Backdoor.Win32.Serman.a Service Port 21422 backdoor

A vulnerability was found in Backdoor.Win32.Serman.a. It has been classified as critical. This affects an unknown part of the component Service Port 21422. The manipulation leads to backdoor. The CWE definition for the vulnerability is CWE-912. The weakness was presented 11/24/2022 as MVID-2022-0659. It is possible to read the advisory at malvuln.com. It is possible to initiate the attack remotely. There are no technical details available. Furthermore, there is an exploit available. The exploit has been disclosed to the public and may be used. The pricing for an exploit might be around USD $0-$5k at the moment. The attack technique deployed by this issue is T1588.001 according to MITRE ATT&CK. It is declared as proof-of-concept. The exploit is shared for download at malvuln.com. We expect the 0-day to have been worth approximately $0-$5k. It is recommended to applying a restrictive firewalling. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

123

Field

exploit_price_0day1
vulnerability_cvss3_meta_tempscore1
vulnerability_cvss3_meta_basescore1
vulnerability_cvss3_vuldb_tempscore1
vulnerability_cvss3_vuldb_basescore1

Commit Conf

90%32
50%9

Approve Conf

90%32
80%9
IDCommitedUserFieldChangeRemarksAcceptedReasonC
1330530911/24/2022VulD...price_0day$0-$5ksee exploit price documentation11/24/2022accepted
90
1330530811/24/2022VulD...cvss3_meta_tempscore6.4see CVSS documentation11/24/2022accepted
90
1330530711/24/2022VulD...cvss3_meta_basescore7.3see CVSS documentation11/24/2022accepted
90
1330530611/24/2022VulD...cvss3_vuldb_tempscore6.4see CVSS documentation11/24/2022accepted
90
1330530511/24/2022VulD...cvss3_vuldb_basescore7.3see CVSS documentation11/24/2022accepted
90
1330530411/24/2022VulD...cvss2_vuldb_tempscore6.1see CVSS documentation11/24/2022accepted
90
1330530311/24/2022VulD...cvss2_vuldb_basescore7.5see CVSS documentation11/24/2022accepted
90
1330530211/24/2022VulD...cvss2_vuldb_rlWderived from vuldb v3 vector11/24/2022accepted
80
1330530111/24/2022VulD...cvss2_vuldb_rcURderived from vuldb v3 vector11/24/2022accepted
80
1330530011/24/2022VulD...cvss2_vuldb_ePOCderived from vuldb v3 vector11/24/2022accepted
80
1330529911/24/2022VulD...cvss2_vuldb_aiPderived from vuldb v3 vector11/24/2022accepted
80
1330529811/24/2022VulD...cvss2_vuldb_iiPderived from vuldb v3 vector11/24/2022accepted
80
1330529711/24/2022VulD...cvss2_vuldb_ciPderived from vuldb v3 vector11/24/2022accepted
80
1330529611/24/2022VulD...cvss2_vuldb_auNderived from vuldb v3 vector11/24/2022accepted
80
1330529511/24/2022VulD...cvss2_vuldb_acLderived from vuldb v3 vector11/24/2022accepted
80
1330529411/24/2022VulD...cvss2_vuldb_avNderived from vuldb v3 vector11/24/2022accepted
80
1330529311/24/2022VulD...typeRemote Access Software11/24/2022accepted
90
1330529211/24/2022VulD...date1669244400 (11/24/2022)11/24/2022accepted
90
1330529111/24/2022VulD...nocve111/24/2022accepted
90
1330529011/24/2022VulD...responsibleVulDB11/24/2022accepted
90

21 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!