An exploit is a piece of software, data, or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or to gain unauthorized access to sensitive data.
Once vulnerabilities are identified, they are posted on Common Vulnerabilities and Exposures (CVE).CVE is a free vulnerability dictionary designed to improve global cyber security and resilience by creating a standardized identifier for a given vulnerability or exposure.
How Do Exploits Work?
Exploits take advantage of a security flaw in an operating system, piece of software, computer system, Internet of Things (IoT) device, or other security vulnerability. Once an exploit has been used, it becomes known to the vulnerable system or software developers, is often fixed through a patch and becomes unusable. This is why many cyber criminals and military or government agencies do not publish exploits to CVE but choose to keep them private.
When this happens, the vulnerability is known as a zero-day exploit. One famous example of a government agency (the NSA) choosing to keep a software vulnerability private is EternalBlue. EternalBlue exploited legacy versions of the Microsoft Windows operating system that used an outdated version of the Server Message Block (SMB) protocol.
Cybercriminals developed the WannaCry ransomware worm that exploited EternalBlue. It spread to an estimated 200,000+ computers across 150 countries, with damages ranging from hundreds of millions to billions of dollars before EternalBlue was patched. Despite software developers issuing a patch to fix EternalBlue, this known vulnerability continues to be a considerable cybersecurity risk because of poor user adoption of the patch.
