"Unpatched Vulnerabilities: A Growing Threat in 2022"

The Cybersecurity and Infrastructure Security Agency (CISA) and other international cybersecurity agencies have released a joint advisory detailing the top routinely exploited vulnerabilities in 2022. Malicious cyber actors have been targeting older software vulnerabilities and unpatched, internet-facing systems. The advisory provides recommendations for vendors, designers, developers, and end-user organizations to mitigate the risk of compromise. The top 12 vulnerabilities include Fortinet SSL VPNs, Microsoft Exchange email servers (ProxyShell), Zoho ManageEngine ADSelfService Plus, Atlassian Confluence Server, Apache's Log4j library (Log4Shell), and VMware Workspace ONE Access. Additional vulnerabilities were also identified, emphasizing the importance of timely patching and implementing security measures.