RiskIQ, released its Vulnerability Landscape report, a high-level view of critical vulnerabilities in twelve very widely used remote access and perimeter devices. The report shows that the rapidly increasing adoption of these devices throughout the COVID-19 pandemic is increasing digital attack surfaces outside the corporate firewall at incredible speed—and introducing a range of critical, rapidly proliferating vulnerabilities. Cybercriminals and nation-states are already taking advantage of these security flaws, including those in F5 Networks’ BIG-IP product and Cisco’s IOS XE devices, to attack organisations.
Many organisations are scrambling to patch dangerous security flaws in dozens of remote access and perimeter devices. Already, there have been 18 high-to-critical vulnerabilities in these systems in 2020. The devices covered in the report include Palo Alto Global Protect, F5 BIG-IP, IBM WebSphere Application Server, Oracle WebLogic, Microsoft Remote Desktop Gateway, Citrix NetScaler Gateway, Citrix ADC, Cisco ASA & Firepower, Oracle iPlanet Web Server, and more.
The report taps the company’s Internet Intelligence Graph, a global network that absorbs internet data to map the billions of relationships between IP-connected devices worldwide. Researchers deployed this telemetry to find the total number of these 12 potentially vulnerable devices online across the world that RiskIQ systems observed between 1 June, 2020, and August, 2020.
The total amount of potential vulnerabilities in the findings include:
Palo Alto Global Protect – 61,869
F5 Big-IP – 967,437
IBM WebSphere Application Server – 7,496
Oracle WebLogic – 14,563
Microsoft Remote Desktop Gateway – 42,826
Citrix NetScaler Gateway – 86,773
Citrix ADC – 7,970
Cisco ASA & Firepower – 1,982
Oracle iPlanet Web Server 7.0 – 2,848
SAP NetWeaver – 2,629
Zoho Desktop Central – 1,988
Citrix ShareFile – 2,766
“This data in this report gives us a unique glimpse of the new reality facing the enterprise in the post-COVID world, which is that network controls are ..
Support the originator by clicking the read the rest link below.
