2023’s Top 15 Security Nightmares

Source: The Register 2023’s Top 15 Security Nightmares

Congratulations To Citrix For Taking Both 1st And 2nd Place!

2023 has not been fun for anyone that follows computer security, especially if you have to deal with them once they’ve been identified.  The Five Eyes countries have released their list of the 15 most egregious security issues discovered last year.  They earned their ranking thanks to the remote code execution bug in NetScaler ADC and Gateway, and for those products leaking sensitive information when configured as they are intended, as a gateway or authentication, authorization and accounting server.

Cisco did their best but could only get third and fourth place for letting users elevate a non-privileged account to have root access and for allowing code that had not been validated to be run as root.   The fifth was Fortinet’s FortiOS, used by many large corporations, which allowed you to remotely cause code to execute merely by sending it a request designed to cause a buffer overflow.   The Register has a rundown of the rest, including links to the CVE pages if you don’t recall exactly how awful these were.

2024’s list will be even worse sadly.

The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued a list of the 15 most exploited vulnerabilities in 2023, and warned that attacks on zero-day exploits have become more common.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!