Vulnerability


A vulnerability (in computer security) is any weakness in a computer system, network, software, or any device that allows one to circumvent security measures and perform actions not intended by its developers or manufacturers. Vulnerabilities range from minor to major, with the most significant allowing for privilege escalation (unauthorized administrator or root privileges) or code execution (the running of unsigned 3rd party software).

New vulnerabilities can often be discovered by the process of "fuzzing", or purposely trying to break something by attempting to give it unreasonable input values. Once some kind of crash occurs and can be analyzed, one can discover the existence of a vulnerability that may have not been previously documented. Previously unknown vulnerabilities, known as "Zero-Day" vulnerabilities are highly sought after by hackers and developers and manufacturers alike. By using an exploit based on zero-day vulnerability, a hacker can guarantee that his or her attempt to break into a particular computer or device that possesses such vulnerability will succeed. Zero-day exploits are traded on both the black market and through legitimate middlemen between parties for anywhere from $5,000 to $250,000 depending on the effects of the exploit and which system they target. Where a PDF exploit might only fetch a few thousand dollars, a severe exploit targeting the latest version of Apple’s mobile operating system, iOS, might fetch $100,000 or more.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia