{"id":29510,"date":"2023-04-05T17:22:17","date_gmt":"2023-04-05T17:22:17","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=29510"},"modified":"2023-04-05T17:22:19","modified_gmt":"2023-04-05T17:22:19","slug":"millions-of-systems-exposed-to-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/","title":{"rendered":"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities"},"content":{"rendered":"\n<p>Effective <a href=\"https:\/\/www.esecurityplanet.com\/networks\/vulnerability-management\/\">vulnerability management<\/a> is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices.<\/p>\n\n\n\n<p>Researchers at cybersecurity firm Rezilion <a href=\"https:\/\/info.rezilion.com\/rezilion-2023-kev-research\" target=\"_blank\" rel=\"noreferrer noopener\">found<\/a> more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the U.S. Cybersecurity and Infrastructure Security Agency&#8217;s <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">Known Exploited Vulnerabilities Catalog<\/a>.<\/p>\n\n\n\n<p>Tens of thousands of new security vulnerabilities are discovered each year; the value of CISA&#8217;s KEV catalog is that it helps organizations prioritize the software and firmware flaws that threat groups are actively exploiting \u2014 and many of those exploited flaws are older ones that users have failed to apply patches for. The Rezilion report is the latest evidence that practices like <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-it-asset-management-tools-for-security\/\">IT asset management<\/a> and <a href=\"https:\/\/www.esecurityplanet.com\/networks\/patch-management\/\">patch management<\/a> are critical cybersecurity processes that organizations need to be better at.<\/p>\n\n\n\n<p>The majority of the exposed vulnerabilities Rezilion found are Microsoft Windows instances, with 137 vulnerabilities, followed by Adobe Flash player (29 vulnerabilities) and Microsoft Internet Explorer (24).<\/p>\n\n\n\n<p>While the flaws in the KEV Catalog comprise less than 1 percent of the vulnerabilities discovered each year, Rezilion notes, those flaws are often the most actively exploited by <a href=\"https:\/\/www.esecurityplanet.com\/threats\/advanced-persistent-threat\/\">APT groups<\/a> and other threat actors, many of them linked to nation states including Russia, Iran, China, and North Korea.<\/p>\n\n\n\n<p><em>See the top <\/em><a href=\"https:\/\/www.esecurityplanet.com\/products\/vulnerability-management-software\/\"><em>vulnerability management<\/em><\/a><em> and <\/em><a href=\"https:\/\/www.esecurityplanet.com\/products\/patch-management-software\/\"><em>patch management<\/em><\/a><em> tools<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Top Vulnerabilities<\/h2>\n\n\n\n<p>The top flaws in terms of ongoing exploitation attempts in the last 30 days include the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2022-26314\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-26314<\/a> (816 attempts) \u2013 a critical vulnerability in the Mendix Forgot Password Appstore module<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2021-44228<\/a> and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-45046\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2021-45046<\/a> (66 attempts) \u2013 a pair of critical flaws in Apache Log4j, aka <a href=\"https:\/\/www.esecurityplanet.com\/threats\/log4shell-exploitation-grows\/\">Log4Shell<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2019-2725\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2019-2725<\/a> (46 attempts) \u2013 a critical vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-41773\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2021-41773<\/a> (46 attempts) \u2013 a vulnerability in Apache HTTP Server<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-26084\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2021-26084<\/a> (32 attempts) \u2013 a critical flaw in Confluence Server and Data Center<\/li>\n<\/ul>\n\n\n\n<p>&#8220;Despite the availability of patches for these vulnerabilities, millions of systems remain exposed to attacks,&#8221; Yotam Perkal, Rezilion director of vulnerability research, said in a statement. &#8220;This leaves organizations vulnerable to exploitation from threat actors and Advanced Persistent Threat (APT) groups who often target publicly known vulnerabilities.&#8221;<\/p>\n\n\n\n<p><strong>Also read:<\/strong> <a href=\"https:\/\/www.esecurityplanet.com\/compliance\/patch-management-policy\/\">Patch Management Policy: Steps, Benefits, and a Free Template<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How Organizations Should Respond<\/h2>\n\n\n\n<p>Rezilion recommends taking two key steps to respond to these threats:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Identify which vulnerabilities are even exploitable through runtime validation. Since most vulnerabilities in code are never loaded to memory or executed, this step eliminates 85 percent of the initial backlog.