Arbitrary code execution

In computer security, arbitrary code execution (ACE) is an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process.[1] An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution (RCE or RCX).

Arbitrary code execution signifies that if someone sends a specially designed set of data to a computer, they can make it do whatever they want. Even though this particular weakness may not cause actual problems in the real world, researchers have discussed whether it suggests a natural tendency for computers to have vulnerabilities that allow unauthorized code execution.[2]

  1. ^ Team, KernelCare (25 January 2021). "Remote code execution attack: what it is, how to protect your systems". blog.kernelcare.com. Retrieved 2021-09-22.
  2. ^ Johnson, Pontus (2021). "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine". arXiv:2105.02124. {{cite journal}}: Cite journal requires |journal= (help)