PoC validation¶
Actual exploit testing, attack simulation, and lab experimentation is handled by:
Vendors of the affected devices/software
Reference labs or sector labs (for industrial/critical devices)
National CSIRTs if the CVE affects national infrastructure
What would minimally be needed in a test lab?
Hardware, network setup, emulation tools, and documentation?