Software / Hardware vulnerability
A vulnerability is a weak point, a design or implementation error in a computer system, network or application, which can compromise security.
In itself, this weakness or error has no impact on the services of the system, but it can represent a risk if a malicious person identifies it in order to exploit it, for example to extract or consult sensitive or confidential information in order to collect and/or distribute it.
Examples of vulnerabilities in software and hardware:
- Hardware (physical equipment such as computers, tablets, etc.): inadequate maintenance or incorrect installation of storage media, components not regularly replaced, sensitivity to humidity, dust or electromagnetic radiation, and vulnerabilities due to voltage or temperature variations. Insecure storage and technical errors can also represent risks.
- Software (programmes and applications): substandard parameterisation, insufficient documentation, lack of audit trail, incorrect allocation of access rights and dependence on licences.
Risks and causes
/
/
What can you do?
Before
As an organisation or company, there are various steps you can take:
- At Safeonweb@work, you'll find tips and tools for improving your organisation's cybersecurity.
- The Centre for Cybersecurity Belgium (CCB) provides a framework for improving your cybersecurity.
- The Centre for Cybersecurity Belgium (CCB) provides all Belgian companies with a library of cybersecurity reference documents.
- Register your organisation with CCB Safeonweb for enhanced security.
- As an SME, you can also consult My e-secure SME from the FPS Economy.
Are you a private Internet user? Visit safeonweb.be for solutions to common cyber incidents
During
- Cybersecurity incidents can be reported to the Centre for Cybersecurity Belgium.
- The website of the CCB also provides information on first aid in the event of a cyber attack.
After
- Are you a victim of cybercriminals? Report it to the police.
Impact and probability
The probability and impact figures describe software and hardware vulnerabilities of large-scale magnitude. The BNRA theoretically describes such a scenario as follows:
- A hardware or software vulnerability of medium severity.
- The impact of this vulnerability is limited and only affects certain versions of certain software. It does not spread widely to primary systems. The risk is therefore fairly limited. Targeted patches or updates are required for these specific software versions.
How should you interpret these results?
Within the BNRA, experts assessed three scenarios for each risk: considerable, major or extreme. On each page, you will find the results of the scenario with the highest score based on the combination of likelihood and impact. This does not mean that this scenario will occur or is the most likely. Read more here about how to correctly interpret the results.
Probability
Strong
Human impact
Very weak
Societal impact
Weak
Environmental impact
No impact
Financial impact
Weak
What do the authorities do?
The Center for Cybersecurity Belgium (CCB) supervises, coordinates and monitors the implementation of the Belgian cybersecurity strategy, and is responsible for detecting, observing and analysing online security problems.
The EU Cyber Resilience Act (CRA) has been in force since 20 November 2024. It imposes minimum cybersecurity requirements for all connected products (smartphones, laptops, smartwatches, mobile applications, etc.) on the EU market. The aim is to enhance the security of the Internet of Things (IoT).