Edgescan, a leader in risk-based vulnerability management and penetration testing, has released its 2024 Vulnerability Statistics Report, uncovering critical insights into the cybersecurity challenges facing organizations globally. The report underscores the alarming persistence of vulnerabilities, some dating back to 2015, which continue to be exploited by cybercriminals. This situation calls for immediate action from organizations to bolster their vulnerability management strategies.
Among the report's key findings is the classification of over 33% of the vulnerabilities identified during the study period as 'critical' or 'high severity'. SQL Injection, a prevalent threat allowing unauthorized database access, remains the top critical vulnerability in web applications, representing 19.47% of detected vulnerabilities and requiring an average of 15 days for remediation. Cross-Site Scripting (Stored) and Malicious File Upload also pose significant risks, accounting for 10.5% and 7.25% of high/critical severity vulnerabilities, respectively, with remediation times averaging 100 and 117 days.
Eoin Keary, Founder & CEO of Edgescan, highlighted the critical nature of the findings, stating the report serves as a wake-up call for organizations worldwide. The persistence of old vulnerabilities underscores the need for more proactive and comprehensive vulnerability management strategies to combat ransomware, malware, and other cyber threats effectively. For further details, the full report is available on Edgescan's website.
