Summary: A report by VulnCheck reveals a significant increase in the number of vulnerabilities (CVEs) reported as exploited for the first time in 2024, tallying at 768 incidents, a 20% rise from 2023. About 23.6% of these vulnerabilities were exploited before their public disclosure, suggesting that vulnerabilities can be exploited at any point in their lifecycle. The report emphasizes the necessity for organizations to disclose exploitation instances to enhance cybersecurity awareness.
Affected: Vulnerability Intelligence and Cybersecurity Organizations
Keypoints :
- 768 CVEs were reported as exploited in the wild for the first time in 2024, up from 639 in 2023.
- Only 1% of all published CVEs were marked as exploited, highlighting the potential for many more vulnerabilities to be discovered.
- Exploitation can occur at any stage of a vulnerability’s lifecycle, not just as ‘zero-day’ attacks.
- Averages of 30 to 50 CVEs were reported as exploited each month, with spikes linked to industry events and new resources.
- 112 unique sources were used to gather data on exploited vulnerabilities, indicating potential gaps in comprehensive coverage.
Source: https://www.securityweek.com/exploitation-of-over-700-vulnerabilities-came-to-light-in-2024/