A mid-sized financial company just learned about a new vulnerability affecting several of their network devices, which has not been patched by the vendor yet. The IT security team is assessing the risk. What type of vulnerability are they dealing with?
A routinely patched vulnerability
Common vulnerabilities and exposures (CVE) listing
A vendor-acknowledged fault awaiting a scheduled patch