Your weekly vulnerability review identifies three open findings: CVE-2024-5678 (CVSS 7.5) on the internet-facing e-commerce web server, recently added to CISA's Known Exploited Vulnerabilities (KEV) catalog; CVE-2025-1234 (CVSS 9.8) on an internal HR database in a segmented subnet; and CVE-2023-9999 (CVSS 8.2) on several Windows 10 endpoints with no exploit in the wild. Based on risk-based prioritization, which finding should you remediate first?
Remediate CVE-2023-9999 on the Windows 10 endpoints first.
Remediate CVE-2024-5678 on the public e-commerce web server first.
Remediate CVE-2025-1234 on the internal HR database server first.
Defer all three findings until the next quarterly maintenance window.
When choosing what to patch first, analysts weigh exploitability and exposure as much as raw CVSS. Although CVE-2025-1234 carries a higher base score, the database is shielded inside a segmented network. CVE-2023-9999 has no known exploit activity. CVE-2024-5678, however, is both internet-facing and confirmed to be actively exploited (it appears in the KEV catalog). Because attackers are already scanning for it and the server is publicly reachable, remediating CVE-2024-5678 first most effectively reduces immediate organizational risk.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why are public-facing servers more vulnerable compared to internal servers?
Open an interactive chat with Bash
What steps can be taken to secure public-facing web servers?
Open an interactive chat with Bash
How can vulnerability prioritization frameworks assist in remediation processes?