Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Atta

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Atta

https://www.infosecurity-magazine.com/news/epss-exposed-to-adversarial-attack/

Publish Date: 2026-01-08 23:30:13

Source Domain: www.infosecurity-magazine.com

Summary:
Morphisec, an endpoint security provider, demonstrated the potential vulnerability of the Exploit Prediction Scoring System (EPSS) to adversarial attacks through a new proof-of-concept conducted by Threat Researcher Ido Ikar. EPSS, developed by FIRST, uses 1,477 features to predict the likelihood of vulnerability exploitation. Ikar illustrated a scenario where subtle modifications to indicators like social media mentions and public code availability could influence EPSS predictions artificially. For instance, generating random tweets discussing a vulnerability and creating a fake GitHub repository elevated the predicted probability of exploitation for an old IBM WebSphere MQ vulnerability from 0.1 to 0.14 and pushed its percentile ranking above the median. Despite being a proof-of-concept indicating the possibility of manipulation, Ikar emphasized the importance of a multi-faceted risk assessment, advising organizations to correlate EPSS outputs with other metrics and conduct deeper investigations into unexpected score changes.

Key Points:

• EPSS Model’s Vulnerability: The EPSS model’s reliance on external signals makes it susceptible to manipulation, potentially causing misguiding prioritization of vulnerabilities by organizations.
• Proof-of-Concept Details: Ikar’s method included artificially increasing social media mentions and creating an exploit repository to increase EPSS scores for a low-risk vulnerability.
• Implications: Highlighted risks suggest that organizations need to complement EPSS use with other assessment methods.
• Call to Action: Organizations should monitor changes in EPSS scores and investigate potential manipulations using varied data sources.
• General Model Vulnerability: The study emphasizes the general vulnerability of AI models to adversarial attacks, necessitating vigilance in their deployment.