Argus2026.01
Technical Findings Report
Every weakness,
one verdict.
Operator-ready detail for the most recent scan — ranked by Argus Feasibility Score, enriched with NVD / KEV / EPSS, with a recommended action for each.
Overview
Finding distribution
Immediate
6
Accelerated
19
KEV matches
14
Coverage gaps
23
Prioritized
Top findings by AFS
| Host | CVE | CVSS | EPSS | KEV | AFS | State | Verdict | Recommended action |
|---|---|---|---|---|---|---|---|---|
| 203.0.113.40 | CVE-2024-3400 | 10.0 | 0.944 | KEV | 96.2 | Under Recon | Emergency | Patch PAN-OS; rotate creds |
| 10.20.4.7 | CVE-2023-46604 | 9.8 | 0.871 | KEV | 91.5 | Chainable | Contain Now | Isolate; upgrade ActiveMQ |
| 10.10.2.15 | CVE-2024-21887 | 9.1 | 0.612 | KEV | 84.0 | Exposed | Remediate (Urgent) | Apply Ivanti fix |
| 10.30.9.2 | CVE-2024-1709 | 10.0 | 0.503 | 79.3 | Chainable | Remediate | Upgrade ScreenConnect | |
| 10.10.2.40 | CVE-2023-34362 | 9.8 | 0.221 | 66.1 | Exposed | Remediate | Patch MOVEit | |
| 10.20.1.3 | CVE-2021-44228 | 10.0 | 0.975 | KEV | 74.0 | Chainable | Remediate (Urgent) | Patch Log4j |
AFS = Argus Feasibility Score (0–100): a deterministic composite of exploit feasibility, chainability, and live telemetry — not a CVSS sort.
Blind spots
Coverage gaps
| Host | Hostname | Coverage | Gap reasons | AFS |
|---|---|---|---|---|
| 10.30.9.2 | db-finance-01 | None | No EDR, no log forwarding — crown-jewel asset | 79.3 |
| 10.20.4.7 | stg-app-07 | None | No endpoint telemetry detected | 84.0 |
| 10.10.2.40 | file-srv-09 | Low | Syslog only; no EDR coverage | 41.0 |