CVE-2021-20016
published 2021-02-04CVE-2021-20016: A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password…
PriorityP194critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWRansomware
CISA Known Exploited Vulnerabilitydue 2021-11-17
Exploited in the wild
EPSS
40.04%
98.4th percentile
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sma | — | — |
| sonicwall | sma_100_firmware | >= 10.0.0.0 < 10.2.0.5-d-29sv | 10.2.0.5-d-29sv |
| sonicwall | sonicwall_sma100 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2021-20016 is a critical SQL injection vulnerability in SonicWall SMA 100 series (SSLVPN) that allows unauthenticated remote attackers to access usernames, passwords, and session information via SQL query — target SMA100 build version 10.x ↗
- →CVE-2021-20016 exploitation grants attackers access to login credentials and session information on SonicWall SMA 100 devices — monitor for anomalous authentication activity or unexpected session tokens on SMA 100 appliances ↗
- ·Vulnerability only affects SonicWall SMA 100 series devices running firmware version 10.x; older SRA VPN devices in production environments were not confirmed affected ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
SonicWall SSLVPN SMA100 SQL Injection Vulnerability
cisa·2021-11-03·CVSS 9.8
CVE-2021-20016 [CRITICAL] CWE-89 SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Vulnerability: SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Affected: SonicWall SSLVPN SMA100
SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-20016
Remediation Due Date: 2021-11-17
SonicWall
CVE-2021-20016: A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username
vendor_sonicwall·2021-02-04·CVSS 9.8
CVE-2021-20016 [CRITICAL] CWE-89 CVE-2021-20016: A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username
CVE-2021-20016: A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.
GHSA
GHSA-c283-6775-92m9: A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username
ghsa_unreviewed·2022-05-24
CVE-2021-20016 [CRITICAL] CWE-89 GHSA-c283-6775-92m9: A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.
VulnCheck
SonicWall SSLVPN SMA100 SQL Injection Vulnerability
vulncheck·2021·CVSS 9.8
CVE-2021-20016 [CRITICAL] CWE-89 SonicWall SSLVPN SMA100 SQL Injection Vulnerability
SonicWall SSLVPN SMA100 SQL Injection Vulnerability
SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.
Affected: SonicWall SSLVPN SMA100
Required Action: Apply updates per vendor instructions.
Known Ransomware Campaign Use: Known
Exploitation References: https://www.mandiant.com/resources/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat; https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html; https://www.mandiant.com/resources/blog/shining-a-light-on-darkside-ransomware-operations; https://www.crowdstrike.com/blog/how-ecrime-groups-leverage-sonicwall-vulnerability-cve-2019-7481/; https://cybersecurityworks.com/blo
Suricata
ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (sslvpnclient) (CVE-2021-20016)
suricata·2021-07-16·CVSS 9.8
CVE-2021-20016 [CRITICAL] ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (sslvpnclient) (CVE-2021-20016)
ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (sslvpnclient) (CVE-2021-20016)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (sslvpnclient) (CVE-2021-20016)"; flow:established,to_server; http.uri; content:"/cgi-bin/sslvpnclient"; http.referer; content:!"/__api__/v1/logon"; content:!"/cgi-bin/userLogin"; tag:session,5,packets; reference:cve,2021-20016; reference:url,www.jpcert.or.jp/english/at/2021/at210006.html; classtype:web-application-attack; sid:2033346; rev:2; metadata:created_at 2021_07_16, cve CVE_2021_20016, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag CISA_KEV, tag Description_G
Suricata
ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA Authentication Bypass (management) (CVE-2021-20016)
suricata·2021-07-16·CVSS 9.8
CVE-2021-20016 [CRITICAL] ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA Authentication Bypass (management) (CVE-2021-20016)
ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA Authentication Bypass (management) (CVE-2021-20016)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA Authentication Bypass (management) (CVE-2021-20016)"; flow:established,to_server; http.uri; content:"/cgi-bin/management"; http.referer; content:!"/__api__/v1/logon"; tag:session,5,packets; reference:cve,2021-20016; reference:url,www.jpcert.or.jp/english/at/2021/at210006.html; classtype:web-application-attack; sid:2033345; rev:2; metadata:created_at 2021_07_16, cve CVE_2021_20016, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_07_16, mitre_
Suricata
ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (portal) (CVE-2021-20016)
suricata·2021-07-16·CVSS 9.8
CVE-2021-20016 [CRITICAL] ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (portal) (CVE-2021-20016)
ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (portal) (CVE-2021-20016)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT [ConnectWise CRU] Potential Sonicwall SMA User-Level Authentication Bypass (portal) (CVE-2021-20016)"; flow:established,to_server; http.uri; content:"/cgi-bin/portal"; http.referer; content:!"/__api__/v1/logon"; content:!"/cgi-bin/userLogin"; tag:session,5,packets; reference:cve,2021-20016; reference:url,www.jpcert.or.jp/english/at/2021/at210006.html; classtype:web-application-attack; sid:2033347; rev:2; metadata:created_at 2021_07_16, cve CVE_2021_20016, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofp
No public exploits indexed.
