Jericho Security | Glossary

Jericho's Cybersecurity Glossary | Zero-Day Vulnerability

Written by Jericho Security Team | September 28, 2024

Definition:

A zero-day vulnerability refers to a software or hardware flaw that is unknown to the vendor and has no available patch. Attackers exploit these vulnerabilities before the vendor is aware of the issue, giving them a critical window of opportunity.

Use Cases:

  • Used by attackers to exploit unknown weaknesses in software, often causing severe damage or data breaches.
  • Employed in targeted attacks, particularly against critical infrastructure or high-value targets, where vulnerabilities have not yet been discovered.

Related Terms:

Questions and Answers:

  • What makes a zero-day vulnerability dangerous?
    Zero-day vulnerabilities are dangerous because there is no existing fix, and attackers can exploit the flaw before the vendor has time to develop a patch.

  • How are zero-day vulnerabilities discovered?
    They can be discovered by researchers, ethical hackers, or cybercriminals. In some cases, they are used by nation-state actors or advanced threat groups before the vulnerability becomes widely known.

  • How can organizations defend against zero-day attacks?
    Organizations can use threat intelligence, behavior-based detection systems, and endpoint protection solutions to detect unusual activity that might indicate a zero-day exploit.