In the world of cybersecurity, vulnerabilities are unintended flaws found in software programs or operating systems. Vulnerabilities can be the result of improper computer or security configurations and programming errors. If left unaddressed, vulnerabilities create security holes that cybercriminals can exploit.

Not all vulnerabilities are identical. To assess their malignancy, different scales are used. The most common one is the CVSS (Common Vulnerability Scoring System). It ranges from 1 to 10, where 10 is a catastrophe.

There are tens of parameters. Among those who, in a large degree, illustrate the nature of vulnerabilities are

• Vulnerability exploitation context (I need physical access to a device or just network availability)

• The requirement of a user to participate in making an attack successful

• Exploit maturity (an unproven idea or functional prooved code)

• Remediation availability (e.g. update from a software developer).

If someone is frightening you with a vulnerability, check its CVSS. A lower value indicates less criticality. And you can play with the vulnerability magnitude calculator to better understand their nature.