New data from client SynSaber in association with The CS Advisory Project identifies and evaluates trends in Common Vulnerabilities and Exposures (CVEs) showcasing what OT and ICS asset owners need to be aware of.
A couple key findings from the report include:
- For the CVEs reported in the first half of 2023, about 1/3 have no patch or remediation currently available from the vendor (significantly up from the first half of 2022)
- Critical manufacturing (37.3% of total reported CVEs) and Energy (24.3% of the total reported) sectors are the most likely to be affected
- Forever-Day vulnerabilities remain an issue – six CISA Advisories identified for ICS vendor products that reached end of life with “critical” severity vulnerabilities have no update, patch, hardware/software/ firmware updates, or known workarounds.
You can read the report here.
Like this:
Like Loading...
Related
This entry was posted on August 2, 2023 at 9:00 am and is filed under Commentary with tags SynSaber. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
SynSaber OT/ICS Vulnerabilities Report For 1H 2023 Is Out
New data from client SynSaber in association with The CS Advisory Project identifies and evaluates trends in Common Vulnerabilities and Exposures (CVEs) showcasing what OT and ICS asset owners need to be aware of.
A couple key findings from the report include:
You can read the report here.
Share this:
Like this:
Related
This entry was posted on August 2, 2023 at 9:00 am and is filed under Commentary with tags SynSaber. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.