N-Day

An n-day is a vulnerability that has had a patch available for some time but is still being exploited against unpatched systems.

Definition

"N-day" is the counterpart to zero-day: a vulnerability for which a patch has existed for n days (where n is some positive number — usually weeks to years). N-days are the bread-and-butter of opportunistic attackers; the patch has shipped, but the unpatched install base is enormous and the exploit code is freely available.

Most real-world breaches involve n-day rather than zero-day exploitation. Equifax (2017, Apache Struts CVE-2017-5638) used an exploit that had been patched two months before the breach; the MOVEit Transfer mass-exploitation campaign (2023, CVE-2023-34362) lasted weeks past patch availability.

Mitigation

Class-specific. The mitigation is straightforward — patch — and the chronic problem is operational rather than technical.

See also

References