A zero-day vulnerability is a security flaw in software, hardware, or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw. It is a vulnerability in a computer system that was previously unknown to its developers or anyone capable of mitigating it). An exploit that attacks a zero-day vulnerability is called a zero-day exploit or zero-day attack. The term "zero-day" refers to the fact that the vendor or developer has only just learned of the flaw, which means they have “zero days” to fix it. Zero-day attacks are especially dangerous because the only people who know about them are the attackers themselves. Once they have infiltrated a network, criminals can either attack immediately or sit and wait for the most advantageous time to do so.

Some key points to note about zero-day vulnerabilities are:

• They pose a higher risk to users because they were discovered before security researchers and software developers became aware of them, and before they can issue a patch.
• They can be exploited by threat actors until the vulnerability is mitigated).
• They can be difficult to detect and defend against because they are so new and unknown.
• They can take multiple forms, such as missing data encryption, missing authorizations, broken algorithms, bugs, problems with password security, and so on.

Organizations that are attacked by a zero-day exploit might see unexpected traffic or suspicious scanning activity originating from a client or service. Since, by definition, a zero-day vulnerability cant be known in advance, there is no way to guard against a specific exploit before it happens. However, there are some things that companies can do to reduce their level of risk exposure, such as using antimalware software, intrusion detection systems (IDSes), and intrusion prevention systems (IPSes) .