Cyble’s recent sensor report provides a detailed insight into the vulnerabilities exploited by threat actors, highlighting the ongoing risks faced by organizations due to both new and old vulnerabilities. The report sheds light on the alarming frequency with which certain vulnerabilities are targeted, with one particular vulnerability standing out as the most exploited in recent times.

The vulnerability in question is CVE-2020-11899, a four-year-old flaw in the Treck TCP/IP stack that has been actively exploited by threat actors. Despite its age, this vulnerability continues to be targeted, with Cyble sensors detecting a staggering 411,000 attacks on it in a single week. The widespread nature of this vulnerability, affecting devices that support IPv6 such as medical, industrial, and critical infrastructure devices, poses a significant risk to organizations worldwide.

While the vulnerability is rated as not particularly severe on its own, when combined with other vulnerabilities in the “Ripple20” series, it can have serious consequences. The potential for data theft, manipulation of device behavior, and network breaches make this vulnerability a critical threat that organizations need to address promptly.

The impact of vulnerabilities like CVE-2020-11899 is further compounded by the challenges in securing IoT and embedded devices. Many of these devices are difficult to update, either due to end-of-life status, logistical complexities, or remote deployment. The diverse nature of IoT ecosystems, combined with the lack of standardization, makes it challenging for organizations to maintain robust security measures across all devices.

Despite the new regulations and initiatives aimed at enhancing cybersecurity, the existing vulnerabilities in older devices remain a significant concern. Addressing these vulnerabilities requires a multi-faceted approach, including identifying and patching vulnerable devices, restricting internet exposure, implementing network segmentation, and enhancing encryption and access controls.

Organizations are urged to conduct thorough inventories of IoT devices, prioritize patching, and implement strong security controls to mitigate the risks posed by vulnerabilities like CVE-2020-11899. By taking proactive steps to secure their IoT environments, organizations can significantly reduce their exposure to cyber threats and safeguard their critical assets.

In conclusion, the persistent exploitation of vulnerabilities like CVE-2020-11899 underscores the urgent need for organizations to prioritize cybersecurity measures and secure their IoT devices effectively. The evolving threat landscape demands a proactive and comprehensive approach to cybersecurity to stay ahead of threat actors and protect critical infrastructure from malicious attacks.

Извор линк