BlackByte Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en121

Country

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1HPE Onboard Administrator Reflected cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2020-7132
2Eclipse Jetty Content-Length Header data processing8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2017-7658
3HP Network Switch access control5.35.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2015-6859
4Dolibarr CRM control flow4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-0174
5Philips Collaboration Platform cross-site request forgery5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-14506
6SAP 3D Visual Enterprise Viewer TGA File input validation4.34.3$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2020-6345
7Cisco Unified Contact Center Express Java Remote Management Interface input validation8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-3280
8VMware Cloud Director injection7.57.0$5k-$25k$0-$5kFunctionalOfficial Fix0.04CVE-2020-3956
9Google Chrome Blink use after free7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2020-6474
10nginx DNS CNAME Record use after free7.36.4$0-$5k$0-$5kUnprovenOfficial Fix0.03CVE-2016-0746
11Nutfind.com SSL Certificate Validator certificate validation4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2019-16252
12Google Android eas_mdls.c Parse_lart resource consumption5.45.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-0171
13Apache Unomi OGNL Scripting input validation8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.06CVE-2020-11975
14WinGate Installation default permission6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-13866
15Foxit PhantomPDF Signature Validation signature verification7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-20834
16Perl Regular Expression regcomp.c S_study_chunk buffer overflow7.46.5$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-12723
17Athom Homey/Homey Pro Network Configuration cleartext storage3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2020-9462
18Perl Regular Expression integer overflow8.57.5$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-10878
19Castel NextGen DVR privileges management7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-11679
20Google Chrome User Interface Domain default permission6.46.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2020-6498

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
145.9.148.114BlackByteverifiedHigh

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
3TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxx Xx XxxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
6TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (40)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/goform/SetNetControlListpredictiveHigh
2Fileadmin/categories_industry.phppredictiveHigh
3Fileadmin/content/postcategorypredictiveHigh
4FileAdminstrator/Users/Edit/predictiveHigh
5Fileagent.cfgpredictiveMedium
6Filexxx_xx_xxx_xxx.xxxpredictiveHigh
7Filexxx.xpredictiveLow
8FilexxxpredictiveLow
9Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
10Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
11Filexxx_xxxx.xpredictiveMedium
12Filexxx/xxxxx.xxxxxpredictiveHigh
13Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
14Filexx_xxxxx.xpredictiveMedium
15Filexxxxx_xxxxx.xpredictiveHigh
16Filexxxx.xxxpredictiveMedium
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
19Filexxxxx/xxxxx.xxxxxpredictiveHigh
20Filexxxxxxx.xpredictiveMedium
21Filexxx.xpredictiveLow
22FilexxxxxxxxxxxxxxxxpredictiveHigh
23Filexxx-xxxxxxx-xxx.xxpredictiveHigh
24Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
25Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
26Libraryxxxxxxx.xxxpredictiveMedium
27Libraryxxxxx.xxxpredictiveMedium
28Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
29ArgumentxxxpredictiveLow
30ArgumentxxxxxxpredictiveLow
31Argumentx:\xxxxxxx\xpredictiveMedium
32ArgumentxxxxpredictiveLow
33ArgumentxxpredictiveLow
34ArgumentxxxxpredictiveLow
35ArgumentxxxxpredictiveLow
36Argumentx_xxxxpredictiveLow
37ArgumentxxxxxpredictiveLow
38ArgumentxxpredictiveLow
39ArgumentxxxxxxpredictiveLow
40Input Value//xxx//xxxxxxx.xxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!