Skip to main content

State of KEV After 28 months

·187 words·1 min
Posts cisa kev vulnmgmt
Table of Contents
CISA_KEV - This article is part of a series.
Part 4: This Article

CISA KEV has been released 28 months. Today, there are total of 1083 CVE been added to CISA KEV catalog.

CISA Catalog of Known Exploited Vulnerabilities [ 2024.02.29/1083 ]

Updates
#

As of today, there are total of 1078 CVE have overdue, and another 5 will due in March 2024.

Highlights (within CISA KEV catalog):

  • The top-5 vendors with highest number of vulnerabilities remain the same (total 171 vendors).
  • The top-5 vendors hold 543 (around 50%) of all the 1083 CVE.
  • The top-5 vulnerable products remain the same (total 456 products).
  • There are 234 (or 21%) CVE found at the top-5 vulnerable products.
  • The mean value increases to 90.25 (was 87.75).
  • The top-5 months where distribution of KEV is higher than mean remain the same (Mar, Apr, May Jun, Nov).

Current State
#

MicrosoftAppleCiscoAdobeGoogleothers
28073696754540

WindowsMultiple Products (Apple)Internet ExplorerFlash PlayerChromium V8others
11036312928849

mean_val=90.25

JanFebMarAprMayJunJulAugSepOctNovDec
28321261572331465846474512540
CISA_KEV - This article is part of a series.
Part 4: This Article

Related

State of KEV After 26 months
·184 words·1 min
Posts cisa kev vulnmgmt
Summarize CISA KEV cataglog by end of 2023.
State of KEV After 25 months
·142 words·1 min
Posts cisa kev vulnmgmt
See what happen to CISA KEV cataglog by end of Nov 2023.
CISA KEV Distribution
·451 words·3 mins
Posts chart cisa kev graph shortcodes vulnmgmt
How can we identify the trends and patterns in CISA KEV?