Generating reasoning chain...
Enter a CVE ID above to analyze its reasoning chain through CWE → CAPEC → ATT&CK mappings
All weights and rates in this analysis were learned empirically from our full training dataset of 322,763 CVEs with known exploitation outcomes from 7 sources (6 independent + NVD exploit tags: ExploitDB, CISA KEV, VulnCheck KEV, ZeroDay, NVD Exploit Tags, Sightings Exploited, Sightings PoC). The overall exploitation rate in our dataset is 12.51% (40,373 exploited CVEs).
For each CWE (Common Weakness Enumeration), we calculated the historical exploitation rate by counting how many CVEs with that CWE were actually exploited in the wild.
CVEs with CWEs above the 12.51% baseline are considered higher risk.
ATT&CK tactics are weighted based on their attack severity and impact. Tactics that enable initial compromise or code execution are weighted highest.
The component weights (35%, 35%, 30%) were learned through logistic regression on the training data. We trained a model to predict exploitation using three component scores, and the learned coefficients determined the optimal weighting.
Additional risk signals that add up to 15% bonus:
This methodology is based on our research paper: "Hybrid ML Models for CVE Exploitation Prediction". The full analysis includes ensemble models achieving AUC 0.99 for early exploitation prediction.
No specific risk factors identified for this CVE.