2022 Common Weakness Enumeration Top 25 Most Dangerous Software Weaknesses, the Homeland Security Systems Engineering and Development Institute, supported by CISA and worked by Miter, has delivered the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list.
The rundown utilizes information from the National Vulnerability Database to aggregate the most regular and basic mistakes that can prompt serious weaknesses in software. An assailant can frequently take advantage of these weaknesses to assume command over an impacted framework, get delicate data, or cause a disavowal of-administration condition. The current year’s rundown additionally consolidates refreshed weakness information for late Common Vulnerabilities and Exposure records in the dataset that are essential for CISA’s Known Exploited Vulnerabilities Catalog.
CISA urges clients and executives to survey the 2022 CWE Top 25 Most Dangerous Software Weaknesses and How physicists are probing assess prescribed alleviations to decide those most reasonable to take on.
To make the rundown, the CWE Team utilized Common Vulnerabilities and Exposures (CVE®) information tracked down inside the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS) scores related with each CVE record, remembering a concentration for CVE Records from the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog. A recipe was applied to the information to score every weakness in view of commonness and seriousness.
The dataset broke down to work out the 2022 Top 25 contained a sum of 37,899 CVE Records from the past two schedule years.