Skip to main content
MySeq

State of KEV After 25 months

·142 words·1 min
Posts cisa kev vulnmgmt
Table of Contents
CISA_KEV - This article is part of a series.
Part 1: CISA KEV Distribution
Part 2: This Article
Part 3: State of KEV After 26 months
Part 4: State of KEV After 28 months
Part 5: 30-Month Update with CISA KEV
Part 6: 32-Month Update with CISA KEV
Part 7: 34-Month Update with CISA KEV
Part 8: 3rd Anniversary with CISA KEV

There are total of 18 CVE been added to CISA KEV catalog in November 2023.

CISA Catalog of Known Exploited Vulnerabilities [ 2023.12.01/1043 ]

Updates
#

As of today, 8 CVE have overdue (within Nov), and another 10 will due in Dec 2023.

Highlights:

  • The top-5 vendors with highest number of vulnerabilities remain the same.
  • The top-5 vulnerable products remain the same.
  • The mean value increases to 86.916 (was 85.4167)
  • The top-5 months where distribution of KEV is higher than mean remain the same.

Current State
#

MicrosoftAppleCiscoAdobeGoogleothers
27568676551517
WindowsMultiple Products (Apple)Internet ExplorerFlash PlayerChromium V8 Engineothers
10831312925819

mean_val=86.91666666666667

JanFebMarAprMayJunJulAugSepOctNovDec
14201201572331465846484512531
CISA_KEV - This article is part of a series.
Part 1: CISA KEV Distribution
Part 2: This Article
Part 3: State of KEV After 26 months
Part 4: State of KEV After 28 months
Part 5: 30-Month Update with CISA KEV
Part 6: 32-Month Update with CISA KEV
Part 7: 34-Month Update with CISA KEV
Part 8: 3rd Anniversary with CISA KEV

Related

CISA KEV Distribution
·451 words·3 mins
Posts chart cisa kev graph shortcodes vulnmgmt
How can we identify the trends and patterns in CISA KEV?
Quick Review on CVSS 4.0
·439 words·3 mins
Posts cvss vulnmgmt
New CVSS 4.0 vulnerability severity rating standard released.
Vulnerability Data Analytics
·1396 words·7 mins
Posts data analytics metrics kpi report vulnmgmt
Ineffective metrics and KPIs may lead to false sense of security in Vulnerability Management reporting.