Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Mind the Gap: A Closer Look at Eight Notable CVEs from 2022

A Closer Look at Eight Notable CVEs from 2022

This is the last of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we examine eight notable CVEs with significant gaps in disclosure timelines and discuss how Tenable can help.

Curiosity demands that we ask questions, that we try to put things together and try to understand this multitude of aspects and perhaps resulting from the action of a relatively small number of elemental things and forces acting in an infinite variety of combinations.

—Richard. P. Feynman

In the last of our four-part blog series we take a closer look at eight notable CVEs in 2022 and explore how the gaps between their discovery and their full disclosure on the National Vulnerability Database (NVD) could put organizations at risk. These are three key findings:

  1. Of the eight notable CVEs from 2022 analyzed for this study, some had gaps of 50 days or more between the time of their initial disclosure and the time they were fully disclosed in NVD. This gap gives threat actors the advantage, as they can utilize the flaw before many security teams even know there is a risk, let alone assess to see if they’re impacted.
  2. We saw 186 days elapse between the time CVE-2022-1096 (a type confusion vulnerability in V8 in Google Chrome) was discovered and the time it was fully disclosed on NVD. This vulnerability had at least one exploit available 101 days before it was fully disclosed on NVD.
  3. Between January 1, 2000, and Dec. 31, 2022, Tenable provided Nessus plugin coverage for 32,862 vulnerabilities ahead of NVD, of which 677 had not been fully disclosed in NVD as of the release date of this study.

Selected vulnerabilities with significant gaps in 2022

In this section we highlight eight CVEs from 2022 for which we tracked a significant delay in details being fully disclosed on NVD; for at least three of these, it took months before they were fully disclosed on NVD.

As Fig. 1 shows, the eight CVEs:

  • Received details on NVD after Tenable plugin coverage was available.
  • Have been rated by Tenable Vulnerability Priority Rating (VPR) as Critical or High.
  • Had a functional exploit identified.

Fig. 1

CVE

Description

CVSS v3

VPR*

CVE-2022-1134

Type confusion in V8 Google Chrome

8.8

Critical

CVE-2022-1364

Type confusion in V8 Turbofan in Google Chrome

8.8

Critical

CVE-2022-1096

Type confusion in V8 in Google Chrome

8.8

Critical

CVE-2022-0609

Vulnerability in Animation in Google Chrome

8.8

Critical

CVE-2022-42827

Out-of-bounds write issue in iPadOS

7.8

Critical

CVE-2022-40684

authentication bypass in Fortinet FortiOS

9.8

Critical

CVE-2022-22960

Privilege escalation - VMWare

7.8

High

CVE-2022-20699

Multiple vulnerabilities in CISCO Small Business RV160, RV260, RV340, and RV345 Series Routers

9.8

High

*as of the day of publication of this study

Source: Tenable Research, April 2023

Below we provide a closer look at how the timelines played out for each of the above CVEs.

CVE-2022-1134

CVE-2022-1134 is a type confusion in V8, the Javascript engine used by Google Chrome. For this vulnerability, Tenable discovered the first piece of intelligence on March 29, 2022, and provided the earliest Nessus plugin coverage on the same day. Vulnerability details were fully disclosed on NVD 100 days later, on July 23, 2022.

CVE-2022-1364

CVE-2022-1364 is a type confusion in V8, the Javascript engine used by Google Chrome. For this vulnerability, Tenable discovered the first piece of intelligence on April 14, 2022, and provided the earliest Nessus plugin coverage on the same day. Vulnerability details were fully disclosed on NVD 100 days later, on July 26, 2022.

CVE-2022-1096

CVE-2022-1096 is a type confusion in V8, the Javascript engine used by Google Chrome. For this vulnerability, Tenable discovered the first piece of intelligence on January 18, 2022, and provided the earliest Nessus plugin coverage on March 25, 2022. Vulnerability details were fully disclosed on NVD 186 days later, on July 23, 2022. For this vulnerability, we observed at least one exploit available on March 28, 2022.

CVE-2022-0609

CVE-2022-0609 is a vulnerability in Animation in Google Chrome. For this vulnerability, Tenable discovered the first piece of intelligence on February 14, 2022, and provided the earliest Nessus plugin coverage on the same day. Vulnerability details were fully disclosed on NVD 50 days later, on April 4, 2022. For this vulnerability, we observed at least one exploit available on February 15, 2022.

