List of most exploited vulnerabilities in 2022 published

Posted date 24/08/2023

As a result of the collaboration of several global cybersecurity agencies (CISA, NSA, FBI, ACSC, CCCS, NCSC-NZ, CERT-NZ and NCSC-UK), a joint advisory has been published reporting the top most exploited vulnerabilities for the year 2022.

Among the top 12 ranked, more than half are repeats, as they also appeared in the 2021 ranking. For 2022, these include credential exposure vulnerabilities in Fortinet products; the so-called Proxy Shell, which affects Microsoft Exchange Server; code execution vulnerabilities in vendors Zoho ManageEngine, VMware and Atlassian; the flaw in Apache Log4j2 known as Log4Shell; and another vulnerability in F5 BIG-IP authentication failure.