Discover the definition of the term Flaw (Computer Vulnerability) presented by Les Assises de la Cybersécurité.


The vulnerability is the flaw exploited by the attacker to achieve his objective. It may be a design flaw (in software that does not sufficiently validate data supplied by users, for example - see Buffer Overflow) or a logic flaw in a process (which would then allow authentication to be bypassed). Once exploited, the flaw enables the attacker to "undermine the normal operation [of a computer system], or the confidentiality or integrity of the data it contains" (ANSSI). It is not uncommon for an attack to have to exploit several vulnerabilities before achieving its objective (see Elevation of privileges). Vulnerabilities can be intentional (known as backdoors) or accidental, resulting from developers' lack of knowledge of good security practices or from the ever-increasing complexity of modern development, which increasingly requires new design and development methods to be adopted in order to limit the risk of adding vulnerabilities.

"There is no flaw that suits me", says the RSSI publivore.

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.