Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets
CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks.
Gartner predicts double-digit growth across all cloud segments in 2025, with organizations increasingly adopting multi-cloud strategies. This expansion coincides with rising security concerns, as researchers with Palo Alto Networks found that by the end of 2024, organizations suffered a 388 percent increase in cloud security alerts compared to 2023.
"While cloud computing offers tremendous benefits, we're seeing an alarming increase in serious security issues affecting cloud assets," said Emma Zaballos, Senior Researcher, CyCognito. "Organizations must understand the crucial difference between high-severity vulnerabilities and those that are easily exploitable—both present distinct risks that require targeted security approaches."
For this research, CyCognito analyzed anonymized, aggregated data across nearly five million internet-exposed assets – web applications, servers, domains, and more – that the company monitors, focusing on how vulnerabilities behave "in the wild" rather than just in controlled testing environments.
This research focused on the assets hosted on cloud platforms, rather than the cloud platforms themselves. While assets were aggregated by cloud hosting providers, further research is needed to understand why variance existed between different populations of assets.
Key findings:
- Significant Vulnerability Variations Across Providers: 38 percent of assets hosted by Google Cloud were vulnerable to at least one security issue or misconfiguration, over 2.5x more than assets hosted by AWS (15 percent), while assets hosted by Azure ranked second with 27 percent.
- Critical Vulnerabilities Present Across All Environments: Though uncommon, critical vulnerabilities (CVSS 9.0 or higher) were detected on assets hosted by all cloud providers, with assets hosted by Azure showing a slightly higher percentage (0.07 percent) compared to assets hosted by AWS and Google Cloud (0.04 percent). Assets hosted by other cloud providers showed approximately 10 times higher rates of critical vulnerabilities.
- Easily Exploitable Vulnerabilities Most Common on Alternative Clouds: Over 13 percent of assets hosted on other clouds and 10 percent on other hosting providers had easily exploitable vulnerabilities, compared to 5 percent hosted on Google Cloud and just 2 percent on AWS and Azure.
- Combined Risk Factors: Assets with both critical and easily exploitable issues were found across all providers, with AWS showing the lowest rate (0.02 percent) while alternative cloud and hosting providers showed rates ten times higher.
- The research emphasizes the importance of comprehensive security testing beyond development environments. "Security teams must focus on testing applications after they're deployed, not just during development," added Zaballos. "Dynamic application security testing is crucial as it actively tests live assets, uncovering application vulnerabilities and misconfigurations that static tools miss."
The research comes as CyCognito announced a new partnership with Wiz to enhance protection of cloud environments. CyCognito enriches Cloud-Native Application Protection Platform (CNAPP) coverage by identifying externally exposed cloud assets and identifying vulnerabilities and misconfigurations using more than 80,000 active and passive tests. By taking an outside-in attacker’s perspective, CyCognito fills visibility gaps across sanctioned and unsanctioned cloud assets and enables security teams to focus on the most
critical vulnerabilities.
For more information on the research, please see the blog post.