A weakness in a system, application, or process that could be exploited to cause harm.
A vulnerability is a weakness or flaw in a system, application, network, or process that could be exploited by threat actors to cause harm—gaining unauthorised access, stealing data, or disrupting services. Vulnerabilities exist in software (bugs, design flaws), configurations (misconfigurations, default settings), and processes (inadequate controls). Vulnerability management involves identifying, assessing, and remediating vulnerabilities before they can be exploited. Not all vulnerabilities pose equal risk—context determines priority.
Why It Matters
The DSC Perspective:
Unpatched vulnerabilities are how attackers get in. Vulnerability management is fundamental to security. Regular scanning, risk-based prioritisation, and timely remediation significantly reduce attack surface.