Skip to main content

State of KEV After 25 months

·142 words·1 min
Posts cisa kev vulnmgmt
Table of Contents
CISA_KEV - This article is part of a series.
Part 2: This Article

There are total of 18 CVE been added to CISA KEV catalog in November 2023.

CISA Catalog of Known Exploited Vulnerabilities [ 2023.12.01/1043 ]

Updates
#

As of today, 8 CVE have overdue (within Nov), and another 10 will due in Dec 2023.

Highlights:

  • The top-5 vendors with highest number of vulnerabilities remain the same.
  • The top-5 vulnerable products remain the same.
  • The mean value increases to 86.916 (was 85.4167)
  • The top-5 months where distribution of KEV is higher than mean remain the same.

Current State
#

MicrosoftAppleCiscoAdobeGoogleothers
27568676551517

WindowsMultiple Products (Apple)Internet ExplorerFlash PlayerChromium V8 Engineothers
10831312925819

mean_val=86.91666666666667

JanFebMarAprMayJunJulAugSepOctNovDec
14201201572331465846484512531
CISA_KEV - This article is part of a series.
Part 2: This Article

Related

CISA KEV Distribution
·451 words·3 mins
Posts chart cisa kev graph shortcodes vulnmgmt
How can we identify the trends and patterns in CISA KEV?
Quick Review on CVSS 4.0
·439 words·3 mins
Posts cvss vulnmgmt
New CVSS 4.0 vulnerability severity rating standard released.
Vulnerability Data Analytics
·1396 words·7 mins
Posts data analytics metrics kpi report vulnmgmt
Ineffective metrics and KPIs may lead to false sense of security in Vulnerability Management reporting.