44% Of The Zero-Days Exploited In 2024 Were In Enterprise Solutions
HelpNet Security, Tuesday, April 29th, 2025
In 2024, threat actors exploited 75 zero-days - i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch - in a wide variety of attacks.
Of these, 33 vulnerabilities (44%) affected enterprise solutions, which is up from 37% in 2023, according to Google Threat Intelligence Group researchers.
'Zero-day vulnerabilities in security software and appliances were a high-value target in 2024. We identified 20 security and networking vulnerabilities, which was over 60% of all zero-day exploitation of enterprise technologies,' they noted.
'Exploitation of these products, compared to end-user technologies, can more effectively and efficiently lead to extensive system and network compromises, and we anticipate adversaries will continue to increase their focus on these technologies.'