CVEs are Driving Cybersecurity Coverage - But Easy to Miss

Written By Travis Van

Since 1999, the MITRE Corporation in concert with the U.S. Department of Homeland Defense and the Cybersecurity and Infrastructure Security Agency (CISA) have maintained a "Common Vulnerabilities and Exposures" (aka CVE) system. The system organizes security vulnerabilities into metadata that gives security teams a canonical record to try to keep the known bad stuff out of their systems.

There are nearly one thousand authors who cover CVEs at least once per year. But it's a tricky thing to track, because the names of each vulnerability are numerical.

Some of the CVEs that have been popping in the last week:

CVE-2024-21887 and CVE-2024-21893 are vulnerabilities in Ivanti's Connect Secure VPN appliances, targeted by Chinese hackers.

CVE-2024-29748 and CVE-2024-29745 are zero-day vulnerabilities affecting Google Pixel phones, exploited by forensic firms for data extraction. Google recently issued patches to mitigate two major security flaws.

And in the last year, CVEs that have drawn a lot of conversation:

CVE-2023-4863 is a zero-day exploit affecting Google's Chrome browser. Recent reports highlight a surge in enterprise zero-days, with spyware vendors responsible for 75% of zero-days targeting Google products.

CVE-2023-2868 is a zero-day vulnerability affecting Barracuda's Email Security Gateway (ESG). Recent reports suggest Chinese threat actors exploited this flaw.

CVE-2023-32434 is a zero-day exploit affecting Apple's iOS devices, enabling attackers to bypass kernel security.

CVE-2023-41064 is a zero-day exploit targeting Google products, possibly related to spyware. Recent reports indicate that spyware vendors are responsible for 75% of zero-day exploits aimed at Google.

CVE-2023-5217 is a zero-day exploit affecting Google Chrome, potentially allowing attack code injection.

CVE-2023-4966 is a vulnerability affecting Citrix NetScaler ADC and Gateway, exploited in cyberattacks. Recent developments include FBI and UK crime agency disruption efforts against LockBit cybercrime group, emphasizing the critical need for vulnerability management and proactive security measures to mitigate risks posed by ransomware and cyber threats.

CVE-2023-38831 is a vulnerability affecting WinRAR, exploited by Russian researchers for espionage in Ukraine.

CVE-2023-23397 is a vulnerability affecting Ubiquiti EdgeRouters, exploited by Russian hackers for covert cyberattacks, as warned by the FBI. Recent developments include urgent calls from the US government to clean up infected routers

If you're trying to follow the daily firehose of CVE news--it isn't easy, unless you are good at memorizing numbers. That’s why we are maintaining a list of CVEs and their coverage—so marketing and PR pros in cybersecurity can see what’s popping in any given week:

Travis Van
Previous

Are the Big Tech Events Ever Coming All the Way Back?
Next

Speaking and Award Deadline Reminders: 4/5/24