The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA), along with their international Five Eyes partners, have released their annual report detailing the most commonly exploited cybersecurity vulnerabilities in 2023.
The joint advisory, compiled with input from intelligence agencies across the United States, United Kingdom, Australia, New Zealand, and Canada, highlights an alarming trend in zero-day attacks. Of the top 15 vulnerabilities identified, 12 were initially exploited as zero-day attacks, marking an increase from 2022.
Leading the list is CVE-2023-3519, a critical vulnerability in Citrix NetScaler ADC/Gateway systems that enabled code injection attacks. This flaw, rated at a severity score of 9.8 out of 10, was notably used in attacks targeting U.S. critical infrastructure throughout the year.
Also featured prominently is CVE-2023-20198, a high-severity vulnerability in Cisco systems discovered in October 2023. This security flaw allowed attackers to create privileged accounts on affected devices, potentially granting them complete control over the compromised systems.
The intelligence agencies noted that cyber attackers typically exploit vulnerabilities within a two-year window after their public disclosure. As systems receive patches or get replaced over time, the effectiveness of these exploits diminishes.
The advisory emphasizes the growing sophistication of cyber threats, particularly noting that threat actors are increasingly targeting enterprise networks through zero-day vulnerabilities to conduct operations against high-priority targets.
To protect against these threats, the agencies recommend organizations maintain regular software updates, implement comprehensive patch management programs, and perform consistent system backups. These basic but effective measures can help organizations strengthen their cybersecurity posture against evolving threats.
The collaborative effort of the Five Eyes alliance in sharing this intelligence demonstrates the international community's commitment to addressing global cybersecurity challenges and protecting critical infrastructure across nations.