During a penetration testing engagement, you discover a vulnerability that allows for remote code execution with administrative privileges on a critical server housing sensitive customer data. What is the BEST initial action to take regarding this discovery?
Document the finding in the final report for regular submission timelines without direct communication.
Take steps to remediate the vulnerability before reporting it to maintain the integrity of the test.
Report the finding immediately to the client's primary or emergency contact.
Continue with the penetration test to identify additional vulnerabilities before reporting any findings.