0-day Root Cause Analysis Template
<CVE>: <Description/Title>
Author
The Basics
Disclosure or Patch Date:
Product:
Advisory:
Affected Versions:
First Patched Version:
Issue/Bug Report:
Patch CL:
Bug-Introducing CL:
Reporter(s):
The Code
Proof-of-concept:
Exploit sample:
Did you have access to the exploit sample when doing the analysis?
The Vulnerability
Bug class:
Vulnerability details:
Patch analysis:
Thoughts on how this vuln might have been found (fuzzing, code auditing, variant analysis, etc.):
(Historical/present/future) context of bug:
The Exploit
(The terms exploit primitive, exploit strategy, exploit technique, and exploit flow are defined here.)
Exploit strategy (or strategies):
Exploit flow:
Known cases of the same exploit flow:
Part of an exploit chain?
The Next Steps
Variant analysis
Areas/approach for variant analysis (and why):
Found variants:
Structural improvements
What are structural improvements such as ways to kill the bug class, prevent the introduction of this vulnerability, mitigate the exploit flow, make this type of vulnerability harder to exploit, etc.?
Ideas to kill the bug class:
Ideas to mitigate the exploit flow:
Other potential improvements:
0-day detection methods
What are potential detection methods for similar 0-days? Meaning are there any ideas of how this exploit or similar exploits could be detected as a 0-day?