The potential consequences or damage that could occur due to a threat exploiting a vulnerability. This could involve loss of integrity, availability or confidentiality of data, financial losses, damage to reputation, legal implications, or other negative effects on an organization or individual. The severity of the impact can help to prioritize response strategies and investment in preventative measures.