Attacking a vulnerability is categorized as exploitation, which is the third phase of the cyberattack
lifecycle. Exploitation is the process of taking advantage of a vulnerability in a system, application, or
network to gain access, escalate privileges, or execute commands. Action on objectives, delivery, and
installation are other phases of the cyberattack lifecycle, but they do not involve attacking a
vulnerability. Action on objectives is the final phase, where the attacker achieves their goal, such as
stealing data, disrupting services, or destroying assets. Delivery is the second phase, where the
attacker delivers the malicious payload, such as malware, phishing email, or malicious link, to the
target. Installation is the fourth phase, where the attacker installs the malicious payload on the
compromised system or network to maintain persistence or spread laterally. Reference: What is a
Cyberattack? | IBM, Recognizing the seven stages of a cyber-attack - DNV
