Reports
Weekly Enterprise  Exploitation Trend Report
Manage view

Weekly Enterprise Exploitation Trend Report

26-11-2025 to 02-12-2025
The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.
Download PDF
Subscribe
250
250
Actively Exploited Vulnerabilities
108
108
Vendors Actively Exploited
Apache
Apache
Most Exploited Vendor
Cisco IOS XE
Cisco IOS XE
Most Exploited Product
Top 10 Actively Exploited Vendors
1
Apache
2
Ivanti
3
Atlassian
4
Cisco
5
Oracle
6
Microsoft
7
Citrix
8
Palo Alto Networks
9
VMware
10
Adobe
Top 10 CVEs of 2025 with the Highest EPSS Scores -02-12-2025
1
CVE-2024-27198
  • JetBrains TeamCity
  • Authentication Bypass
  • EPSS: 0.94579
  • Percentile: 1
2
CVE-2023-23752
  • Joomla
  • Improper Access Control
  • EPSS: 0.94502
  • Percentile: 1
3
CVE-2023-35078
  • Ivanti EPMM
  • Authentication Bypass
  • EPSS: 0.94482
  • Percentile: 0.99999
4
CVE-2024-6670
  • WhatsUp Gold
  • SQL Injection
  • EPSS: 0.94468
  • Percentile: 0.99996
5
CVE-2024-23897
  • Jenkins
  • Arbitrary File Read
  • EPSS: 0.94455
  • Percentile: 0.99993
6
CVE-2023-44487
  •  HTTP/2 protocol
  • Denial of Service
  • EPSS: 0.94451
  • Percentile: 0.99992
7
CVE-2023-32315
  • Openfire
  • Path Traversal
  • EPSS: 0.94441
  • Percentile: 0.9999
8
CVE-2023-38035
  • Ivanti MobileIron Sentry
  • Authentication Bypass
  • EPSS: 0.94438
  • Percentile: 0.99988
9
CVE-2024-7593
  • Ivanti vTM
  • Authentication Bypass
  • EPSS:0.94436
  • Percentile: 0.99986
10
CVE-2023-46747
  • BIG-IP Configuration Utility
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99986
Top Exploited CVEs Against Enterprise Applications
CVE-2023-20198
Critical
Critical
Critical
Critical
Cisco
  • Code/command Injection and Execution
  • Cisco IOS XE
  • -
    United States
CVE-2022-41082
Critical
Critical
Critical
Critical
Microsoft
  • Code/command Injection and Execution
  • Exchange
  • Used by Ransomware
    -
    United States
CVE-2021-42013
Critical
Critical
Critical
Critical
Apache
  • Code/command Injection and Execution
  • Apache HTTP Server
  • Used by Ransomware
    -
    United States
CVE-2017-9841
Critical
Critical
Critical
Critical
PHPUnit - Sebastian Bergmann
  • Code/command Injection and Execution
  • PHPUnit
  • -
    United States
CVE-2019-1653
High
High
High
High
Cisco
  • Sensitive Information Disclosure
  • Cisco RV320/RV325
  • -
    United States
CVE-2019-19781
Critical
Critical
Critical
Critical
Citrix
  • Directory Traversal
  • Application Delivery Controller
  • Used by Ransomware
    -
    United States
CVE-2018-13379
Critical
Critical
Critical
Critical
Fortinet
  • Path Traversal
  • FortiOS
  • Used by Ransomware
    -
    United States
CVE-2022-40684
Critical
Critical
Critical
Critical
Fortinet
  • Authentication Bypass
  • FortiOS, FortiProxy, and FortiSwitchManager
  • Used by Ransomware
    -
    China
CVE-2023-22527
Critical
Critical
Critical
Critical
Atlassian
  • Code/command Injection and Execution
  • Confluence
  • Used by Ransomware
    -
    United Kingdom
CVE-2021-44228
Critical
Critical
Critical
Critical
FortinetApache
  • Code/command Injection and Execution
  • Log4j
  • Used by Ransomware
    -
    Germany
Top 10 Targeted Countries
Top 10 Targeted Countries
China
:
43021
United States
:
38797
Vietnam
:
16565
Singapore
:
15662
India
:
11666
Egypt
:
11205
Brazil
:
8385
Pakistan
:
4603
UK
:
4363
Russia
:
4166
Actively Exploited Enterprise Vendors
Apache | Ivanti | Atlassian | Cisco | D-Link | Oracle | Microsoft | Citrix | Palo Alto Networks | VMware | Adobe | Fortinet | Draytek | F5 | Spring | Progress | Netgear | QNAP | Zoho | SAP | Zyxel | SysAid | Wordpress | Realtek | SolarWinds | Synacor | Geoserver | Juniper | Sonatype | Tenda | Aviatrix | SonicWall | JetBrains | Gladinet | Dassualt Systems | CrushFTP | Grafana | Dasan | PHPUnit - Sebastian Bergmann | Zyxel/Billion | Pulse Secure | ASUS | TP-Link | Laravel | ownCloud | Drupal | Open Source Matters, Inc/Joomla community | Barco/AWIND | Hikvision | ConnectWise | GLPI (teclib) | Linear | PrimeFaces | PHP Foundation | Micro Focus | MobileIron | SaltStack | vBulletin | mongo-express | nostromo | Webmin | Telerik | Sunhillo | Roundcube | WSO2 | LG | dotCMS | Dahua | Sitecore | CONTEC | IBM | Paessler | Elastic | Fortra | Node.js | NextGen Healthcare | PaperCut | Sophos | MinIO | Qlik | Check Point | Mitel | Lime Technology | wftpserver.com | Terramaster | FreePBX | NAKIVO | Hitachi Vantara | XWiki | ForgeRock | Commvault | RedHat | Array Networks | Langflow | Rejetto | Jenkins | Yealink | Metabase | Schneider Electric | Kentico | PTZOptics | Cacti | Arcadyan | SugarCRM | GeoVision | Cleo | ServiceNow | Wazuh
Most Active Ransomware Groups
#
Industry
Country
Ransomware
1
1
Business
Industry
Australia
Country
inc ransom
2
2
Government
Industry
United States
Country
play
3
3
Business
Industry
United States
Country
ransomhouse
4
4
Business
Industry
France
Country
qilin
5
5
Business
Industry
United States
Country
akira
6
6
Healthcare
Industry
Jordan
Country
devman2
7
7
Business
Industry
Vietnam
Country
radar
8
8
Business
Industry
Belgium
Country
tridentlocker
9
9
Business
Industry
United States
Country
genesis
10
10
Business
Industry
Singapore 
Country
crypto24
Ransomware Posting Frequency by Group - Last 7 Days
Remotely Exploited CISA KEV CVEs Added
These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them  to mitigate risks.
CVE-2021-26829
CVE-2025-61757
CVE-2025-13223
CVE-2025-58034
CVE-2025-64446
CVE-2025-12480
CVE-2025-62215
CVE-2025-9242
CVE-2025-21042
CVE-2025-48703
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy