US Patent 10979446 Automated vulnerability chaining

Disclosed are various embodiments for automated vulnerability chaining. A vulnerability chaining engine receives data indicating that a plurality of vulnerabilities are present in at least one host. The vulnerabilities are individually assigned a respective default risk score. The vulnerability chaining engine determines that an exploitation of a combination of the vulnerabilities would result in a greater risk score for the host(s) than indicated by the respective default risk scores based at least in part on respective vulnerability types associated with the individual vulnerabilities. A chained risk score that is higher than the respective default risk scores is assigned to the individual vulnerabilities.