Vulnerability
A weakness in software, hardware, or a process that can be exploited by a threat actor.
Full Definition
A vulnerability is a weakness or flaw in software, hardware, firmware, or an organizational process that, if exploited, could allow a threat actor to gain unauthorized access, escalate privileges, disrupt services, or exfiltrate data. Vulnerabilities are the raw material that exploits are built upon.\n\nVulnerabilities are formally tracked and catalogued in the Common Vulnerabilities and Exposures (CVE) system, with severity scored using the Common Vulnerability Scoring System (CVSS). Not all vulnerabilities are equal in risk: the most dangerous are those that are remotely exploitable, require no authentication, and have publicly available exploit code.\n\nThe window of opportunity between vulnerability disclosure and organizational patching is a critical risk period. Threat intelligence that monitors active exploitation in the wild — particularly against vulnerabilities relevant to an organization's stack — is essential for prioritizing patching efforts effectively.
Related Terms
Exploit
Code or a technique that takes advantage of a software vulnerability to cause unintended behavior.
VulnerabilitiesZero-Day
A vulnerability that is unknown to the software vendor and has no available patch.
VulnerabilitiesAttack Surface
The total set of points where an attacker can attempt to enter or extract data from an environment.
Security ConceptsThreat Intelligence
Evidence-based knowledge about existing or emerging threats that informs security decisions.
Threat IntelligenceMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.