CVE Intelligence
CVE Intelligence surfaces prioritized vulnerabilities affecting your organization's discovered assets, enriched with real-world exploitation context — including ransomware group exploitation, in-the-wild activity, CVSS scores, and EPSS probability scores.
Accessing CVE Intelligence
From the left navigation menu in the console, click CVE Intelligence.
Features
Exploited Vulnerabilities
CVE Intelligence focuses on vulnerabilities that are not just known, but actively relevant:
- CVEs detected on assets in your ShadowSpot attack surface
- CVEs flagged as exploited in the wild by threat actors
- CVEs known to be exploited by ransomware groups
- CVEs with high EPSS scores (high probability of exploitation)
CVE Prioritization
Not all CVEs are equal. CyberXTron prioritizes CVEs using multiple signals:
| Signal | Description |
|---|---|
| CVSS Score | Base severity score (0–10) |
| EPSS Score | Probability that the CVE will be exploited within 30 days |
| Ransomware exploitation | Whether known ransomware groups have used this CVE |
| In-the-wild exploitation | Whether active exploitation has been observed |
| Asset exposure | Whether the vulnerable software is running on an internet-facing asset |
This multi-signal prioritization lets your team focus remediation effort where it actually matters.
Contextual Risk Scoring
For each CVE, CyberXTron generates a contextual risk score that combines the raw CVSS/EPSS signals with your specific exposure context — giving you a prioritized, organization-specific risk rating rather than a generic severity number.
CVE Detail View
Clicking any CVE opens a detail view showing:
- CVE description — What the vulnerability is
- Affected software and versions
- CVSS vector and score
- EPSS score and percentile
- Ransomware groups known to exploit this CVE
- In-the-wild exploitation evidence
- Affected assets in your environment (from ShadowSpot)
- Recommended remediation — Patch, upgrade, or compensating control
Filtering and Search
| Filter | Description |
|---|---|
| Severity (CVSS) | Critical (9.0–10), High (7.0–8.9), Medium (4.0–6.9) |
| EPSS threshold | Filter to CVEs with EPSS above a set probability |
| Ransomware exploitation | Show only ransomware-exploited CVEs |
| In the wild | Show only actively exploited CVEs |
| Asset | Filter to CVEs on a specific domain or IP |
Integration with ShadowSpot
CVE Intelligence is directly connected to ShadowSpot. Every CVE displayed here corresponds to a ShadowSpot finding on one of your monitored assets. Clicking through from a CVE takes you to the relevant ShadowSpot finding with full asset and remediation context.