Module 1 part-3

Multi-column

Vulnerability Classification

Misconfigurations(1)

Misconfiguration is the most common vulnerability and is mainly caused by human error. It allows attackers to break into a network and gain unauthorized access to systems

Default Installations/Default Configurations (2)

Default installations are usually user-friendly - especially when the device is being used for the first time when the primary concern is the usability of the device rather than the device's security
Failing to change the default settings while deploying the software or hardware allows the attacker to guess the settings to break into the system
When connecting a system or device to a network, it is important to disable unnecessary components and services associated wit h the default configuration

Multi-column

Poor Patch Management(4)

A patch is a small piece of software designed to fix problems, security vulnerabilities, and bugs as well as improve the usability or performance of a computer program or its supporting data
Software vendors provide patches that prevent exploitations and reduce the probability of threats exploiting a specific vulnerability
Unpatched software can make an application, server, or device vulnerable to various attacks

Design Flaws(5)

Design vulnerabilities such as incorrect encryption or the poor validation of data refer to logical flaws in the functionality of the system that attackers exploit to bypass the detection mechanism and acquire access to a secure system

Operating System. Flaws(6)

Due to vulnerabilities in the operating systems, applications such as Trojans, worms, and viruses pose threats
These attacks use malicious code, script, or unwanted software, which results in the loss of sensitive information and control of computer operations

Multi-column

Default Passwords(7)

Manufacturers provide users with default passwords to access the device during its initial set-up, which users must change for future use
When users forget to update the passwords and continue using the default passwords, they make devices and systems vulnerable to various attacks such as brute force and dictionary attacks

Zero-Day Vulnerabilities (8)

known vulnerabilities in software/hardware that are exposed but not yet patched
These vulnerabilities are exploited by the attackers before being acknowledged and patched by the software developers or security analysts

Legacy Platform Vulnerabilities(9)

Legacy platform vulnerabi lities are caused by obsolete or familiar codes
Legacy platforms are usually not supported when patching technical assets such as smartphones, computers, loT devices, OSes, applications, databases, firewalls, IDSes, or other network components
This type of vulnerabilities can cause costly data breaches for organizations

Multi-column

System Sprawl/Undocumented Assets(10)

The system sprawl vulnerability arises within an organizational network because of an increased number of system or server connections without proper documentation or an understanding of their maintenance
These assets are often neglected over t ime, making t hem susceptible to attacks

Improper Certificate and key Management (11)

Improper certificate and key management may lead to many vulnerabilities that allow attackers to perform password cracking and data exfiltration attacks
Storing or retaining legacy or outdated keys also poses major threats to organizations
Private keys used with certificates must be stored in a highly secured environment; otherwise, an unauthorized individual can intercept the keys and gain access to confidential data or critical systems

Third-party Risks (12)

Third-party services or products can have access to privileged systems and applications, through which financial information, customer and employee data, and processes in the enterprise's supply chain can be compromised

Understand Different Types of Vulnerabilities