CVE Records of Known Exploited Vulnerabilities

Lim, Jackson; Lau, Yi Lin; Ming Chan, Leshawn Khin; Tristan Paul Goo, Jia Ming; Zhang, Huahua; Zhang, Zhiyuan; Guo, Huaqun

doi:10.1109/icccs57501.2023.10150856

Cited by 4 publications

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To manage vulnerabilities in the cybersecurity scenario, two tools are crucial to classify and track existing vulnerabilities in systems and devices: CVSS (Common Vulnerability Scoring System) [11,12] and CVE (Common Vulnerabilities and Exposures) [13,14]. CVSS is a standardized system that allows to assess the vulnerabilities' severity based on metrics such as impact, exploitation, and attack complexity [15].…”

Section: Ofmentioning

confidence: 99%

S3: Security Score System

Valadares,

Santos,

Perkusich

2023

Preprint

View full text Add to dashboard Cite

Security in the Internet of Things (IoT) is a critical concern due to the growing number of connected devices and the limited resources to implement robust security mechanisms in most of them. Adopting standard assessment frameworks, such as CVSS (Common Vulnerability Score System), allows for systematic vulnerability assessment. At the same time, CVE (Common Vulnerabilities and Exposures) records provide unique identifiers for known security issues, making it easier to share information. However, comparing security solutions is still challenging due to the diverse nature of IoT devices and the ever-evolving threat landscape, requiring continual innovation and collaboration between stakeholders. Furthermore, there still needs to be a simple way to compare technologies and solutions, taking into account the security provided by them. In this sense, in this article, we propose a tool for calculating a security score based on the CVSS index of each existing vulnerability in a given technology. We explain how the tool performs the calculation, discuss some challenges, and propose improvements for future work.

show abstract