The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Agent.
Sources:
FIPS 200 under THREAT SOURCE
NIST SP 1800-21B under Threat Sources
NIST SP 800-128 under Threat Source from FIPS 200
NIST SP 800-128 from FIPS 200
NIST SP 800-137 under Threat Source from FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Sources:
CNSSI 4009-2015 from FIPS 200
NIST SP 800-30 Rev. 1 under Threat Source from CNSSI 4009
NIST SP 800-39 under Threat Source from CNSSI 4009
NIST SP 800-82r3 from FIPS 200
NISTIR 7622 under Threat Source from CNSSI 4009

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Sources:
NIST SP 800-160 Vol. 2 Rev. 1 from CNSSI 4009-2015

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. See threat agent.
Sources:
NIST SP 800-37 Rev. 2 from FIPS 200
NIST SP 800-53 Rev. 5 from FIPS 200
NIST SP 800-53A Rev. 5 from FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Sources:
NIST SP 800-161r1 from NIST SP 800-53 Rev. 5

  A malicious person with harmful intent or an unintended or unavoidable situation (such as a natural disaster, technical failure, or human error) that may trigger a vulnerability.
Sources:
NISTIR 8286 under Threat Source