32% Legacy Vulnerabilities
A recent analysis found 32% of the most-exploited enterprise vulnerabilities are over a decade old—attackers are still weaponizing old bugs at scale while adding AI and automation to speed attacks. That stat underlines why rapid patching and inventory of legacy systems remain critical to risk reduction. (helpnetsecurity.com)
The Help Net Security summary is based on an analysis that matched exploit telemetry against CVE publication dates to show a meaningful portion of enterprise exploitation traces back to vulnerabilities disclosed before 2016. (helpnetsecurity.com) CISA’s Known Exploited Vulnerabilities (KEV) catalog continues to list historically old CVEs alongside recent ones, demonstrating federal tracking of legacy flaws that remain operational risks. (cisa.gov) Vendor incident reports this quarter document adversaries using automated scanners and commodity exploit kits to rapidly rediscover and weaponize internet-facing appliances and services with long-unpatched flaws. (crowdstrike.com) Microsoft’s security research notes increased use of AI-assisted automation to generate exploit variants and accelerate payload tuning against previously disclosed vulnerabilities. (microsoft.com) Tenable and other vulnerability-management vendors continue to push a three-step approach for legacy exposures: confirm asset inventory, prioritize internet-exposed/high-impact services for patching, and deploy compensating controls (segmentation, WAF/NGFW rules) when patches are unavailable. (tenable.com) The analysis recommends operational controls frequently used in cloud/on-prem environments—identify firmware and OS age across AWS instances and network gear, apply vendor mitigations or isolation for unpatchable systems, and ingest exploit telemetry to track recurring CVEs. (helpnetsecurity.com)
