Find the definition of the most commonly used cyber security terms in our glossary below.

What is Zero-Day in cyber security?

A zero-day or 0-day vulnerability refers to a software security flaw unknown to those who are interested in resolving the issue, such as software vendors and developers. The term zero-day signifies that the developers have had zero days to address and rectify the issue. This creates an opportune window for cyber attackers who, upon discovering such vulnerabilities, can devise and launch an attack. They exploit these vulnerabilities—which could exist in operating systems, software applications, or even hardware—to command unauthorized actions, ranging from data tampering and unauthorized data access to escalating user privileges or executing malicious code. Once used in an attack, the flaw is no longer a zero-day vulnerability, as it becomes known to the vendor and, hopefully, to the public. But therein lies the challenge — often, detecting a zero-day flaw or attack comes too late, making it one of the most menacing threats in cybersecurity.