Full Report
Google claims 19% more zero-day bugs were exploited in 2024 than 2022 as threat actors focus on security products
Analysis Summary
This article reports on industry trends concerning zero-day vulnerability exploitation as observed by Google Threat Intelligence Group (GTIG), rather than detailing a specific, singular vulnerability. Therefore, the structure below will summarize the collective findings regarding the observed zero-day landscape.
# Vulnerability: Surge in Zero-Day Exploitation Targeting Enterprise Products
## CVE Details
- CVE ID: **Not applicable** (This article summarizes trends, not a specific CVE)
- CVSS Score: **Not applicable**
- CWE: **Not applicable**
## Affected Systems
- Products: **Enterprise security products**, **Networking products**, Mobile devices, Browsers, and Applications (Overall trend shift noted).
- Versions: **Not specified** (Trends span across multiple versions dependent on product type).
- Configurations: Targeting appears focused generally on these product categories.
## Vulnerability Description
Google Threat Intelligence Group (GTIG) reported a 19% increase in the number of zero-day vulnerabilities exploited in the wild since 2022. The key trend observed in 2024 is a significant shift in targeting priorities: 44% of tracked zero-days affected enterprise technologies, marking the highest share ever recorded, with security and networking products being particularly targeted (accounting for over 60% of exploited enterprise zero-days in 2024). GTIG notes that the overall exploitation rate growth is "slow but steady."
## Exploitation
- Status: **Exploited in the wild** (Tracking 75 zero-days exploited in 2024, down slightly from 98 in 2023, but up from 63 in 2022).
- Complexity: **Varies**, but the increased focus on enterprise products suggests high-value targets are involved.
- Attack Vector: **Not specified**, but exploitation of enterprise/security products often implies Network or Remote vectors.
## Impact
- Confidentiality: **High Potential** (Given the targeting of security/networking products).
- Integrity: **High Potential** (Given the targeting of security/networking products).
- Availability: **Potential** (Impact depends on the specific exploited flaw in the enterprise product).
## Remediation
### Patches
- **Not applicable** (This report discusses aggregate trends; specific patches depend on the individual zero-day CVEs identified throughout the year).
### Workarounds
- **Not applicable** (No specific workarounds are mentioned for the general trend).
## Detection
- Indicators of compromise: **Not specified** beyond the general observation of zero-day exploitation activity.
- Detection methods and tools: GTIG suspects commercial spyware vendors are increasing OpSec, potentially leading to decreased attribution and detection, suggesting automated threat hunting and rapid vulnerability assessment remain critical.
## References
- Vendor advisories: Google Threat Intelligence Group (GTIG) Report
- Relevant links:
- (Defanged Link): infosecurity-magazine-com/news/zeroday-surged-50-annually-google/ (Related article mentioned)