A group of national cybersecurity organizations has published a list of the most exploited vulnerabilities in 2023. In first place is Citrix’s Netscaler.
Many of the fifteen most exploited vulnerabilities were primarily exploited as zero-days. This means that the attackers were already abusing them, before their creators had time to release a patch.
At the top of the list are two vulnerabilities in Citrix products, namely CVE-2023-3519 in Citrix Netscaler ADC and CVE-2023-4966 in Citrix Gateway. Both were discovered last year and should (hopefully!) be fixed now.
The list was compiled by security agencies including CISA, FBI and NSA in the United States, as well as police agencies in Canada, Australia, New Zealand and the United Kingdom. The fifteen vulnerabilities in question are those which were most often exploited in 2023, partly because there was no patch yet and partly also because of their ‘usefulness’ for cyber-gangs.
The list includes numerous software and hardware vulnerabilities intended to facilitate access to a network. Third and fourth, for example, are vulnerabilities in Cisco networking products, and further down are VPNs, firewalls and authentication software. The full list is here.
