News brief: RCE flaws persist as top cybersecurity threat

Remote code execution flaws are among the most prevalent and critical vulnerabilities in software today. Some of the most high-profile cybersecurity events in history -- including the 2021 Log4Shell Log4j library vulnerability, the Apache Struts vulnerability that led to the 2017 Equifax breach and the 2014 Shellshock Bash vulnerability -- were attributed to RCE flaws.

RCE exploits aren't new -- in fact, they have existed for decades. The result of coding errors, configuration issues or insecure input handling, these popular targets enable attackers to execute malicious code on a target system. As of Dec. 4, more than 20% of the entries in CISA's Known Exploited Vulnerabilities catalog are related to RCEs.

This week's featured news looks at a few of the latest RCEs and their impact.