Data theft, denial-of-service, ransomware—the world of cyber threats has never been more dangerous, in large part because there’s never been more vulnerabilities.
What Are Vulnerabilities?
Vulnerabilities are weaknesses or gaps in a security program that can be exploited to gain unauthorised access to an asset. These flaws, faults, bugs or other errors in software or hardware implementation, code, design, or architecture amount to failures in an organisation’s protection efforts. They can lead to damaging breaches that can cost your organisation time and money—as well as tarnish your reputation.
While there is a seemingly endless array of vulnerabilities, we’ve identified the 5 most disruptive vulnerability types you need to be aware of.
1. Remote Code Execution
We begin with one of the most dangerous classes of vulnerability—remote code execution, or RCE. Often launched directly from the internet, it gives the attacker the ability to take control over a process or device and run their own code remotely, without needing to be in the same physical space as the system or device. This separates it from an arbitrary code execution (ACE), which is launched from within a system’s local area network (LAN). Through remote code execution, an attacker can run code from outside the system that triggers an internal ACE.
The most recent, most notorious example of remote code execution is the SolarWinds attack, in which foreign intelligence operatives exploited a vulnerability that allowed them to gain access to an estimated 18,000 private and government-affiliated networks.
2. Privilege Escalation
In this type of vulnerability, attackers utilise their access to improve the foothold they’ve already established within a system. They do this by attempting to take over additional accounts, by moving vertically to gain additional permissions for the account they’ve already comprised, or even by working to obtain system level privileges—letting them “level-up,” gaining access to increasingly sensitive data and systems.
This vulnerability is not limited to a single operating system and is often paired with another (like RCE) to create the perfect recipe for attack and escalation.
3. Hardcoded Credentials
This vulnerability stems from poor programming practices. In designing an application, a programmer needs to create a way for it to communicate across the network, which they accomplish by creating credentials or a cryptographic key. The vulnerability arises when, for ease, the coder places the credentials or key directly into the program itself, forgetting that, eventually, that code will be picked apart and examined, and those credentials will be discovered. Attackers then use that discovered information to breach a system.
A recent example of this can be found in TimeCard, software used to record employee hours. Version 6.05.07 of the software included a hardcoded password for the SQL server, which is installed by the application. This could allow a hacker to gain remote access to the SQL server, execute shell commands, and breach a system.
This is where most ethical hackers cut their teeth. While not technically a vulnerability, as it defines a result, denial-of-service (DoS) can stem from multiple kinds of system weaknesses. In essence, a DoS attack overwhelms a system until it either does something it shouldn’t or crashes.
One recent example is CVE-2020-3260, a vulnerability in Cisco Aironet Series Access Points software that, according to the National Vulnerability Database, “could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.” By sending a large number of sustained client packets to the affected AP, an attacker could cause it to crash.
5. Directory Traversal
At a base level, this vulnerability allows an attacker to navigate through a system using the directory path of an exposed file. However, this vulnerability can also allow attackers to not only read a server’s arbitrary files (including application code and data, credentials for back-end systems, and sensitive OS files), but also write code to those files, changing how applications behave or even taking over systems.
These comprise the five most disruptive vulnerability types. But they are hardly the only types. Organisations everywhere struggle with the complexity of identifying, prioritising, and managing security risks within their environment—all while these risks pile up, leaving organisations vulnerable to threats and damaging data breaches. If it sounds like a task too daunting to tackle, it might be time to turn to a security operations solutions provider.
Built on the industry’s only cloud-native platform to deliver security operations as a concierge service, Arctic Wolf® Managed Risk enables you to define and contextualise your attack surface coverage across your networks, endpoints, and cloud environments; provides you with the risk priorities in your environment; and advises you on your remediation actions to ensure that you benchmark against configuration best practices and continually harden your security posture.