Tenable
Exploitation of CVE-2025-40602 chained with CVE-2025-23006
blogs_tenable·2025-12-17·CVSS 9.8
[CRITICAL] Exploitation of CVE-2025-40602 chained with CVE-2025-23006
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited
blogs_tenable·2025-01-23·CVSS 9.8
[CRITICAL] CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
AA23-215A: 2022's Top Routinely Exploited Vulnerabilities
blogs_tenable·2023-08-03
AA23-215A: 2022's Top Routinely Exploited Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Cybersecurity Snapshot: 6 Things That Matter Right Now
blogs_tenable·2022-07-15
Cybersecurity Snapshot: 6 Things That Matter Right Now
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Securing Critical Infrastructure: What We've Learned from Recent Incidents
blogs_tenable·2022-07-14
Securing Critical Infrastructure: What We've Learned from Recent Incidents
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Unit42
Understanding REvil: REvil Threat Actors May Have Returned (Updated)
blogs_unit42·2022-06-03
Understanding REvil: REvil Threat Actors May Have Returned (Updated)
## Executive Summary
REvil has emerged as one of the world’s most notorious ransomware operators. In summer 2021, it extracted an $11 million payment from the U.S. subsidiary of the world’s largest meatpacking company based in Brazil, demanded $5 million from a Brazilian medical diagnostics company and launched a large-scale attack on dozens, perhaps hundreds, of companies that use IT management software from Kaseya VSA.
While REvil (which is also known as Sodinokibi) may seem like a new player in the world of cybercrime, Unit 42 has been monitoring the threat actors tied to this group for three years. We first encountered them in 2018 when they were working with a group known as GandCrab. At the time, they were mostly focused on distributing ransomware through malvertising and exploit k
Unit42
Understanding REvil: REvil Threat Actors May Have Returned (Updated)
blogs_unit42·2022-06-03
Understanding REvil: REvil Threat Actors May Have Returned (Updated)
Threat Research Center
Trend Reports
Ransomware
## Understanding REvil: REvil Threat Actors May Have Returned (Updated)
Doel Santos
John Martineau
Published: June 3, 2022
Ransomware
Trend Reports
Bumbling Scorpius
GandCrab
Kaseya
Ransomware threat report
REvil
Sodinokibi
## Executive Summary
REvil has emerged as one of the world’s most notorious ransomware operators. In summer 2021, it extracted an $11 million payment from the U.S. subsidiary of the world’s largest meatpacking company based in Brazil, demanded $5 million from a Brazilian medical diagnostics company and launched a large-scale attack on dozens, perhaps hundreds, of companies that use IT management software from Kaseya VSA.
While REvil (which is also known as Sodinokibi) may seem like a new player in the
Tenable
Behind the Scenes: How We Picked 2021’s Top Vulnerabilities – and What We Left Out
blogs_tenable·2022-03-11
Behind the Scenes: How We Picked 2021’s Top Vulnerabilities – and What We Left Out
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038)
blogs_tenable·2021-12-08·CVSS 9.8
[CRITICAL] SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01
blogs_qualys·2021-11-09
Qualys Response to CISA Alert: Binding Operational Directive 22-01
## Table of Contents
Overview
Directive Scope
CISA Catalog of Known Exploited Vulnerabilities
Detect CISAs Vulnerabilities Using Qualys VMDR
Remediation
Federal Enterprises and Agencies Can Act Now
Summary
Getting Started
Start your VMDR 30-day, no-cost trial today
## Overview
On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01 , “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to remediate
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys
blogs_qualys·2021-11-09
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys
#### Table of Contents
- Overview
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISAs Vulnerabilities Using Qualys VMDR
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
Start your VMDR 30-day, no-cost trial today
## Overview
On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01, “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to
Tenable
CVE-2021-20019: SonicWall Fixes Incomplete Patch for CVE-2020-5135
blogs_tenable·2021-06-23·CVSS 9.8
[CRITICAL] CVE-2021-20019: SonicWall Fixes Incomplete Patch for CVE-2020-5135
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Checkpoint
3rd May – Threat Intelligence Report
blogs_checkpoint·2021-05-03
CVE-2021-20016 3rd May – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 3rd May – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 3rd May, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Elekta, a Swedish provider of oncology and radiology systems, has suffered a ransomware attack that led to the takedown of its cloud storage systems. The attack caused disruptions and delays in the cancer treatments given at Yale New Haven Health, an Elekta client, among other US customers.
