15,000 Vulnerabilities Catalogued in 2016, CVE Flaws Exceeded
CYBER NEWS

15,000 Vulnerabilities Catalogued in 2016, CVE Flaws Exceeded

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

2016 has seen the biggest volume of vulnerabilities as revealed by a new report. 15,000 flaws have been catalogued by Risk Based Security. The volume outnumbers the flaws covered by CVE and National Vulnerability Database by more than 6,500, HelpNet Security reported.

Related: Android Tops the 2016 Top 50 Vulnerabilities List with 523 Bugs

Vulnerabilities in 2016 Reach New Heights

According to Carsten Eiram, Chief Research Officer of Risk Based Security:

Another record-breaking year in the number of vulnerabilities disclosed underlines the importance of relying on a proper vulnerability intelligence solution. For most companies, tracking vulnerabilities affecting their infrastructure has become a daunting task that is either too big to handle on their own or simply not financially viable compared to out-sourcing the tracking.

The expert also points out that a prevalent number of companies still rely on CVE (Common Vulnerabilities and Exposures) for bug tracking. However, this may not be the best way since it gives companies “a false sense of security having them think they’ve got the most important vulnerabilities covered.”

The truth is a bit different. Almost half (6,659) of the flaws published in 2016 are not found in CVE/NVD. Unfortunately, the flaws in question are present in popular products. More than 1,391 of these vulnerabilities got CVSS (Common Vulnerability Scoring System) scores between 9.0 and 10.0.

Related: How to Steal a Tesla Car, the Android App Edition

What is worse is that CVE has covered only 8.2% of them in 2016. In addition, 1,945 of the CVE flaws in 2016 are still lacking details in the CVE database, hence missing from NVD. All of these numbers mean one thing – the number of vulnerabilities has been increasing steadily alongside the CVSS scores. 48,9% of the 2016 flaws are remotely exploitable, and other 32,8% of them had a public exploit.

Nonetheless, Risk Based Security also stresses on the fact that despite the difficulties in communication between vendors and researchers, they are continuing to work together towards improving the vulnerability environment. Fortunately, the numbers here are positive – flaws disclosed harmoniously increased to 44.9% last year.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...