Yes, several famous zero-day exploits have marked the history of cybersecurity. One of the most well-known is Stuxnet, a malware discovered in 2010, designed to sabotage nuclear centrifuges in Iran. It exploited several zero-day vulnerabilities in Windows, revealing the level of sophistication of certain offensive cyber operations.
Another example: WannaCry, a ransomware that struck hundreds of thousands of computers in 2017, exploited a Windows vulnerability revealed by the Shadow Brokers group. Although a patch had been released just before the attack, many systems were not up to date, showing that patch management remains a weak link. These examples are a reminder of the devastating impact that unpatched vulnerabilities can have.
Yes, a penetration test can potentially disrupt production, but this depends heavily on the methodology used, the level of aggressiveness authorized, and the maturity of the infrastructure being tested. For example, exploiting certain vulnerabilities can cause service restarts, access blockages, or performance degradation.
That's why it's essential to define a clear framework before any test, including authorized time slots, systems to exclude (or duplicate in a test environment), and backup measures. Professional pentesters apply non-destructive techniques, but close communication with the IT team remains essential to anticipate and manage potential impacts.
A pentest can sometimes reveal a zero-day vulnerability, but it is not guaranteed. Pentests primarily rely on known vulnerabilities (CVEs, misconfigurations, risky practices), but it is possible that a manual test, a particular attack logic, or intuition may lead to the discovery of a previously unknown vulnerability.
However, the discovery of zero-days during a pentest remains rare and depends on the depth of the analysis, the experience of the testers, and the complexity of the system being tested. For this reason, some very advanced pentests include fuzzing or code audit phases specifically aimed at finding zero-days, particularly in high-stakes contexts (defense sector, finance, critical infrastructures).
Yes, more and more organizations are using EPSS as a primary criterion for deciding which vulnerabilities to patch first, especially when faced with a large volume of vulnerabilities to address. Patching all CVEs with a high CVSS score can be costly and inefficient, especially if some are never exploited. EPSS therefore makes it possible to focus resources on truly dangerous vulnerabilities.
Some security policies now incorporate action thresholds based on EPSS, for example: “patch any vulnerability with an EPSS score > 0.7 within 48 hours”. This pragmatic approach accelerates remediation where it is most useful, while limiting unjustified interruptions.
Yes, our CVE Find service integrates the KEV (Known Exploited Vulnerabilities) status maintained by CISA. If a vulnerability is confirmed to be actively exploited in the wild, it is marked as such on the corresponding CVE record, with a link to the official source.
This allows users to immediately identify urgent threats without having to manually cross-reference data with other databases. The KEV status is updated regularly and can also be used as a filtering criterion in the interface.
No, EPSS does not replace CVSS: the two systems are complementary. CVSS provides a structural measure of severity, useful for understanding the potential impact of a vulnerability. EPSS, on the other hand, provides a behavioral and predictive measure, focused on the probability of actual exploitation.
Together, these two scores allow for a more refined risk assessment, both theoretically and operationally. Many companies adopt a hybrid approach, for example by only addressing vulnerabilities with both a CVSS ≥ 7 and an EPSS ≥ 0.5, or by using risk matrices enriched with these two indicators.
No, the existence of a CVE does not guarantee that a patch is available. A CVE may be published before a vendor has developed a fix, or even in cases where no fix is planned (for example, for obsolete or no longer maintained software). In these situations, users must implement workarounds or disable certain vulnerable features.
It is therefore essential not only to consult the CVE, but also to check the recommendations of the vendors and databases such as the NVD or the KEV database, which can indicate whether a patch exists and within what timeframe it is expected. Good risk management takes into account both the severity of the vulnerability and the availability of solutions.
CWEs are abstract patterns of weaknesses, whereas CVEs are concrete incidents. A CVE represents an identified vulnerability in a specific software or system, while a CWE describes a generic weakness present in the code or architecture, without necessarily being exploited.
For example, a CVE might concern an SQL injection in a web application, while the corresponding CWE would be CWE-89: Improper Neutralization of Special Elements used in an SQL Command. In summary, CWEs are used to categorize and analyze vulnerabilities, while CVEs allow you to track and fix them individually.
Exploiting a zero-day vulnerability relies on developing a specific exploit, meaning code or a method capable of leveraging the flaw before it is patched. The attacker can integrate it into a booby-trapped document, a website, malware, or a phishing email.
Once the exploit is launched, it can allow the attacker to take control of the system, install a Trojan horse, open a backdoor, or extract data. The particularity of a zero-day exploit is that it evades traditional detection mechanisms because it relies on a weakness that is still unknown to everyone.
We identify the stakes and room for maneuver, assess the risks, and prioritize dialogue to achieve the best possible outcome, while limiting costs and legal risks.
We conduct a comprehensive assessment of your situation, identify any discrepancies, and propose a concrete action plan to align your practices with the required standards.
Our CVE Find service allows you to filter and sort vulnerabilities according to several key criteria: CVSS score, EPSS score, membership in the KEV list, severity level, publication date, etc. These combined indicators allow you to quickly identify the most serious and most likely to be exploited vulnerabilities.
Once the filters are applied, the user can subscribe to alerts or export the data for integration into internal tools. This makes it possible to maintain active monitoring, focused on genuinely dangerous vulnerabilities, while avoiding the noise of irrelevant information.
When you are facing a conflict (for example, with a supplier) or ransomware demanding a ransom payment. The negotiation service allows you to explore legal and operational options.
Yes, our CVE Find service is accessible free of charge online. All users can consult CVE records, apply filters, and access enriched information (scores, exploitation status, KEV/EPSS data). The objective of the site is to democratize access to vulnerability information, without financial barriers.
Advanced functionalities (e.g., API integration, automatic export, personalized alerts) are offered as options or premium services, but the basic functionality remains open to all.
Our approach is based on reliability, excellence, and innovation. We strive to maintain a robust cybersecurity posture for our clients, while staying at the forefront of the latest technological developments.