CVE-2022-42827

CVE-2022-42827 is an out-of-bounds write issue in iPadOS 15.7.1, iOS 16.1 and iPadOS 16. Tenable discovered the first piece of intelligence on October 25, 2022, and provided the earliest Nessus plugin coverage on October 27, 2022. Vulnerability details were fully disclosed on NVD five days laters, on November 1, 2022. For this vulnerability, at least one exploit has been observed on October 25, 2022.

CVE-2022-40684

CVE-2022-40684 is an authentication bypass vulnerability using an alternate path in Fortinet FortiOS versions 7.2.0 – 7.2.1 and 7.0.0 – 7.0.6, FortiProxy version 7.2.0 and versions 7.0.0 – 7.0.6. Tenable discovered the first piece of intelligence on October 7, 2022, and provided the earliest Nessus plugin coverage on the same day. Vulnerability details were fully disclosed on NVD 11 days later, on November 18, 2022. For this vulnerability, at least one exploit has been observed on October 10, 2022.

CVE-2022-22960

CVE-2022-22960 is a privilege escalation vulnerability in VMware Workspace ONE Access, Identity Manager and vRealize Automation. Tenable discovered the first piece of intelligence on April 6, 2022 and provided the earliest Nessus plugin coverage on the same day. Vulnerability details were fully disclosed on NVD seven days later, on April 13, 2022. For this vulnerability, at least one exploit was observed on April 15, 2022.

CVE-2022-20699

CVE-2022-22960 is a privilege escalation vulnerability in VMware Workspace ONE Access, Identity Manager and vRealize Automation. Tenable discovered the first piece of intelligence on April 6, 2022 and provided the earliest Nessus plugin coverage on the same day. Vulnerability details were fully disclosed on NVD seven days later, on April 13, 2022. For this vulnerability, at least one exploit was observed on April 15, 2022.

Conclusion

As this blog series demonstrates, security teams are inundated with tens of thousands of vulnerabilities each year. While the frameworks and systems put in place to help prioritize remediation efforts are indispensable tools, they often leave gaps in visibility that could be exploited by attackers. The Tenable VPR functionality discussed in this report offers additional guidance to help security professionals identify the vulnerabilities to find and fix first. But it’s only the start.

A preventive cybersecurity strategy requires visibility not only of the vulnerabilities that are present, but also of the misconfigurations that can occur in cloud assets and identity management systems, the unknown web applications that exist across an organization’s attack surface and the non-IT assets such as operational technology and internet of things devices. The siloed nature of preventive security tools makes it difficult for security organizations to analyze all of the above in context in order to obtain an objective view of cyber risk.

At Tenable, we believe preventive cybersecurity requires a new approach. We envision a future in which vulnerability management and other preventive cybersecurity tools come together in a new paradigm we call exposure management. While vulnerability management best practices are foundational, an exposure management program goes beyond classical vulnerability details (e.g., descriptions and CVSS scores) provided by commonly used public vulnerability sources to provide security teams with important context about attack paths, user privileges, cloud configurations and web applications so they can obtain a continuous and complete picture of what’s happening across the attack surface. Only by examining the depth and breadth of vulnerability information in context with the other elements of the attack surface can organizations hope to create a preventive security strategy that effectively reduces their cyber risk.

A list of Tenable plugins covering the CVEs analyzed in this study can be found here.

About The Mind the Gap series

This four-part Mind the Gap blog series is a valuable resource for security professionals that provides an overview of the observed vulnerability landscape with a focus on vulnerabilities discovered by Tenable Research before detailed information appeared on the (NVD. This series stems from the analysis of our own dataset, one of the most extensive and rich datasets in the industries. Through the years, we gathered a broad knowledge of the vulnerability landscape, enmeshed with Tenable Research-specific insights and reporting capabilities.

Other blogs in this series:

Learn More

Read the blog post So Many Vulnerabilities So Little Time: Zero In and ‘Zero Click’ into the Current Vulnerability Landscape

From our Cyber Exposure Alerts:

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training