Intruder, a leading authority in exposure management, has unveiled its 2025 Exposure Management Index, highlighting the top vulnerabilities confronting small and midsize businesses (SMBs) and how these organizations are responding. The report aims to deliver enterprise-level security insights to SMBs without the need for massive budgets or external consulting services.

Cybersecurity is a structural challenge for small and mid-sized organizations,” said Chris Wallis, CEO of Intruder. “They face the same threat landscape as larger enterprises but often lack the resources and personnel to respond effectively. A successful attack can be devastating, even existential, for SMBs. Our goal is to provide actionable intelligence so that robust cybersecurity isn’t just reserved for those with deep pockets.”

AI Amplifies Risk from Older Vulnerabilities

A key takeaway from the 2025 Index is that SMBs continue to face serious threats from vulnerabilities that have been known for years, now intensified by AI. While the zero-day ToolShell vulnerability has drawn attention, many older CVEs—some disclosed one to three years ago—remain unpatched in SMB environments. AI-assisted coding tools make it simpler for attackers to create new exploits for these older vulnerabilities, accelerating attacks and lowering the cost and complexity of targeting SMBs.

Cyber Technology Insights : Soitec and Cea Partner to Develop Automotive Cybersecurity With Advanced FD-SOI Technology

Key Findings from the 2025 Index

  • Faster remediation of critical issues: High-profile incidents this year have pushed organizations to act more quickly. Nearly 89% of critical vulnerabilities were addressed within 30 days, representing a 14% improvement over 2024.
  • Size influences response time: Larger SMBs (51–2,000 employees) take an average of 17 days to remediate critical vulnerabilities due to complex approval and testing processes, while smaller teams resolve issues more swiftly, averaging 14 days.
  • Sector differences: Software companies lead in remediation speed, fixing critical issues in roughly 13 days due to modern infrastructures and compliance pressures. Financial services follow, averaging 22 days, benefiting from stricter regulation and relatively larger security budgets.

SMBs Face Expanding Exposure

Several factors are contributing to increased cyber risk for SMBs in 2025:

  • AI-generated code risks: Rapid adoption of AI in software development can introduce vulnerabilities if code isn’t thoroughly reviewed.
  • Cloud expansion: While cloud adoption provides agility, it also increases the attack surface.
  • Shadow IT: Unmonitored tools and applications continue to expose sensitive data.
  • Supply chain vulnerabilities: SMBs serving as vendors to larger organizations remain attractive targets, as demonstrated by disruptions at Heathrow Airport and Jaguar Land Rover’s production lines earlier this year.

Cyber Technology Insights : XLC Strengthens DDoS Protection Across Asia Pacific with Corero Network Security

In 2024, Intruder’s customers experienced an average of 474 critical and high vulnerabilities. For 2025, the forecast anticipates roughly 198 critical vulnerabilities, but high-severity issues are expected to rise from 281 to 334. With resources stretched, prioritizing the most dangerous vulnerabilities remains a challenge for many SMB IT teams.

Top Five Vulnerabilities in 2025

Intruder identified the most pressing vulnerabilities affecting SMBs based on prevalence, exploit likelihood, and potential real-world impact:

  1. Apache Tomcat RCE (CVE-2025-24813): A widely deployed application vulnerability, making it the most common critical CVE observed across SMBs.
  2. ToolShell (CVE-2025-53770): Easily exploitable and fast-tracked by attackers due to delays between disclosure and patch release.
  3. Palo Alto Auth Bypass (CVE-2025-0108): Demonstrates the persistent risk of authentication failures on management interfaces, which can grant attackers immediate access.
  4. Apache mod_rewrite RCE (CVE-2024-38475): Despite being disclosed last year, it remains highly relevant due to widespread web server deployment and quick adoption by attackers.
  5. Fortinet Perimeter Vulnerabilities (CVE-2024-55591 & CVE-2025-32756): Internet-facing edge appliances remain prime targets. Organizations often rely on fast patching and compensating controls rather than vendor changes.

The 2025 Exposure Management Index underscores the evolving threat landscape for SMBs, showing how AI and existing vulnerabilities are reshaping the risk environment. Effective, timely remediation and vigilance remain critical for organizations navigating this increasingly complex cybersecurity landscape.

Cyber Technology Insights : HCLTech and Zscaler Strengthen Alliance to Deliver AI-Driven Security and Network Transformation

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com