Most Exploited Vulnerabilities2022
Query
CVE Vendor Product Type
CVE-2018-13379 Fortinet FortiOS and FortiProxy SSL VPN credential exposure
CVE-2021-34473 (Proxy Shell) Microsoft Exchange Server RCE
CVE-2021-31207 (Proxy Shell) Microsoft Exchange Server Security Feature Bypass
CVE-2021-34523 (Proxy Shell) Microsoft Exchange Server Elevation of Privilege
CVE-2021-40539 Zoho ADSelfService Plus RCE/Auth Bypass
CVE-2021-26084 Atlassian Confluence Server/Data Center Arbitrary code execution
CVE-2021- 44228 (Log4Shell) Apache Log4j2 RCE
CVE-2022-22954 VMware Workspace ONE RCE
CVE-2022-22960 VMware Workspace ONE Improper Privilege Management
CVE-2022-1388 F5 Networks BIG-IP Missing Authentication
CVE-2022-30190 Microsoft Multiple Products RCE
CVE-2022-26134 Atlassian Confluence Server/Data Center RCEAbout this query
Explanation
This query is designed to identify devices that are vulnerable to some of the most exploited security vulnerabilities in 2022. Here's a simple breakdown of what the query does:
-
Define a List of Vulnerabilities: It starts by creating a list of Common Vulnerabilities and Exposures (CVEs) that were most exploited in 2022. These include vulnerabilities in products from companies like Microsoft, Fortinet, Zoho, Atlassian, Apache, VMware, and F5 Networks.
-
Filter Devices: The query then checks which devices in the network have these vulnerabilities. It looks for devices that have any of the listed CVEs.
-
Add Contextual Information: For each vulnerable device, the query retrieves additional information about the vulnerability, such as a description, by joining with another dataset that contains detailed information about each CVE.
-
Output Results: Finally, it outputs a list of devices, their operating systems, the specific CVE they are vulnerable to, and a description of the vulnerability. This information can be used to prioritize patching efforts to secure the network.
The query is part of a cybersecurity effort to prevent breaches by identifying and addressing known vulnerabilities that attackers have frequently exploited.
Details

Bert-Jan Pals
Released: January 18, 2026
Tables
Keywords
Operators