Watch A Demo

CISA KEV Ransomware Interactive Visualization

Scott Kuffer
October 18, 2023
Company
CISA KEV Ransomware

Looking at CISA KEV Associated with Ransomware

When we first built the CISA KEV enrichment dashboard at Nucleus, our goal was to gain new insights into the vulnerabilities that had been confirmed by CISA as being exploited. Recently, CISA expanded the Known Exploited Vulnerabilities Catalog with vulnerabilities “known to be used in ransomware campaigns”. We find this data valuable in helping organizations identify which vulnerabilities on the KEV pose greater risk.

To offer a comprehensive understanding of CISA KEV’s new addition of vulnerabilities associated with ransomware, I categorized all known entries by vendor and product and created an interactive data visualization that makes it easy to explore. Data visualization is a powerful tool for quickly interpreting complex information. This interactive chart allows users to gain insights into what technologies are most impacted by KEV entries that are associated with ransomware.

CISA KEV Data Last updated: 10/15/2023
Taking a look at vulnerabilities from CISA KEV from a different perspective, we can see which vendors and products are most commonly associated with ransomware without having to interact. The radial chart is ranked in order starting with vendor and products by prevalence.

We can observe from the chart:
Microsoft accounts for 42% of vulnerabilities associated with Ransomware on CISA KEV.


CISA Ransomware Vulnerabilities

The top ten products by vulnerability count include:

  1. Microsoft Windows(32)
  2. Microsoft Exchange(13)
  3. Microsoft Win32k (7)
  4. Microsoft Internet Explorer (4)
  5. QNAP NAS(4)
  6. QNAP Photo Station (4)
  7. Accellion FTA (4)
  8. Adobe Flash Player (3)
  9. Oracle Jave SRE (3)
  10. Microsoft SMB (3)
  11. VMware VCenter (3)


CISA KEV Ransomware

18.1% have been associated with ransomware demonstrating some of the highest risk vulnerabilities that should be prioritized to remediate as quickly as possible.

Aligned with CISA, we recommend patching all CISA KEV vulnerabilities, and it’s worth noting that any associated with ransomware are likely to poss a higher risk within your environment. Consider patching these vulnerabilities where possible and putting mitigating controls in place if you are unable to do so.


Go to the Nucleus CISA KEV Enrichment Dashboard


Learn How To Use The CISA KEV In Nucleus

Scott Kuffer
Scott is the co-founder and COO of Nucleus Security, a leading provider of risk-based vulnerability management solutions. With a wealth of experience in cybersecurity, SaaS, and business strategy, he has been at the forefront of driving innovation in vulnerability management, helping some of the world’s most complex enterprises tackle their biggest security challenges.

See Nucleus in Action

Discover how unified, risk-based automation can transform your vulnerability management.

Watch Our Demo

© 2025 Nucleus Security. All rights reserved

Webinar | From Disparate Data to Unified Risk Insights: The Role of Asset Correlation in Vulnerability Management | Save Your Seat