U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Likely Exploited Vulnerabilities, A Proposed Metric for Vulnerability Exploitation Probability

Published

Author(s)

Peter Mell, Jonathan M Spring

Abstract

This work presents a proposed security metric to determine the likelihood that a vulnerability has been observed to be exploited. Only a small fraction of the tens of thousands of software and hardware vulnerabilities that are published every year will be exploited. Predicting which ones is important for the efficiency and cost effectiveness of enterprise vulnerability remediation efforts. Currently, such remediation efforts rely on the Exploit Prediction Scoring System (EPSS), which has known inaccurate values, and Known Exploited Vulnerability (KEV) lists, which may not be comprehensive. The proposed likelihood metric may augment EPSS remediation (correcting some inaccuracies) and KEV lists (enabling measurements of comprehensiveness). However, collaboration with industry is necessary to provide necessary performance measurements.
Citation
NIST Cybersecurity White Papers (CSWP) - 41
Report Number
41
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.CSWP.41
Local Download

Keywords

Common Vulnerabilities and Exposures, CVE, Known Exploited Vulnerabilities, KEV, Exploit Prediction Scoring System, EPSS, Exploit, Likely Exploited Vulnerabilities, LEV, Metrology, Prediction, Scoring, Security, Vulnerability
Information technology and Cybersecurity

Citation

Mell, P. and Spring, J. (2025), Likely Exploited Vulnerabilities, A Proposed Metric for Vulnerability Exploitation Probability, NIST Cybersecurity White Papers (CSWP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.CSWP.41, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=959845 (Accessed May 20, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created May 19, 2025