70 percent of XIoT vulnerabilities critical or high

March 15, 2023
| No comments
70 percent of XIoT vulnerabilities critical or high

Share post

The new State of XIoT Security Report: 2H 2022 shows that 71 percent of vulnerabilities were rated with a CVSS v3 score of “critical” (9,0-10) or “high” (7,0-8,9). Almost two-thirds of XIoT vulnerabilities can be exploited remotely.

Vulnerabilities in cyber-physical systems that became known in the second half of 2022 have decreased by 2021 percent since the peak in the second half of 14. At the same time, vulnerabilities discovered by internal research and product security teams have increased by 80 percent over the same period.

Sharp increase in XIoT vulnerabilities

This is shown by the new State of XIoT Security Report: 2H 2022 from Claroty, specialist in the security of cyber-physical systems (CPS). These results suggest that security researchers have a positive impact on strengthening the security of the enhanced Internet of Things (XIoT), ranging from industrial engineering (OT) to (I)IoT systems such as sensors or surveillance cameras to medical devices. It is also becoming clear that XIoT vendors are devoting more resources to testing the security of their products than ever before.

Compiled by Claroty's award-winning research team, Team82, the sixth biannual State of XIoT Security Report provides an in-depth investigation and analysis of vulnerabilities affecting the XIoT, including operational engineering and industrial control systems (OT/ICS) that Internet of Medical Things (IoMT), building management systems and enterprise IoT. The report includes vulnerabilities discovered in the second half of 2022 by Team82 and from trusted open sources such as the National Vulnerability Database (NVD), Industrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT), CERT@VDE, MITER and industrial automation manufacturers Schneider Electric and Siemens were published.

The most important report results

🔎 State of XIoT Security Report Results: 2H 2022 (Image: Claroty).

  • Affected devices: 62 percent of published OT vulnerabilities affect Level 3 devices of the Purdue Model for Industrial Control Systems. These devices control production processes and represent important interfaces between IT and OT networks and are therefore very attractive to attackers.
  • Severity: 71 percent of vulnerabilities received a CVSS v3 score of critical (9,0-10) or high (7,0-8,9). This reflects the tendency of security researchers to focus on identifying vulnerabilities with the greatest potential impact in order to achieve maximum mitigation. In addition, four of the report's top five vulnerabilities are also among the top five of MITER's identified 25 Most Dangerous Software Vulnerabilities of 2022, which are relatively easy to exploit and allow attackers to disrupt system availability and service delivery.
  • Attack vectors: 63 percent of vulnerabilities can be exploited remotely, meaning an attacker does not need local, neighboring, or physical access to the affected device to exploit the vulnerability.
  • Effects: The highest potential impact is unauthorized remote code or command execution (accounting for 54% of vulnerabilities), followed by denial of service (crash, exit, or reboot) at 43%.
  • Remedial Actions: The top remediation measure is network segmentation (recommended in 29% of vulnerability reports), followed by secure remote access (26%) and protection against ransomware, phishing and spam (22%).
  • Team82: Team82 reported 2022 vulnerabilities in the second half of 65, 30 of which were rated with a CVSS v3 score of 9,5 or higher. To date, over 400 vulnerabilities have been reported by Claroty's research department.

The full findings, in-depth analysis, and additional measures to protect against unauthorized access and risks can be found in Claroty's semi-annual State of XIoT Security Report: 2H 2022.

More at Claroty.com

 

About Claroty

Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.

 

Matching articles on the topic

Phishing study: Employees are taking far too much risk 

Almost two thirds of employees in Germany (64%, worldwide 68%) knowingly expose their company to risks that could lead to... ➡ Read more

Sharp increase in ransomware

A leading provider of an AI-powered, cloud-based cybersecurity platform has released its new cyberattack and ransomware statistics for Q1 2024 ➡ Read more

Risks from increasing use of artificial intelligence

A report shows that 569 TB of corporate data is passed on to AI tools and underlines the importance of better data security. AI/ML transactions in ➡ Read more

Increase in ransomware attacks and compliance failures

An annual report highlights the latest threats, trends and emerging topics in data security. It is based on a survey ➡ Read more

Cryptography and quantum computing

Cryptography has long been one of the best ways to protect digital information from unauthorized access - for example ➡ Read more

OT security status report

A recent survey of industrial companies worldwide – including Germany – paints a worrying picture about the state of OT security ➡ Read more

SMEs in sight: cyber attacks on supply chains

Partnerships, services, customer relationships – no organization operates independently. Contracts, compliances and laws regulate cooperation, but what about? ➡ Read more

Causes of data loss in German companies

Data loss is a problem that occurs in the interaction between humans and machines: “careless users” are much more likely to be the ones ➡ Read more

Stories
, , , , ,