According to the latest 2019 Mid-Year Vulnerability Report, over 34% (3,3771) of all vulnerabilities reported in the first half of 2019 do not currently have a documented solution.
The report by Risk Based Security claims this lack of patch availability is due to lack of information regarding the flaw or due to lack of a patch release.
The report found that of the 11,092 vulnerabilities reported in the first half of 2019, 53% (5,878) were vulnerabilities that can be exploited remotely and 54.4% (6,045) of vulnerabilities were Web-related vulnerabilities. 66% of reported vulnerabilities accounted for SQL injection attacks and 2.8% of vulnerabilities were classified as SCADA vulnerabilities.
The report also found that of the 11,092 report vulnerabilities, 14.7% (1,630) were listed as critical with CVSSv2 scores ranking higher than 9.0.
As hackers continue to expand their attack surface, it's imperative that organizations protect all assets within the network, including non-critical devices that continue to be used to infiltrate internal networks. Organizations must also have solutions in place to defend against all known vulnerabilities.
NNT Vulnerability Tracker helps organizations by ensuring that any known vulnerabilities within software and configuration settings within your environment are identified by continuously testing and assessing your IT network and any device(s) connected to it against thousands of Network Vulnerability Tests (NVTs). New vulnerabilities are added daily to ensure you're staying up to date with the latest security threats.
Learn more about our NNT Vulnerability Tracker here