Discover the definition of the term Flaw (Computer Vulnerability) presented by Les Assises de la Cybersécurité.

FLAW (COMPUTER VULNERABILITY)

The vulnerability is the flaw exploited by the attacker to achieve his objective. It may be a design flaw (in software that does not sufficiently validate data supplied by users, for example - see Buffer Overflow) or a logic flaw in a process (which would then allow authentication to be bypassed). Once exploited, the flaw enables the attacker to "undermine the normal operation [of a computer system], or the confidentiality or integrity of the data it contains" (ANSSI). It is not uncommon for an attack to have to exploit several vulnerabilities before achieving its objective (see Elevation of privileges). Vulnerabilities can be intentional (known as backdoors) or accidental, resulting from developers' lack of knowledge of good security practices or from the ever-increasing complexity of modern development, which increasingly requires new design and development methods to be adopted in order to limit the risk of adding vulnerabilities.

"There is no flaw that suits me", says the RSSI publivore.

Assises page pushes

About Les Assises

Les Assises de la cybersécurité are a unique opportunity to discuss current and future cyber issues.
Go to the Assises one-to-one concept page

Excellence & Networking by DG Consultants

One to One events by DG Consultants : essential meeting places that combine business meetings, operational & strategic excellence, and networking opportunities in exceptional venues
Access Les Assises of cybersecurity glossary

Cyber Glossary | Les Assises

Les Assises de la Cybersécurité, France's must-attend cybersecurity event, provides definitions of the technical terms you need to know.
Evil Maid Attack | Cyber Glossary
False Negative / Positive | Cyber Glossary