Total advisories: 1,055 ↑ (last month: 864).
Again a record breaking month, with 1,055 advisories being reported this month (September: 864)
2022 was already the record-breaking year with the highest number of Secunia Advisories reported, however 2023 has already exceeded 2022 in October by more than 10%! 2023 is on its way to crush 2022 with an approx. 25-35% increase!
Important conclusions from this month report are:
- Almost 56.87% of all vulnerabilities reported in this month have a “Remote Attack Vector” (last month 52.2%)
- The Secunia Research Team reported only 6 Extremely critical advisories this month. (Last month: 11)
- 18 Zero-Day Advisories reported. (last month :17) for Cisco, Citrix, Apple, Microsoft, Atlassian and Android
- Over 1,857 unique CVE’s (last month: 1,892) were covered in the 1055 Advisories.
- Threat Intelligence indicates again that Moderately Critical Vulnerabilities are targeted by hackers.
- More than 65% of all advisories are disclosed by these 5 usual suspect vendors (Suse, Oracle, Amazon, RedHat and Ubuntu )
- Juniper and F5 contributed to more than 70% of all Networking related Advisories this month.
- Last month we reported that 72.11% of all Secunia Advisories had a Threat (exploits, malware, ransomware, etc.) associated with them, this month the number has been higher to 73.36%
Using Threat Intelligence is going to help you with prioritizing what needs to be patched immediately.
Software Vulnerability – and Patch Management is becoming more and more important. Due to the ongoing global threats, attacks on critical infrastructures in many countries are increasing. Back in 2019 (just before Covid) patching was recommended within 30 days (or 14 days for CVSS score 7 or higher) Right now, hackers can deploy exploits within 1 week and even within 24 hours . This means that organizations need to prioritize even better to quickly patch vulnerabilities (especially the ones with threats associated with them)
Noticeable information and/or events this month:
- Oct. 4: Atlassian has disclosed an actively exploited critical zero-day vulnerability in publicly accessible Confluence Data Center and Server instances. There is evidence that a known nation-state actor is actively exploiting CVE-2023-22515.
- Oct. 4: Apple rolls out security patches for actively exploited iOS Zero-Day Vulnerability (CVE-2023-42824) for iOS prior to 16.6.
- Oct.10: Microsoft Patch Tuesday released 103 Microsoft including two zero-day CVE’s that have been actively exploited by malicious cyber actors. Secunia Research has bundled them in 10 Zero-day Advisories.
- Oct.10: Multiple zero-day vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway
- Oct.16: 2 zero-day Vulnerabilities in CISCO IOS XE Software Web UI Feature that can be used in a sophisticated attack using first CVE-2023-20198 to gain access and then exploit CVE-2023-20273 to elevate privilege to root.
- Oct.25: A malicious actor with network access to VMWare vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. (CVE-2023-34048)
Find the full report here:
As ever Jeroen, this is absolute gold dust - and that trend that seems forever upwards