US Patent 12013948 Processing device and processing method

A processing device that determines a vulnerability of open software in a system, the processing device comprising: a control unit that outputs priority of the vulnerability based on at least one of first information indicating whether the open software is externally accessible, and second information indicating whether an attack code for the vulnerability of the open software is in circulation, wherein the control unit assigns higher priority to the vulnerability of the open software externally accessible compared to the vulnerability of the open software externally inaccessible, or assigns higher priority to the vulnerability where the attack code is in circulation compared to the vulnerability where the attack code is not in circulation.