← All stories

F5 Labs

The Evolving CVE Landscape

2023-02-28 · Read original ↗

ATT&CK techniques detected

15 predictions

T1588.006Vulnerabilities

76%

“s worth of new cves has increased from about 20 to more than 130 - both new and old territory is being reformed - the owasp top 10 has shifted dramatically over time - the diversity of weakness in software has increased - the language used in cve descriptions is changing with les…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

67%

“percentage of all cves introduction we ’ ve all been there. after a hard day defending networks against foes — real and imaginary alike — we try to take a break from the big screen and scroll a bit through social media on the little screen2. then, we see it : that infosec influen…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

63%

“many vendors. but exactly what are the vulnerabilities? what exactly was written into the software to create these opportunities for attackers? the need to categorize these is so strong that mitre created another categorization to try to organize all the ways software can go wron…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1587.004Exploits

59%

“the evolving cve landscape known exploited vulnerabilities ( kev ) exploit code is one thing but what about actual, honest to goodness, exploitation in the wild? this is a hard question to answer, as attackers are usually not gonna bother explicitly mapping their efforts to speci…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1587.004Exploits

59%

“the cve, let ’ s start with some definitions and examine the history of the cve as well as a brief overview of some of the data fields from which cves are constructed. glossary - common vulnerability and exposures ( cve ) a framework developed at the mitre corporation for organiz…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

53%

“the cve, let ’ s start with some definitions and examine the history of the cve as well as a brief overview of some of the data fields from which cves are constructed. glossary - common vulnerability and exposures ( cve ) a framework developed at the mitre corporation for organiz…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1587.004Exploits

52%

“s worth of new cves has increased from about 20 to more than 130 - both new and old territory is being reformed - the owasp top 10 has shifted dramatically over time - the diversity of weakness in software has increased - the language used in cve descriptions is changing with les…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

49%

“publication of a cve divides a customer base into two populations — those who patch and those who don ’ t. upon publication, each of these groups will experience a distinct change in risk over time. for organizations who patch, both the likelihood and the impact of a successful e…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

48%

“requires broad community buy - in, a working group was formed to create a more formal framework. approximately nine months later6, the first cve list was birthed into the world in september of 1999 with a mere 321 vulnerabilities. my, how things have grown ( over 190k have been p…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

46%

“publish new cves. - common vulnerability scoring system ( cvss ) a method for assessing a vulnerability ' s severity. - known exploited vulnerabilities ( kev ) a list of cves published by the united states department of homeland security indicating vulnerabilities that are actual…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

45%

“within owasp, but the jump to 200 is dramatic. so far, this has been divorced from actual cves. we ’ ve just talked about the weirdness that encompasses the views themselves. figure 16 examines what percentage of cves, during a specific owasp generation, were associated with any …”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

42%

“percentage of overall attributed to new vendors is declining. while initially this might seem paradoxical, it has a simple explanation : vulns pile up on old vendors faster than they are being found for brand new vendors. days between cves so, how quickly do those vulns pile up o…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1587.004Exploits

38%

“weirdly? ) different reasons. - cve - 2017 - 15361 affected 35 different manufacturers of chromebooks which used an infineon trusted platform module that had a faulty implementation of the rsa algorithm. - cve - 2015 - 12207 was a flaw in page table invalidation that was exploita…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

35%

“vuln and have managed to avoid having another published for more than a decade, more than three times longer than the median in figure 8 would suggest. in fact, among the 27, 960 vendors with a published vulnerability, there are only 382 who have a single cve published and that c…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

34%

“the evolving cve landscape known exploited vulnerabilities ( kev ) exploit code is one thing but what about actual, honest to goodness, exploitation in the wild? this is a hard question to answer, as attackers are usually not gonna bother explicitly mapping their efforts to speci…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

Plus, the 7 Weirdest CVEs (You won’t believe number 6!)