CyberNews Briefs

Only 5.5% of all vulnerabilities are ever exploited in the wild

Only a rather small number of discovered security vulnerabilities are actually exploited by threat actors, new research shows. Of the 76,000 flaws that were found between 2009 and 2018, only 4,183 (5.5%) were exploited in real world cyber attacks.

Interestingly, the researchers found no connection between the publication of proof-of-concept (PoC) exploit code for a certain flaw and the beginning of attack campaigns exploiting that vulnerability. PoC code was available for just half of the 4,183 vulnerabilities that were exploited, meaning that the attackers developed their own exploit code. A less surprising finding is that high severity flaws are exploited more often than less serious vulnerabilities.

Read more: Only 5.5% of all vulnerabilities are ever exploited in the wild

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.