Vulnerability Management Challenges in Network Edge Devices

First reported

08.09.2025 17:00

Last updated

📰 1 unique sources, 1 articles

Summary

Hide ▲

The vulnerability management market faces significant challenges due to an increasing number of vulnerabilities and the complexity of securing network edge devices. The shift to cloud-based solutions and the exploitation of edge devices by threat actors highlight the need for more effective and integrated risk management strategies. The industry must adapt to address the growing risks associated with network device vulnerabilities, which are often exploited to gain unauthorized access and move laterally within networks. Organizations are struggling to keep up with the pace of vulnerabilities and the time it takes to remediate them, leading to an increased risk of exploitation. The exploitation of network edge devices has surged, with a notable increase in the percentage of edge devices compromised through vulnerabilities. This trend underscores the urgent need for solutions that can automate and orchestrate the protection of these critical assets.

Timeline

08.09.2025 17:00 📰 1 articles

Exploitation of Network Edge Devices Surges in 2024
Between 2023 and 2024, the percentage of edge devices exploited by vulnerabilities grew from 3% to 22%. Three of the four most-exploited vulnerabilities in 2024 were zero-days affecting edge devices. Organizations are actively patching network device vulnerabilities, but only 54% were fully remediated last year, taking a median of 32 days to accomplish. The average time to exploit vulnerabilities has dropped to five days, highlighting the urgent need for more effective risk management strategies.
Show sources

The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Open in new tab

Information Snippets

The vulnerability management market is struggling due to an increasing number of vulnerabilities and the complexity of securing network edge devices.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Many vendors focused on identifying vulnerabilities rather than addressing the risks they introduced.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Alert fatigue has made it difficult to prioritize and address critical vulnerabilities.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
The shift to cloud-based solutions has improved risk management but has not fully addressed the challenges of securing network infrastructure.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Network devices are a heterogeneous mix of hardware, software, and firmware, making them difficult to secure.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
The percentage of edge devices exploited by vulnerabilities increased from 3% in 2023 to 22% in 2024.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Three of the four most-exploited vulnerabilities in 2024 were zero-days affecting edge devices.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Only 54% of network device vulnerabilities were fully remediated in 2024, taking a median of 32 days to accomplish.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
The average time to exploit vulnerabilities has dropped to five days.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00
Organizations are seeking solutions that can automate and orchestrate the protection of network devices to address these challenges.
First reported: 08.09.2025 17:00

📰 1 source, 1 article
Show sources
- The Critical Failure in Vulnerability Management — www.darkreading.com — 08.09.2025 17:00

Similar Happenings

Cloudflare mitigates 11.5 Tbps UDP flood DDoS attack

Cloudflare recently mitigated the largest recorded volumetric DDoS attack, peaking at 11.5 Tbps. The attack was a UDP flood primarily originating from a combination of several IoT and cloud providers, including Google Cloud. It lasted approximately 35 seconds. Cloudflare has seen a significant increase in DDoS attacks, with a 198% quarter-over-quarter increase and a 358% year-over-year jump in 2024. The company mitigated 21.3 million DDoS attacks targeting its customers and 6.6 million attacks targeting its own infrastructure during an 18-day multi-vector campaign in 2024. The most significant spike was seen by network-layer attacks, which saw a 509% year-over-year increase since the start of 2025. The attack was part of a series of hyper-volumetric DDoS attacks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps. The attack was conducted by sending requests from botnets that had infected devices with malware. The RapperBot kill chain targets network video recorders (NVRs) and other IoT devices for DDoS attacks. The malware exploits security flaws in NVRs to gain initial access and download the payload, using a path traversal flaw to leak valid administrator credentials and push a fake firmware update. The malware establishes an encrypted connection to a C2 domain to receive commands for launching DDoS attacks and can scan the internet for open ports to propagate the infection. The attackers' methodology involves scanning the internet for old edge devices and brute-forcing or exploiting them to execute the botnet malware. Google's abuse defenses detected the attack, and they followed proper protocol in customer notification and response. Cloudflare has been automatically mitigating hundreds of hyper-volumetric DDoS attacks in recent weeks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps. Volumetric attacks typically aim to overwhelm servers or networks, causing them to slow or shut down completely. The attack's short duration of 35 seconds highlights that size alone is not the most critical metric for evaluating DDoS attacks. The complexity and persistence of an attack, along with its impact on users, are more important metrics for DDoS defense. A DDoS mitigation service provider in Europe was targeted in a 1.5 Bpps denial-of-service attack. The attack originated from thousands of IoTs and MikroTik routers and was mitigated by FastNetMon. The attack was primarily a UDP flood launched from compromised customer-premises equipment (CPE), including IoT devices and routers, across more than 11,000 unique networks worldwide. The attack was detected in real-time, and mitigation action was taken using the customer's DDoS scrubbing facility. FastNetMon's founder, Pavel Odintsov, called for ISP-level intervention to stop the weaponization of compromised consumer hardware. The attack was one of the largest packet-rate floods publicly disclosed.

Open in new tab

Microsoft August 2025 Patch Tuesday Addresses 111 Vulnerabilities, Including Multiple Critical EoP Flaws

Microsoft's August 2025 Patch Tuesday addressed 111 vulnerabilities, with 16 rated Critical, 92 Important, 2 Moderate, and 1 Low in severity. The update includes fixes for 44 elevation-of-privilege (EoP) flaws, 35 remote code execution (RCE) vulnerabilities, 18 information disclosure flaws, 8 spoofing vulnerabilities, and 4 denial-of-service defects. Notable patches include fixes for Azure OpenAI, Windows Kerberos, and Microsoft SQL Server. The update also addresses critical RCE vulnerabilities in SharePoint, Windows Graphics Component, and Microsoft's GDI+ graphics interface, highlighting the need for immediate patching and mitigation strategies. The update is significant for its focus on EoP vulnerabilities, which can allow attackers to escalate privileges post-compromise. Key vulnerabilities include CVE-2025-53767 in Azure OpenAI, CVE-2025-53779 in Windows Kerberos, and multiple flaws in Microsoft SQL Server. Microsoft's September 2025 Patch Tuesday addresses 81 vulnerabilities, including two publicly disclosed zero-day vulnerabilities in Windows SMB Server and Microsoft SQL Server. The update also includes fixes for 38 EoP vulnerabilities, 22 RCE vulnerabilities, 16 information disclosure vulnerabilities, 3 denial of service vulnerabilities, 1 spoofing vulnerability, and 2 security feature bypass vulnerabilities. The KB5065429 cumulative update for Windows 10 22H2 and Windows 10 21H2 includes fourteen fixes or changes, addressing unexpected UAC prompts and severe lag and stuttering issues with NDI streaming software. The update includes Microsoft's September 2025 Patch Tuesday security updates, which fix two publicly disclosed zero-day vulnerabilities and 81 flaws. Microsoft's September 2025 Patch Tuesday addresses 80 vulnerabilities, including one publicly disclosed vulnerability in Windows SMB. The update includes fixes for 38 EoP vulnerabilities, 22 RCE vulnerabilities, 14 information disclosure vulnerabilities, and 3 denial-of-service vulnerabilities. The update also addresses critical flaws in Azure Networking, Microsoft High Performance Compute (HPC) Pack, and Windows NTLM, among others.