Compare and contrast remote exploit and a local exploit
Understanding Cisco Cybersecurity Fundamentals (210-250)
As noted in the CVSS metrics, there are two types of exploits, those that can be done remotely and those that require local access to complete.
Remote exploits can be accomplished over the network and do not require physical access. Some may require local network access while others can be done over the Internet.
Local exploits require that the attacker somehow have already gained access to the system either by physical access or through a different exploit. These exploits are often related to privilege escalation.