Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks.

Gartner predicts double-digit growth across all cloud segments in 2025, with organizations increasingly adopting multi-cloud strategies. This expansion coincides with rising security concerns, as researchers with Palo Alto Networks found that by the end of 2024, organizations suffered a 388 percent increase in cloud security alerts compared to 2023.

"While cloud computing offers tremendous benefits, we're seeing an alarming increase in serious security issues affecting cloud assets," said Emma Zaballos, Senior Researcher, CyCognito. "Organizations must understand the crucial difference between high-severity vulnerabilities and those that are easily exploitable—both present distinct risks that require targeted security approaches."

For this research, CyCognito analyzed anonymized, aggregated data across nearly five million internet-exposed assets – web applications, servers, domains, and more – that the company monitors, focusing on how vulnerabilities behave "in the wild" rather than just in controlled testing environments.

This research focused on the assets hosted on cloud platforms, rather than the cloud platforms themselves. While assets were aggregated by cloud hosting providers, further research is needed to understand why variance existed between different populations of assets.

Key findings:

  • Significant Vulnerability Variations Across Providers: 38 percent of assets hosted by Google Cloud were vulnerable to at least one security issue or misconfiguration, over 2.5x more than assets hosted by AWS (15 percent), while assets hosted by Azure ranked second with 27 percent.
  • Critical Vulnerabilities Present Across All Environments: Though uncommon, critical vulnerabilities (CVSS 9.0 or higher) were detected on assets hosted by all cloud providers, with assets hosted by Azure showing a slightly higher percentage (0.07 percent) compared to assets hosted by AWS and Google Cloud (0.04 percent). Assets hosted by other cloud providers showed approximately 10 times higher rates of critical vulnerabilities.
  • Easily Exploitable Vulnerabilities Most Common on Alternative Clouds: Over 13 percent of assets hosted on other clouds and 10 percent on other hosting providers had easily exploitable vulnerabilities, compared to 5 percent hosted on Google Cloud and just 2 percent on AWS and Azure.
  • Combined Risk Factors: Assets with both critical and easily exploitable issues were found across all providers, with AWS showing the lowest rate (0.02 percent) while alternative cloud and hosting providers showed rates ten times higher.
  • The research emphasizes the importance of comprehensive security testing beyond development environments. "Security teams must focus on testing applications after they're deployed, not just during development," added Zaballos. "Dynamic application security testing is crucial as it actively tests live assets, uncovering application vulnerabilities and misconfigurations that static tools miss."

The research comes as CyCognito announced a new partnership with Wiz to enhance protection of cloud environments. CyCognito enriches Cloud-Native Application Protection Platform (CNAPP) coverage by identifying externally exposed cloud assets and identifying vulnerabilities and misconfigurations using more than 80,000 active and passive tests. By taking an outside-in attacker’s perspective, CyCognito fills visibility gaps across sanctioned and unsanctioned cloud assets and enables security teams to focus on the most

critical vulnerabilities.

For more information on the research, please see the blog post.

Featured

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

  • AI Is Now the Leading Cybersecurity Concern for Security, IT Leaders

    Arctic Wolf recently published findings from its State of Cybersecurity: 2025 Trends Report, offering insights from a global survey of more than 1,200 senior IT and cybersecurity decision-makers across 15 countries. Conducted by Sapio Research, the report captures the realities, risks, and readiness strategies shaping the modern security landscape. Read Now

  • Analysis of AI Tools Shows 85 Percent Have Been Breached

    AI tools are becoming essential to modern work, but their fast, unmonitored adoption is creating a new kind of security risk. Recent surveys reveal a clear trend – employees are rapidly adopting consumer-facing AI tools without employer approval, IT oversight, or any clear security policies. According to Cybernews Business Digital Index, nearly 90% of analyzed AI tools have been exposed to data breaches, putting businesses at severe risk. Read Now

  • Software Vulnerabilities Surged 61 Percent in 2024, According to New Report

    Action1, a provider of autonomous endpoint management (AEM) solutions, today released its 2025 Software Vulnerability Ratings Report, revealing a 61% year-over-year surge in discovered software vulnerabilities and a 96% spike in exploited vulnerabilities throughout 2024, amid an increasingly aggressive threat landscape. Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.