With the Corona pandemic devastating lives around the world, cybercriminals and threat actors have joined the fray to take advantage of this situation.

Today, the reliance on applications such as web proxy, remote conferencing, VPNs, etc. are at an all-time high which is yet another reason for threat actors to work overtime to exploit vulnerabilities.

We recently released an in-depth research report called Cyber Risks in Remote Working series where we examined popular web proxy applications used by employees’ world over.

Key findings

The report provides an in-depth study of web proxy applications and the inherent vulnerabilities that exist within them.

  • 13 CVEs are weaponized
  • 5 CVEs have RCE and Privilege Execution
  • Scanners such as Nessus, Nexpose, Qualys have missed 2 vulnerabilities each

Vulnerabilities in Web Proxies

  • From 2010 to 2020, 121 vulnerabilities have been detected in popular web proxy applications. From this, 13 vulnerabilities have been weaponized.

 

  • From among the weaponized vulnerabilities, 3 have RCE (remote code execution) capabilities, 2 have privilege execution.
  •  22 vulnerabilities are deemed critical with CVSS2 score >= 9.

Vulnerabilities in Vendors

  • Forcepoint has 10 weaponized vulnerabilities and 41 vulnerabilities waiting to be weaponized and 1 is associated with RCE (Remote code execution). 2 vulnerabilities are critical in priority and will need to be fixed immediately.
  • Symantec has 7 weaponized vulnerabilities and 82 vulnerabilities that can be weaponized, and 6 vulnerabilities are associated with RCE. Symantec also has 21 critical vulnerabilities – the highest number of CVEs among the vendors.

Weaponization Trends

  • The weaponization of web proxies increased around 2015 and spiked in 2018

 

Fixing these vulnerabilities is critically essential because leading scan systems such as Nessus, Nexpose, and Qualys have missed critical CVEs in web proxies.

Count of vulnerabiliies missed by popular scanners

  Nessus Nexpose Qualys
Cisco 2 2 2
Total 2 2 2

CWS’s report is accompanied by a helpful appendix of a list of CVEs that need to be fixed immediately and with scanners not detecting these vulnerabilities must be are addressed immediately.

Download the whitepaper Cyber Risk in Web Proxies

Share This Post On