A basic corporate network typically consists of endpoints such as desktops/laptops, servers, security devices such as Firewall, proxy, intrusion detection and prevention systems, and network devices such as hubs, switches, and routers. Most of the time, these are acquired from various vendors, thus they are susceptible to different attacks, and expose the network to a larger attack surface. These components can be attacked by a hacker using publicly available exploits or a zero-day vulnerability to gain access to the device/machine with a possibility of gaining access to a different device/machine in the network or whole network itself. Note the following diagram to illustrate this:
