What is the result of exploiting a vulnerability that the vendor does not know about?

Exploiting a vulnerability that the vendor does not know about is specifically termed a zero-day attack. This type of attack gains its name from the fact that the vendor has had "zero days" to address or mitigate the vulnerability since it was discovered and made public. Because the vulnerability is unknown to the vendor, there are typically no patches or defenses available, making it particularly dangerous for systems that are still susceptible to the exploit.

The significance of zero-day attacks lies in their stealth and the potential damage they can inflict. Attackers can leverage these vulnerabilities to execute various malicious activities, such as installing malware, conducting data breaches, or launching Denial of Service attacks. However, the defining characteristic of a zero-day attack is that the vulnerability is unidentified by the vendor, which sets it apart from other types of exploits where awareness and potentially mitigation are in place.