The Canadian Centre for Cyber Security (Cyber Centre) has joined the following international partners in releasing a joint cyber security advisory highlighting 2023’s top routinely exploited vulnerabilities:
- United States’ Cybersecurity and Infrastructure Security Agency (CISA)
- United States’ Federal Bureau of Investigation (FBI)
- United States’ National Security Agency (NSA)
- Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC)
- New Zealand’s National Cyber Security Centre (NCSC-NZ)
- United Kingdom’s National Cyber Security Centre (NCSC-UK)
This advisory provides details on the Common Vulnerabilities and Exposures routinely and frequently exploited by malicious cyber actors in 2023 and their associated Common Weakness Enumerations.
In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct operations against high-priority targets. This advisory includes the top 15 vulnerabilities that the Cyber Centre and its co-authors observed being exploited that year.
We encourage vendors, designers, developers and end-user organizations to implement the recommended mitigations outlined in the advisory. Implementing these recommendations will reduce the risk of compromise by malicious cyber actors.
Read the joint advisory 2023 Top Routinely Exploited Vulnerabilities.