One in 10 Assets Assessed Are Vulnerable to Log4Shell
If not addressed now, it will define computing in 2022.
Tenable assembles vast amounts of data around every single vulnerability, including the recent high profile Log4Shell. What we’ve determined so far is startling, but not surprising, 10% of all assessed assets are vulnerable to Log4Shell. Meanwhile a disturbing 30% of organizations haven’t even begun looking for this bug, a startlingly negligent delay given the aggressiveness of threat actors hunting for it.
Of the assets that have been assessed, Log4Shell has been found in approximately 10% of them, including a wide range of servers, web applications, containers and IoT devices. Log4Shell is pervasive across all industries and geographies. One in 10 corporate servers being exposed. One in 10 web applications and so on. One in 10 of nearly every aspect of our digital infrastructure has the potential for malicious exploitation via Log4Shell.
Then there’s the sheer number of impacted organizations. Our telemetry shows that as of December 21st, 2021, only 70% of organizations have even scanned for the vulnerability! Log4Shell has been identified as one of the biggest cybersecurity risks we’ve ever encountered, yet many organizations still aren’t taking action: 30% of organizations haven’t begun assessing their environments for Log4Shell, let alone started patching.
Security professionals are stretched thin, and it's all the harder given the holiday timing, but this risk is unique. Broad exploitation has already begun and in one month’s time we expect to see several waves of iteration on this exploit, resulting in more aggressive damage that may be impossible to stop by then.
While EternalBlue, for example, wrought significant attacks, such as WannaCry, the potential here is much greater because of the pervasiveness of Log4j across both infrastructure and applications. No single vulnerability in history has so blatantly called out for remediation. Log4Shell will define computing as we know it, separating those that put in the effort to protect themselves and those comfortable being negligent.
Learn more:
Related Articles
EPSS Shows Strong Performance in Predicting Exploits, Says Study from Cyentia and FIRST
July 30, 2024Tenable sponsored research from Cyentia and FIRST, which finds that while vulnerability exploitation is highly variable, EPSS is getting stronger in its ability to predict exploitation.
How To Do a Security Audit of Pimcore Enterprise Platform
July 22, 2024Our new research paper gives you a roadmap for using Pimcore's features while preserving security.
How Risk-based Vulnerability Management Boosts Your Modern IT Environment's Security Posture
July 11, 2024Vulnerability assessments and vulnerability management sound similar – but they’re not. As a new Enterprise Strategy Group white paper explains, it’s key to understand their differences and to shift from ad-hoc vulnerability assessments to continuous, risk-based vulnerability management (RBVM). Read on to check out highlights from this Tenable-commissioned study and learn how RBVM helps organizations attain a solid security and risk posture in hybrid, complex and multi-cloud environments.
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Vulnerability Scanning