To me there's a difference between RCE and Zero click.
RCE occurs on a system with a listening daemon/service (e.g. web, SQL, DNS SSH).
Zero-click describes an issue on a client system where usually a user would have to click something to trigger it, but doesn't as parsing/processing happens before the user actually sees anything (e.g. via an SMS on a phone).
There is no meaningful distinction between the two.
> Zero-click describes an issue on a client system where usually a user would have to click something to trigger it, but doesn't as parsing/processing happens before the user actually sees anything (e.g. via an SMS on a phone).
Historically these have been referred to as RCE.
FWIW You are essentially describing a service listening on the network. It’s silly to try to make an artificial distinction based on some irrelevant L4 differences.
That's a view of the world for sure :) Personally I don't think it's irrelevant. From a threat modelling perspective, exposed services are expected to be attacked.
Client services with zero interaction, have traditionally been regarded as safer, usually for client side attacks we'd expect a trigger from user action (e.g. a link being clicked, a PDF file being opened).
Just because you don't find something to be useful as a distinction in your line of work doesn't necessarily mean that it's not useful to anyone ...
This is really flyfucking of the worst kind: the kind that doesn't serve any useful purpose.
From any useful perspective, RCE and zero-click exploits are the same thing. The latter is just a fancy name for the moron journalists like the one who wrote this article to bandy about to lure in some readers.
RCE occurs on a system with a listening daemon/service (e.g. web, SQL, DNS SSH).
Zero-click describes an issue on a client system where usually a user would have to click something to trigger it, but doesn't as parsing/processing happens before the user actually sees anything (e.g. via an SMS on a phone).