A zero-day vulnerability is a software flaw unknown to the vendor with no patch available. Attackers who discover zero-days can exploit them freely until the vendor learns of the issue and releases a fix.
Zero-days are among the most dangerous threats organizations face because traditional patch management cannot address them. Detection depends on behavioral monitoring and threat intelligence that flags unusual activity patterns rather than known signatures.
CISSP Relevance
Zero-day vulnerabilities appear in Domain 6 (Security Assessment and Testing) and Domain 7 (Security Operations). CISSP candidates must understand how organizations manage risk from unknown vulnerabilities through compensating controls and defense-in-depth strategies.
External reference: NIST National Vulnerability Database
Related terms: Vulnerability, Patch Management