Zero-Day Exploit
What is Zero-Day Exploit?
Zero-Day ExploitWorking exploit code for a vulnerability that the vendor does not yet know about, or for which no patch is available — extremely valuable to attackers.
A zero-day exploit weaponizes a zero-day vulnerability before defenders have any official mitigation. Because there is no patch, no signature, and often no public detail, even well-instrumented organisations may be blind to it. Zero-day exploits are heavily traded — by state-sponsored actors, by brokers (Zerodium, Crowdfense), and increasingly via mercenary spyware vendors — and command prices into the millions for full chains against modern smartphones or browsers. Detection relies on behavioural analytics (EDR/XDR), exploit-mitigations (CET, ARM PAC, sandboxing), application allow-listing, and aggressive least-privilege so a successful exploit yields limited capability.
● Examples
- 01
Pegasus spyware deploying iOS zero-click zero-day exploits.
- 02
Operation Aurora (2009) — Internet Explorer zero-day chain against Google and others.
● Frequently asked questions
What is Zero-Day Exploit?
Working exploit code for a vulnerability that the vendor does not yet know about, or for which no patch is available — extremely valuable to attackers. It belongs to the Vulnerabilities category of cybersecurity.
What does Zero-Day Exploit mean?
Working exploit code for a vulnerability that the vendor does not yet know about, or for which no patch is available — extremely valuable to attackers.
How do you defend against Zero-Day Exploit?
Defences for Zero-Day Exploit typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Zero-Day Exploit?
Common alternative names include: 0-day exploit.