70 percent of XIoT vulnerabilities critical or high

70 percent of XIoT vulnerabilities critical or high

Share post

The new State of XIoT Security Report: 2H 2022 shows that 71 percent of vulnerabilities were rated with a CVSS v3 score of “critical” (9,0-10) or “high” (7,0-8,9). Almost two-thirds of XIoT vulnerabilities can be exploited remotely.

Vulnerabilities in cyber-physical systems that became known in the second half of 2022 have decreased by 2021 percent since the peak in the second half of 14. At the same time, vulnerabilities discovered by internal research and product security teams have increased by 80 percent over the same period.

Sharp increase in XIoT vulnerabilities

This is shown by the new State of XIoT Security Report: 2H 2022 from Claroty, specialist in the security of cyber-physical systems (CPS). These results suggest that security researchers have a positive impact on strengthening the security of the enhanced Internet of Things (XIoT), ranging from industrial engineering (OT) to (I)IoT systems such as sensors or surveillance cameras to medical devices. It is also becoming clear that XIoT vendors are devoting more resources to testing the security of their products than ever before.

Compiled by Claroty's award-winning research team, Team82, the sixth biannual State of XIoT Security Report provides an in-depth investigation and analysis of vulnerabilities affecting the XIoT, including operational engineering and industrial control systems (OT/ICS) that Internet of Medical Things (IoMT), building management systems and enterprise IoT. The report includes vulnerabilities discovered in the second half of 2022 by Team82 and from trusted open sources such as the National Vulnerability Database (NVD), Industrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT), CERT@VDE, MITER and industrial automation manufacturers Schneider Electric and Siemens were published.

The most important report results

🔎 State of XIoT Security Report Results: 2H 2022 (Image: Claroty).

  • Affected devices: 62 percent of published OT vulnerabilities affect Level 3 devices of the Purdue Model for Industrial Control Systems. These devices control production processes and represent important interfaces between IT and OT networks and are therefore very attractive to attackers.
  • Severity: 71 percent of vulnerabilities received a CVSS v3 score of critical (9,0-10) or high (7,0-8,9). This reflects the tendency of security researchers to focus on identifying vulnerabilities with the greatest potential impact in order to achieve maximum mitigation. In addition, four of the report's top five vulnerabilities are also among the top five of MITER's identified 25 Most Dangerous Software Vulnerabilities of 2022, which are relatively easy to exploit and allow attackers to disrupt system availability and service delivery.
  • Attack vectors: 63 percent of vulnerabilities can be exploited remotely, meaning an attacker does not need local, neighboring, or physical access to the affected device to exploit the vulnerability.
  • Effects: The highest potential impact is unauthorized remote code or command execution (accounting for 54% of vulnerabilities), followed by denial of service (crash, exit, or reboot) at 43%.
  • Remedial Actions: The top remediation measure is network segmentation (recommended in 29% of vulnerability reports), followed by secure remote access (26%) and protection against ransomware, phishing and spam (22%).
  • Team82: Team82 reported 2022 vulnerabilities in the second half of 65, 30 of which were rated with a CVSS v3 score of 9,5 or higher. To date, over 400 vulnerabilities have been reported by Claroty's research department.

The full findings, in-depth analysis, and additional measures to protect against unauthorized access and risks can be found in Claroty's semi-annual State of XIoT Security Report: 2H 2022.

More at Claroty.com

 


About Claroty

Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.


 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Vulnerabilities in medical devices

One in four medical devices (23%) has a vulnerability from the US cyber security agency CISA's Known Exploited Vulnerabilities (KEV) catalog. In addition, there are ➡ Read more