How Do Exploits Work?

Exploits take advantage of a security flaw in an operating system, piece of software, computer system, Internet of Things (IoT) device or other security vulnerability.

Once an exploit has been used, it often becomes known to the software developers of the vulnerable system or software, and is often fixed through a patch and becomes unusable.

This is why many cybercriminals, as well as military or government agencies do not publish exploits to CVE but choose to keep them private.

When this happens, the vulnerability is known as a zero-day vulnerability or zero-day exploit

One famous example of a government agency (the NSA) choosing to keep a software vulnerability private is EternalBlue.

EternalBlue exploited legacy versions of the Microsoft Windows operating system that used an outdated version of the Server Message Block (SMB) protocol.

Cybercriminals developed the WannaCry ransomware worm that exploited EternalBlue and it spread to an estimated 200,000+ computers across 150 countries with damages ranging from hundreds of millions to billions of dollars before EternalBlue was patched.

Despite software developers issuing a patch to fix EternalBlue, this known vulnerability continues to be a large cybersecurity risk because of poor user adoption of the patch.