponised Common Vulnerabilities and Exposures, compared to the general average of 10%. Industries still using end-of-life or EoS OSs that are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer: Educational services, retail trade, healthcare, manufacturing and public administration.
Security professionals found themselves grappling with an overwhelming number of vulnerabilities in 2023, making prioritization and remediation an increasingly complex challenge.
This proliferation of vulnerabilities is further exacerbated by the staggering figure of over 3.6 billion CVEs associated with active assets.
Organizations continue to face a formidable challenge in prioritizing and remedying critical vulnerabilities within their cybersecurity landscape.
Despite maintaining similar patch rates across severity levels, the actual number of critical CVEs being patched remains notably low.
News URL
https://www.helpnetsecurity.com/2024/01/25/cybersecurity-attack-attempts-increase/
Related news
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)