Cybersecurity
Vulnerability
Definition
In computer security, a vulnerability is a weakness which can be exploited by a threat actor, such as an attacker, to perform unauthorized actions within a computer system.
Why It Matters
Vulnerabilities are the "holes" that attackers look for to break into a system. Managing and patching vulnerabilities is a fundamental part of cybersecurity.
Contextual Example
A piece of software might have a "buffer overflow" vulnerability, where providing a very long input can crash the program or even allow an attacker to execute arbitrary code. The vendor would then release a patch to fix this vulnerability.
Common Misunderstandings
- A vulnerability is a weakness. An "exploit" is a piece of code that takes advantage of a vulnerability. A "threat" is the potential for an exploit to occur.
- Vulnerabilities are tracked in public databases using CVE (Common Vulnerabilities and Exposures) identifiers.