N-Day Vulnerability
What is N-Day Vulnerability?
N-Day VulnerabilityA publicly disclosed vulnerability for which a patch already exists, but which remains exploitable on systems that have not yet been updated.
N-day refers to the number of days that have passed since public disclosure or patch availability. Although a fix is available, the world is full of unpatched assets — slow change windows, end-of-life software, embedded devices, shadow IT — leaving long tails of exposure. Attackers reverse engineer the patch ("diff" the fix) to build working exploits within hours or days; mass-exploitation campaigns then sweep the internet. N-days dominate real-world breach statistics far more than zero-days. Defenders mitigate them through fast patch management, virtual patching, asset inventories, KEV-driven prioritization, and EPSS-informed risk scoring.
● Examples
- 01
CVE-2017-0144 (EternalBlue/WannaCry) — exploited at scale months after Microsoft's patch.
- 02
CVE-2019-19781 (Citrix ADC) — mass-exploited despite vendor mitigations.
● Frequently asked questions
What is N-Day Vulnerability?
A publicly disclosed vulnerability for which a patch already exists, but which remains exploitable on systems that have not yet been updated. It belongs to the Vulnerabilities category of cybersecurity.
What does N-Day Vulnerability mean?
A publicly disclosed vulnerability for which a patch already exists, but which remains exploitable on systems that have not yet been updated.
How do you defend against N-Day Vulnerability?
Defences for N-Day Vulnerability typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for N-Day Vulnerability?
Common alternative names include: Known vulnerability.