Understanding Vulnerabilities
When we talk about vulnerabilities in cybersecurity, we are basically talking about weak points.
Any weakness in software, hardware, a network, or even in how people behave can become a vulnerability.
If an attacker finds that weak point and knows how to abuse it, the system can be compromised.
What Exactly Is a Vulnerability?
A vulnerability is a flaw or weakness that can be exploited.
Think of it like this:
- A house with a broken lock → vulnerability
- A thief nearby → threat
- The act of breaking in → exploit
If the lock didn’t exist, the thief couldn’t enter. Same logic applies in cybersecurity.
Why Do Vulnerabilities Exist?
Vulnerabilities exist because systems are built by humans, and humans make mistakes.
Common reasons include:
- Bugs in code
- Poor software design
- Wrong configuration settings
- Using old or unpatched software
- Weak passwords
- Rushing products to market
- Lack of security awareness
No system is 100% secure. Security is about reducing weaknesses, not eliminating them completely.
Types of Vulnerabilities (With Real Meaning)
1. Software Vulnerabilities
These come from coding errors.
Examples:
- Buffer overflows
- SQL injection
- Cross-site scripting (XSS)
- Remote code execution
These are usually found in applications, operating systems, or libraries.
2. Network Vulnerabilities
These exist in the way networks are designed or configured.
Examples:
- Open ports that shouldn’t be open
- No firewall or weak firewall rules
- Using insecure protocols like FTP or Telnet
- No encryption on network traffic
3. Configuration Vulnerabilities
These are very common and often overlooked.
Examples:
- Default usernames and passwords
- Cloud storage set to public
- Excessive permissions given to users
- Unnecessary services running
Many real-world breaches happen because of bad configuration, not hacking skills.
4. Authentication Vulnerabilities
These relate to how users prove who they are.
Examples:
- Weak passwords
- Password reuse
- No multi-factor authentication
- Hardcoded credentials
5. Authorization Vulnerabilities
Here, the problem is what users are allowed to do.
Examples:
- Normal users accessing admin pages
- Privilege escalation
- Broken access control
6. Cryptographic Vulnerabilities
These occur when encryption is weak or used incorrectly.
Examples:
- Using broken algorithms like MD5 or SHA-1
- Hardcoded encryption keys
- Poor key management
- Weak SSL/TLS settings
7. Human Vulnerabilities
Humans are often the weakest link.
Examples:
- Phishing emails
- Social engineering
- Clicking malicious links
- Insider threats
Attackers don’t always hack systems — sometimes they just trick people.
8. Physical Vulnerabilities
These relate to physical access.
Examples:
- Unlocked server rooms
- Lost laptops
- USB devices left around intentionally
What Is a Zero-Day Vulnerability?
A zero-day vulnerability is a vulnerability that:
- Is unknown to the software vendor
- Has no patch available
- Is often already being exploited
The name “zero-day” means developers have had zero days to fix it.
These are extremely dangerous because defenders don’t know they exist yet.
A zero-day exploit is when attackers actively use that vulnerability in real attacks.
Other Common Terms You’ll Hear
- N-day vulnerability → Known vulnerability with a patch available
- One-day vulnerability → Exploited shortly after public disclosure
- Chained vulnerabilities → Multiple small issues combined into a serious attack
What Is CVE?
CVE (Common Vulnerabilities and Exposures) is simply a standard naming system for publicly known vulnerabilities.
Instead of everyone using different names, each vulnerability gets one unique ID.
Example:
CVE-2021-44228The CVE program is managed by MITRE.
How a CVE Is Assigned
- Someone (researcher, hacker, or company) finds a vulnerability
- It is reported to the vendor or a trusted authority
- A CVE Numbering Authority (CNA) requests a CVE ID
- A unique CVE ID is assigned
- Details are published publicly
- Patch and mitigation info is added later
Large vendors and organizations act as CNAs themselves.
What Is NVD?
The National Vulnerability Database (NVD) is a public database that:
- Stores CVE details
- Adds severity scores
- Provides technical impact analysis
CVE tells you what the issue is.
NVD tells you how bad it is.
What Is CVSS?
CVSS (Common Vulnerability Scoring System) is a method used to measure how serious a vulnerability is.
It is maintained by FIRST.
The score ranges from 0 to 10.
CVSS Severity Levels
| Score | Meaning |
|---|---|
| 0.0 | None |
| 0.1 – 3.9 | Low |
| 4.0 – 6.9 | Medium |
| 7.0 – 8.9 | High |
| 9.0 – 10.0 | Critical |
How CVSS Score Is Calculated
CVSS is based on three metric groups:
1. Base Metrics
These describe the vulnerability itself:
- How easy it is to exploit
- Whether authentication is needed
- Whether user interaction is required
- What impact it has on:
- Confidentiality
- Integrity
- Availability
2. Temporal Metrics
These change over time:
- Is exploit code available?
- Is a patch released?
- How reliable is the report?
3. Environmental Metrics
These depend on the organization:
- How important the affected system is
- Whether the system is exposed to the internet
Example CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
This means:
- Exploitable over network
- No privileges needed
- High impact
→ Result: Critical severity
Vulnerability vs Threat vs Risk (Very Important)
- Vulnerability → weakness
- Threat → potential attacker
- Exploit → method of attack
- Risk → chance × damage
A vulnerability alone is not risk unless a threat exists.
How Organizations Handle Vulnerabilities
This is called vulnerability management:
- Identify assets
- Scan for vulnerabilities
- Analyze risk
- Prioritize critical issues
- Patch or mitigate
- Verify fixes
- Repeat regularly
Security is a continuous process, not a one-time task.
Final Takeaway
Vulnerabilities are unavoidable, but unmanaged vulnerabilities are dangerous.
Understanding:
- what vulnerabilities are,
- how they are classified,
- how CVEs and CVSS work,
is the foundation of cybersecurity.
