A mid-sized financial company just learned about a new vulnerability affecting several of their network devices, which has not been patched by the vendor yet. The IT security team is assessing the risk. What type of vulnerability are they dealing with?
A vendor-acknowledged fault awaiting a scheduled patch
Zero-day vulnerability
A routinely patched vulnerability
Common vulnerabilities and exposures (CVE) listing