<\/li>\n\n\n\n<li>Use the CISA KEV catalog or other <a href=\"https:\/\/www.esecurityplanet.com\/products\/threat-intelligence-platforms\/\">threat intelligence<\/a> sources as part of an ongoing vulnerability management strategy to identify vulnerabilities that require immediate patching as attackers exploit them.<\/li>\n<\/ol>\n\n\n\n<p>&#8220;It is crucial that organizations prioritize patching vulnerabilities that have already been exploited in the wild,&#8221; Perkal said. &#8220;The KEV catalog provides an excellent starting point for this. Combined with runtime validation it narrows down huge backlogs to a handful of patches that must be applied as quickly as possible.&#8221;<\/p>\n\n\n\n<p><strong>Also read:<\/strong> <a href=\"https:\/\/www.esecurityplanet.com\/applications\/patch-management-as-a-service\/\">Is the Answer to Vulnerabilities Patch Management as a Service?<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">CISA Launches Anti-Ransomware Programs<\/h2>\n\n\n\n<p>Separately, CISA recently introduced two programs, the Ransomware Vulnerability Warning Pilot (RVWP) and the Pre-Ransomware Notification Initiative, to help organizations protect themselves from ransomware threats.<\/p>\n\n\n\n<p>The RVWP is designed to identify vulnerabilities associated with ransomware exploitation and warn critical infrastructure entities with those vulnerabilities. At its launch, the RVWP notified 93 organizations that were exposed by <a href=\"https:\/\/www.esecurityplanet.com\/threats\/microsoft-proxynotshell-patch\/\">ProxyNotShell<\/a>.<\/p>\n\n\n\n<p>&#8220;The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations,&#8221; CISA executive assistant director for cybersecurity Eric Goldstein said in a statement.<\/p>\n\n\n\n<p>The Pre-Ransomware Notification Initiative focuses instead on intrusions, warning organizations about potential early-stage ransomware activity.<\/p>\n\n\n\n<p>&#8220;Although we&#8217;re in the early days, we&#8217;re already seeing material results: since the start of 2023, we&#8217;ve notified over 60 entities across the energy, healthcare, water\/wastewater, education, and other sectors about potential pre-ransomware intrusions, and we&#8217;ve confirmed that many of them identified and remediated the intrusion before encryption or exfiltration occurred,&#8221; CISA said in a statement.<\/p>\n\n\n\n<p><strong>Further reading<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.esecurityplanet.com\/threats\/how-to-recover-from-a-ransomware-attack\/\">How to Recover From a Ransomware Attack<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">Ransomware Protection: How to Prevent Ransomware Attacks<\/a><\/li>\n<\/ul>\n\n\n<div id=\"ta-campaign-widget-66d6e3a2b6f5c-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6e3a2b6f5c\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6e3a2b6f5c\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6e3a2b6f5c\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6e3a2b6f5c\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6e3a2b6f5c\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6e3a2b6f5c\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the [&hellip;]<\/p>\n","protected":false},"author":166,"featured_media":18347,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[15],"tags":[3790,1146,3414,23006,2478,730,7575,22929,5277],"b2b_audience":[33,35],"b2b_industry":[53,55,56,57,59,64],"b2b_product":[31788,382,395,31780,31775,392],"class_list":["post-29510","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threats","tag-cybersecurity","tag-malware","tag-network-security","tag-patch-management","tag-ransomware","tag-security","tag-threat-intelligence","tag-vulnerability-management","tag-web-security","b2b_audience-awareness-and-consideration","b2b_audience-implementation-and-support","b2b_industry-energy","b2b_industry-financial-services","b2b_industry-government","b2b_industry-healthcare","b2b_industry-manufacturing","b2b_industry-transportation","b2b_product-advanced-persistent-threats","b2b_product-application-security-vulnerability-management","b2b_product-firewalls-and-intrusion-prevention-and-detection","b2b_product-patch-management","b2b_product-web-applications-security","b2b_product-web-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Over 15 Million Systems Exposed to Known Exploited Vulnerabilities | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"Millions of organizations are failing at critical security practices like patch and asset management. Here&#039;s what to do.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"Millions of organizations are failing at critical security practices like patch and asset management. Here&#039;s what to do.