Private zero-day vulnerabilities are only known to their discoverer and whoever it’s been shared with. They tend to be owned by elite cyber-espionage groups, usually state-sponsored.
What is a Zero-Day Vulnerability?
A zero-day vulnerability is a software flaw that can be potentially abused in different ways, and is unknown to the targeted software vendor. The term ‘Zero-day Attack’ refers to a vulnerability that is both exploited in the wild and unknown to the target software vendor, and therefore the targeted vendor has “zero days” to fix it.