Skip to main content
MySeq

30-Month Update with CISA KEV

·188 words·1 min
Posts cisa kev vulnmgmt
zd
Author
zd
cli-geek, strategist
Table of Contents
CISA_KEV - This article is part of a series.
Part 1: CISA KEV Distribution
Part 2: State of KEV After 25 months
Part 3: State of KEV After 26 months
Part 4: State of KEV After 28 months
Part 5: This Article

CISA KEV has been released 30 months. Today, there are total of 1103 (+20) CVE been added to CISA KEV catalog.

CISA Catalog of Known Exploited Vulnerabilities [ 2024.04.30/1103 ]

Updates
#

As of today, there are total of 1099 CVE have overdue, and another 4 will due in May 2024.

Highlights (within CISA KEV catalog):

  • The top-5 vendors with highest number of vulnerabilities remain the same (total 174 vendors).
  • The top-5 vendors hold 551 (around 50%) of all the 1103 CVE.
  • The top-5 vulnerable products remain the same (total 453 products).
  • There are 253 (or ~27%) CVE found at the top-5 vulnerable products.
  • The mean value increases to 91.91 (was 90.25).
  • The top-5 months where distribution of KEV is higher than mean remain the same (Mar, Apr, May Jun, Nov).

Current State
#

MicrosoftAppleCiscoAdobeGoogleothers
28475716754552
WindowsMultiple Products (Apple)Internet ExplorerFlash PlayerChromium V8others
11238312928865

mean_val=91.91666666666667

JanFebMarAprMayJunJulAugSepOctNovDec
28321321642401465846474512540
CISA_KEV - This article is part of a series.
Part 1: CISA KEV Distribution
Part 2: State of KEV After 25 months
Part 3: State of KEV After 26 months
Part 4: State of KEV After 28 months
Part 5: This Article

Related

State of KEV After 28 months
·187 words·1 min
Posts cisa kev vulnmgmt
Analysis of CISA KEV catalog.
State of KEV After 26 months
·184 words·1 min
Posts cisa kev vulnmgmt
Summarize CISA KEV cataglog by end of 2023.
State of KEV After 25 months
·142 words·1 min
Posts cisa kev vulnmgmt
See what happen to CISA KEV cataglog by end of Nov 2023.