Also notable this month is the dramatic growth in CVE-2020-25078, which is also an IoT vulnerability but this time in several IP cameras. On the one hand the volume of traffic scanning for this vulnerability was not remarkable, with ~3600 connections in February, but only 200 connections were attempted in January, which means traffic increased roughly 18-fold in one month. Let’s see what else changed to put this growth in context.

February Vulnerabilities by the Numbers

Figure 1 shows the top ten vulnerabilities and their traffic for February. Below CVE-2020-25078 we see several CVEs that have been near the top throughout 2022, such as CVE-2017-9641 and the CVE-less 2018 JAWS digital video recorder vulnerability.

However, also notable is CVE-2020-0688, a remote code execution (RCE) vulnerability in Microsoft Exchange Server. This is obviously not a new vulnerability, but we only recently identified it in our logs, despite its presence throughout this project.