Attacks targeting Israeli companies leve
Checkpoint
8th February – Threat Intelligence Report
blogs_checkpoint·2021-02-08
CVE-2021-20016 8th February – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 8th February – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 8th February, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Check Point Research have collaborated in a research investigating the renewed activity and toolset of ‘Infy’, an Iranian APT active since 2007. Infy’s targets are found mostly in Sweden, the Netherlands and Turkey, and the group has recently integrated a new second-stage payload called ‘Tonnerre’.
Check Point Anti-Virus
Tenable
CVE-2021-20016: Zero-Day Vulnerability in SonicWall Secure Mobile Access (SMA) Exploited in the Wild
blogs_tenable·2021-02-04·CVSS 9.8
[CRITICAL] CVE-2021-20016: Zero-Day Vulnerability in SonicWall Secure Mobile Access (SMA) Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Crowdstrike
What is a Zero-Day Exploit?
blogs_crowdstrike·CVSS 9.8
[CRITICAL] What is a Zero-Day Exploit?
Upcoming events
Conference
CrowdTour
Find a city near you
Your Cart
Added to Cart
There's nothing in your cart
per endpoint / per year
per endpoint / per month
Login
Login
Experienced a breach?
Contact us
## "Zero-Day" Definition
The term "Zero-Day" is used when security teams are unaware of their software vulnerability, and they’ve had “0” days to work on a security patch or an update to fix the issue. “Zero-Day” is commonly associated with the terms Vulnerability , Exploit , and Threat . It is important to understand the difference:
A Zero-Day Vulnerability is an unknown security vulnerability or software flaw that a threat actor can target with malicious code.
A Zero-Day Exploit is the technique or tactic a malicious actor uses to leverage the vulnerability to attack a
Crowdstrike
What is a Zero-Day Exploit?
blogs_crowdstrike
What is a Zero-Day Exploit?
Upcoming events
Conference
CrowdTour
Find a city near you
Summit
Day Zero 2026
Las Vegas, NV
Login
Your Cart
Added to Cart
There's nothing in your cart
per endpoint / per year
per endpoint / per month
Login
Experienced a breach?
Blog
Contact us
Careers
Latest Innovations
## "Zero-Day" Definition
The term "Zero-Day" is used when security teams are unaware of their software vulnerability, and they’ve had “0” days to work on a security patch or an update to fix the issue. “Zero-Day” is commonly associated with the terms Vulnerability , Exploit , and Threat . It is important to understand the difference:
A Zero-Day Vulnerability is an unknown security vulnerability or software flaw that a threat actor can target with malicious code.
A Zero-Day Exploit is the technique o
Crowdstrike
What is a Zero-Day Exploit?
blogs_crowdstrike·CVSS 9.8
[CRITICAL] What is a Zero-Day Exploit?
Upcoming events
Conference
CrowdTour
Find a city near you
Login
Your Cart
Added to Cart
There's nothing in your cart
per endpoint / per year
per endpoint / per month
Login
Experienced a breach?
Contact us
## "Zero-Day" Definition
The term "Zero-Day" is used when security teams are unaware of their software vulnerability, and they’ve had “0” days to work on a security patch or an update to fix the issue. “Zero-Day” is commonly associated with the terms Vulnerability , Exploit , and Threat . It is important to understand the difference:
A Zero-Day Vulnerability is an unknown security vulnerability or software flaw that a threat actor can target with malicious code.
A Zero-Day Exploit is the technique or tactic a malicious actor uses to leverage the vulnerability to attack a
arXiv
Toward a Mathematical Vulnerability Propagation and Defense Model in Smart Grid Networks
arxiv_fulltext·2022-08-29
Toward a Mathematical Vulnerability Propagation and Defense Model in Smart Grid Networks
Toward a Mathematical Vulnerability Propagation and Defense Model in Smart Grid Networks
Abhijeet Sahu, Student Member, IEEE, Bin Mai,
Katherine Davis, Senior Member, IEEE, Ana Goulart
## Abstract
For reducing threat propagation within an interconnected network, it is essential to distribute the defense investment optimally. Most
electric power utilities are resource constrained, yet how to account for costs while designing threat reduction techniques is not well understood.
Hence, in this work, a vulnerability propagation and a defense model is proposed based on an epidemic model.
The new defense mechanism is then validated through sensitivity of the propagation parameters on the optimal investment with two-node and N-node cases. Further, the model efficacy is evaluated with impleme
2021-02-04
Published
2021-11-03
Added to CISA KEV
Exploited in the wild