القطاع Education

Timeframe: -28 days

Default Categories (58): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Blog Software, Calendar Software, Chat Software, Cloud Software, Communications System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Firewall Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Learning Management Software, Library Management System Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Spreadsheet Software, SSH Server Software, Survey Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Mozilla84
Apple82
Not Defined58
Microsoft48
Google28

منتج

Mozilla Thunderbird40
Mozilla Firefox38
Apple macOS38
Apple tvOS32
Google Chrome28

معالجة

Official Fix356
Temporary Fix0
Workaround4
Unavailable0
Not Defined86

قابلية الاستغلال

High6
Functional4
Proof-of-Concept18
Unproven42
Not Defined376

متجه الوصول

Not Defined0
Physical4
Local30
Adjacent56
Network356

توثيق

Not Defined0
High32
Low170
None244

تفاعل المستخدم

Not Defined0
Required220
None226

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤430
≤588
≤664
≤7156
≤852
≤940
≤106

CVSSv3 Temp

≤10
≤20
≤316
≤426
≤592
≤6160
≤770
≤858
≤922
≤102

VulDB

≤10
≤22
≤314
≤450
≤572
≤662
≤7170
≤834
≤938
≤104

NVD

≤1396
≤20
≤30
≤40
≤56
≤68
≤76
≤80
≤918
≤1012

CNA

≤1382
≤20
≤32
≤44
≤52
≤614
≤716
≤814
≤96
≤106

المجهز

≤1400
≤20
≤30
≤40
≤50
≤64
≤78
≤826
≤98
≤100

إكسبلويت ذات هجوم فوري

<1k12
<2k106
<5k50
<10k84
<25k134
<50k40
<100k20
≥100k0

إكسبلويت اليوم

<1k108
<2k88
<5k92
<10k102
<25k56
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en668
ja220
ru38
zh26
fr20

البلد

jp270
us184
cn70
ru40
fr34

الفاعلين

Conti1
Cuba Ransomware1
Formbook1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Web Browser48
Operating System32
Router Operating System28
Mail Client Software18
Cloud Software10

المجهز

Mozilla54
Not Defined20
Microsoft14
D-Link12
Google10

منتج

Mozilla Firefox32
Mozilla Thunderbird18
D-Link DIR-88212
Google Chrome10
Microsoft Windows10

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect تلف الذاكرة8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix7.850.00950CVE-2022-47939
2Linux Kernel ksmbd smb2misc.c smb2_get_data_area_len الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix2.600.00950CVE-2022-47943
3Linux Kernel ksmbd smb2pdu.c smb2_write الكشف عن المعلومات4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix2.550.00950CVE-2022-47940
4Squid Web Proxy SSPI/SMB تلف الذاكرة4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix1.250.00000CVE-2022-41318
5Slixmpp XMLStream توثيق ضعيف5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix1.400.00950CVE-2022-45197
6VMware ESXi/Workstation/Fusion/Cloud Foundation USB 2.0 controller تلف الذاكرة8.88.4$5k-$25k$5k-$25kNot DefinedOfficial Fix1.040.01036CVE-2022-31705
7TP-Link TL-WR740N ARP الحرمان من الخدمة6.55.7$0-$5k$0-$5kProof-of-ConceptWorkaround0.990.00885CVE-2022-4296
8sproctor php-calendar index.php سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.990.00885CVE-2022-4455
9Linux Kernel smb2misc.c smb2_get_data_area_len الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.890.00950CVE-2022-47938
10Openstack Kolla sudoers تجاوز الصلاحيات8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.770.00885CVE-2022-38060
11D-Link DIR-882 SetWan3Settings Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.620.00885CVE-2022-46570
12Squid Web Proxy Internal URL الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.680.00000CVE-2022-41317
13Linux Kernel io_uring.c io_sqpoll_wait_sq الحرمان من الخدمة6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.680.00885CVE-2022-47946
14Fortinet FortiOS sslvpnd تلف الذاكرة9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.680.00000CVE-2022-42475
15D-Link DIR-882 SetWLanRadioSecurity Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.620.00885CVE-2022-46569
16y_project RuoYi GenController حقن إس كيو إل5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.700.01018CVE-2022-4566
17D-Link DIR-882 SetWan2Settings Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.720.00885CVE-2022-46560
18vim تلف الذاكرة8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.590.00885CVE-2022-3520
19Axiomatic Bento4 mp42aac تلف الذاكرة6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.630.00954CVE-2022-4584
20D-Link DIR-882 SetDynamicDNSSettings Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.520.00885CVE-2022-46563

