The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Agent.
Sources:
FIPS 200 under THREAT SOURCE
NIST SP 800-128 under threat source from FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Sources:
CNSSI 4009-2015 under threat source from FIPS 200
NIST SP 800-82r3 under threat source from FIPS 200

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Sources:
NIST SP 800-160 Vol. 2 Rev. 1 under threat source from CNSSI 4009-2015

  Either: (i) intent and method targeted at the intentional exploitation of a vulnerability; or (ii) a situation and method that may accidentally trigger a vulnerability.
Sources:
NIST SP 800-18 Rev. 1

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. See threat agent.
Sources:
NIST SP 800-37 Rev. 2 under threat source from FIPS 200
NIST SP 800-53 Rev. 5 under threat source from FIPS 200
NIST SP 800-53A Rev. 5 under threat source from FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Sources:
NIST SP 800-161r1-upd1 [11/1/2024 errata update] under threat source from NIST SP 800-53 Rev. 5