A vulnerability can be defined as a flaw or weakness in the system that an attacker can use to attack the system/network. A vulnerability in the system/network can be caused as a result of a malicious attack, or it can be triggered accidentally because of the failure in the policy implementation. Vulnerabilities can also occur due to the installation of a new software update, due to the installation of unlicensed third-party tools, and so on.
There are two different terms to be remembered: bug and vulnerability. Both of these terms are similar, which explains the weakness in the programming. A bug may not be risky for the product, and the attackers may not use this to attack, but a vulnerability can create a way for the attackers to gain access to the system/network. Thus a vulnerability should be addressed and patched as soon as possible.
The following are some of examples of vulnerability exploits:
- An attacker installs malware to export sensitive data using a buffer overflow weakness. Using that malware, the attacker convinces the user and opens an email message.
- An employee of an organization copies an encrypted, hardened program to a USB drive and tries to crack it at his home.
Typically, network vulnerabilities are classified into three primary types:
- Technology weaknesses
- Configuration weaknesses
- Security policy weaknesses