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-05T17:22:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-05T17:22:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jeff Goldman\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeff Goldman\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\"},\"author\":{\"name\":\"Jeff Goldman\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/814377f0182cc43200a4581fba4ec795\"},\"headline\":\"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities\",\"datePublished\":\"2023-04-05T17:22:17+00:00\",\"dateModified\":\"2023-04-05T17:22:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\"},\"wordCount\":698,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg\",\"keywords\":[\"cybersecurity\",\"malware\",\"network security\",\"Patch Management\",\"ransomware\",\"security\",\"Threat Intelligence\",\"Vulnerability Management\",\"Web security\"],\"articleSection\":[\"Threats\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\",\"name\":\"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg\",\"datePublished\":\"2023-04-05T17:22:17+00:00\",\"dateModified\":\"2023-04-05T17:22:19+00:00\",\"description\":\"Millions of organizations are failing at critical security practices like patch and asset management. Here's what to do.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg\",\"width\":1200,\"height\":800,\"caption\":\"Hacker at computer\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/814377f0182cc43200a4581fba4ec795\",\"name\":\"Jeff Goldman\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/08\/jeff-goldman-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/08\/jeff-goldman-150x150.jpg\",\"caption\":\"Jeff Goldman\"},\"description\":\"eSecurity Planet contributor Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009. He's also written extensively about wireless and broadband infrastructure and semiconductor engineering. He started his career at MTV, but soon decided that technology writing was a more promising path.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/jeff-goldman\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities | eSecurity Planet","description":"Millions of organizations are failing at critical security practices like patch and asset management. Here's what to do.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities | eSecurity Planet","og_description":"Millions of organizations are failing at critical security practices like patch and asset management. Here's what to do.","og_url":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/","og_site_name":"eSecurity Planet","article_published_time":"2023-04-05T17:22:17+00:00","article_modified_time":"2023-04-05T17:22:19+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg","type":"image\/jpeg"}],"author":"Jeff Goldman","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Jeff Goldman","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/"},"author":{"name":"Jeff Goldman","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/814377f0182cc43200a4581fba4ec795"},"headline":"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities","datePublished":"2023-04-05T17:22:17+00:00","dateModified":"2023-04-05T17:22:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/"},"wordCount":698,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg","keywords":["cybersecurity","malware","network security","Patch Management","ransomware","security","Threat Intelligence","Vulnerability Management","Web security"],"articleSection":["Threats"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/","url":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/","name":"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg","datePublished":"2023-04-05T17:22:17+00:00","dateModified":"2023-04-05T17:22:19+00:00","description":"Millions of organizations are failing at critical security practices like patch and asset management. Here's what to do.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/04\/Hacker-e1666979312899.jpg","width":1200,"height":800,"caption":"Hacker at computer"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/threats\/millions-of-systems-exposed-to-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Over 15 Million Systems Exposed to Known Exploited Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/814377f0182cc43200a4581fba4ec795","name":"Jeff Goldman","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/08\/jeff-goldman-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/08\/jeff-goldman-150x150.jpg","caption":"Jeff Goldman"},"description":"eSecurity Planet contributor Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009. He's also written extensively about wireless and broadband infrastructure and semiconductor engineering. He started his career at MTV, but soon decided that technology writing was a more promising path.","url":"https:\/\/www.esecurityplanet.com\/author\/jeff-goldman\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/29510"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/166"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=29510"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/29510\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/18347"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=29510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=29510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=29510"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=29510"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=29510"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=29510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}