Finding vulnerabilities is one thing; fixing them is another. Flaws in software are far less challenging to patch than in firmware, and this is reflected in the Claroty 2H 2021 ICS Risk & Vulnerability Report. Report results show three-quarters of fully remediated vulnerabilities are software based.
Of fully remediated vulnerabilities, 74%
are software based. This reinforces the fact that given the ease in patching software over firmware, you have the ability to prioritize patching within your operational environment.
Of partially or non-remediated vulnerabilities, 62%
could result in remote code execution or in denial-of-service when exploited. However, when you can't patch you should do what you can to mitigate. It’s important to have strategies in place to mitigate the effects of software and firmware vulnerabilities until a patch is available.
For the industry's foremost snapshot and overview of vulnerabilities disclosed in automation products and OT networks, download the full report now. For support with digital safety and cybersecurity for your organization, please get in touch to schedule a