Decoding CISA KEV - Severity Scores & Weakness Analysis

Through Decoding CISA KEV reports, CSW experts take a step back to provide a holistic view of the KEV Catalog and its vulnerabilities to understand what types of vulnerabilities are being added to this list and to bring forward the threat context associated with each vulnerability.

In this edition, we analyzed the severity scores of KEVs and used our proprietary risk score (Vulnerability Risk Score) to understand the true risk posed by each vulnerability. We also analyzed the Common Weakness Enumeration (CWE) of the vulnerabilities listed in the KEV catalog to understand what type of weakness category is contributing the most and why.