How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends


Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild. Consistent with past analyses, the majority (97) of these vulnerabilities were exploited as zero-days (vulnerabilities exploited before patches are made available, excluding end-of-life technologies).

Forty-one vulnerabilities were exploited as n-days (vulnerabilities first exploited after patches are available). While we have previously seen and continue to expect a growing use of zero-days over time, 2023 saw an even larger discrepancy grow between zero-day and n-day exploitation as zero-day exploitation outpaced n-day exploitation more heavily than we have previously observed.

Read more…
Source: Mandiant


Sign up for our Newsletter


Related:

  • Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

    March 20, 2017

    Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...