Recent Breaches
Breaches
View All →
Back to Threat Counter
60%

of breaches exploit unpatched vulnerabilities

Unpatched Vulnerabilities
The Open Door

Every connected system has vulnerabilities. It is not a question of if they will be discovered, but when, and whether you will patch before attackers exploit.

97 days

Average time to patch critical vulnerabilities

10%

Organisations that patch within 24 hours

60%

Breaches involving unpatched vulnerabilities

28,000+

CVEs published in 2024

Vulnerability Types

Every system has weaknesses

Zero-Day Exploits

Time to exploit: < 24 hours

Unknown vulnerabilities discovered and exploited before vendors can issue patches. Organisations are defenceless until a fix is released.

Example: MOVEit (2023) - Zero-day in file transfer software exposed 77M+ people

Known Vulnerabilities

Time to exploit: 15 days average

Patches exist but are not applied. The average time to exploit a known vulnerability is just 15 days, faster than most patch cycles.

Example: Log4Shell - Critical vulnerability, many systems still unpatched a year later

Misconfigurations

Time to exploit: Immediate

Open ports, default credentials, exposed admin panels. These are not bugs. They are setup mistakes that create easy entry points.

Example: Microsoft Power Apps - 38M records exposed via misconfigured portals

Legacy Systems

Time to exploit: Permanent risk

End-of-life software receiving no security updates. Many critical systems run on Windows 7, XP, or even older platforms.

Example: WannaCry - Exploited Windows XP systems still running in NHS hospitals

Recent Exploits

Vulnerabilities actively being exploited

MOVEit Transfer

CVE-2023-34362

77 million individuals affected

Victims

2,600+ organisations

Citrix NetScaler

CVE-2023-4966

Session hijacking and data theft

Victims

Major corporations

FortiOS SSL VPN

CVE-2022-42475

Remote code execution

Victims

Government agencies

You can't patch fast enough.
Disconnect instead.

With 28,000+ new vulnerabilities discovered annually, patching is an endless race. Offline storage eliminates the attack surface entirely. There is nothing to exploit.

Mark Fermor
David Bailey
Kenny Phipps
Online Now
Concierge

Which offline secure storage solution is right for you?

Answer a few quick questions and we will recommend the right solution, whether that is a personal vault or a scalable offline storage system built for your needs.

Takes about 2 minutes. No account needed.

Free2 minsNo sign-up

    Your privacy matters

    We use cookies to keep the site running smoothly and to understand how you use it. You are in control. Privacy Charter · Cookie Policy

    Firevault

    Firevault is Offline Secure Storage. Hardware you own, physically disconnected by default, with KYC-verified access. Ransomware-proof by design, not by patch.

    © 2026 Firevault Limited. Disconnect to Protect®