Potentially Exploited Risk Vector Ingrid ⇤ Compromised Systems Risk Category The Potentially Exploited risk vector indicates that a device on a company’s network is running a potentially unwanted program (PUP) or potentially unwanted application (PUA). See data collection methods or the criteria for classifying findings as Potentially Exploited. Risks The presence of these applications suggests users within the corporate network are able to install unvetted applications or programs and can allow more harmful malware to compromise the system. Potentially unwanted applications can create risk for organizations, as they may cause users to visit malicious sites, gather information while a computer is in use (including browsing history, search queries, account credentials, etc.), or allow attackers to take control of the compromised machine. Grading Compromised Systems risk vectors are graded in the same manner. They are weighted evenly across the risk category and have a lifetime of 180 days. Remediation Review Potentially Exploited findings and use forensics to track down infections. Prevent the malware software from gaining access to the target computer. Conduct a thorough security review of the machine (malware & antivirus sweep). Review services used on the machine, harden firewall rules. Improve employee computer safety training (phishing, installing unapproved software). August 16, 2023: New Grading & Finding Behavior sections. May 8, 2020: Updated risk vector description. Related articles How is the Potentially Exploited Risk Vector Observed? How is the Compromised Systems Risk Category Calculated? Potentially Exploited Findings Potentially Exploited Finding Considerations File Sharing Risk Vector Feedback 0 comments Please sign in to leave a comment.