Vulnerabilities
Known Exploited Vulnerability (KEV)
Also known as: CISA KEV, KEV Catalog entry
Definition
A CVE that the U.S. CISA confirms is being actively exploited and adds to its public KEV Catalog, triggering remediation deadlines for U.S. federal agencies.
Examples
- CVE-2021-44228 (Log4Shell) added to KEV shortly after disclosure.
- CVE-2017-0144 (EternalBlue) — listed for years due to ongoing ransomware abuse.
Related terms
Vulnerability
A weakness in a system, application, or process that an attacker can exploit to violate confidentiality, integrity, or availability.
CVE (Common Vulnerabilities and Exposures)
A public catalogue that assigns a unique identifier to each disclosed software or hardware vulnerability so they can be referenced unambiguously across the industry.
CVSS (Common Vulnerability Scoring System)
An open framework, maintained by FIRST, that produces a 0–10 severity score for a vulnerability based on its exploitation characteristics and impact.
EPSS (Exploit Prediction Scoring System)
A data-driven model, maintained by FIRST, that estimates the probability a given CVE will be exploited in the wild within the next 30 days.
Zero-Day Exploit
Working exploit code for a vulnerability that the vendor does not yet know about, or for which no patch is available — extremely valuable to attackers.
Patch Management
The end-to-end process of identifying, testing, deploying, and verifying software updates that fix vulnerabilities or bugs.