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
143.249.37.0/24Patchworkpredictiveعالي
2XX.XX.XX.X/XXXxxxxpredictiveعالي
3XXX.XXX.XX.X/XXXxxxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-21, CWE-22Pathname Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Injectionpredictiveعالي
4T1059CWE-94Cross Site Scriptingpredictiveعالي
5T1059.007CWE-79, CWE-85Cross Site Scriptingpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictiveعالي
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxxxxxxpredictiveعالي
11TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
12TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
13TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
15TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictiveعالي
16TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
17TXXXX.XXXCWE-XXXXxxxxxxxpredictiveعالي
18TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveعالي
19TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveعالي
20TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxxpredictiveعالي
21TXXXX.XXXCWE-XXXXxxxxxxxxxxx Xxxxxxpredictiveعالي
22TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (51)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/etc/sudoerspredictiveمتوسط
2Fileaddons/ooh323c/src/ooq931.cpredictiveعالي
3Fileb/fs/ksmbd/smb2misc.cpredictiveعالي
4Filebarbican/api/controllers/__init__.pypredictiveعالي
5FileC:\tools\php81predictiveعالي
6Filecom/ruoyi/generator/controller/GenControllerpredictiveعالي
7Filedecode_r11.cpredictiveمتوسط
8Filedrivers/clk/imx/clk.cpredictiveعالي
9Filexxxxxxx/xxx/xxx/xxx/xxxxxx/xxx_xxxx.xpredictiveعالي
10Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxx.xpredictiveعالي
11Filexxxxxxx/xxxxxxxxxx/xxxx/xxxxxx_xxxx.xpredictiveعالي
12Filexxxxxxx/xxxxx/xxxxxxxx/xxx-xxxxxx/xxx_xxxxxx_xx_xxx.xpredictiveعالي
13Filexxxxxxx/xxxx/xxxxx/xxxx.xpredictiveعالي
14Filexxxxxxx/xxx/xxxxxxxx/xxx/xxxxx_xxx.xpredictiveعالي
15Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxx.xpredictiveعالي
16Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveعالي
17Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveعالي
18Filexxxxxxx/xxxxx/xxxxxx/xxxxxx_xxxxx.xpredictiveعالي
19Filexxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxx/xxxx_xxxxxxx.xpredictiveعالي
20Filexxxxxxx/xxxxxxx/xxxxxxx/xxxx/xxx_xxxx.xpredictiveعالي
21Filexx/xx_xxxxx.xpredictiveعالي
22Filexx/xxxxx/xxxxxxxx.xpredictiveعالي
23Filexx/xxxxx/xxxxxxx.xpredictiveعالي
24Filexx/xxxxx/xxxxxx.xpredictiveعالي
25Filexxxxx.xxxpredictiveمتوسط
26Filexxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveعالي
27Filexxxxx_xxxpredictiveمتوسط
28Filexxx-xxx/xxxxx.xpredictiveعالي
29Filexxxxxxxxxx/xxx.xpredictiveعالي
30Filexxxx.xxpredictiveواطئ
31Filexxx/xxxx/xxxx_xxxx.xpredictiveعالي
32Filexxxxxxxxxxxxxxpredictiveعالي
33Filexxxx_xxxxxxxxpredictiveعالي
34Filexxxxxx_xxxxx.xxxpredictiveعالي
35Filexxx_xxxxx_xxxxxx.xpredictiveعالي
36Libraryxxxxxxxx.xxxpredictiveمتوسط
37Libraryxxxx.xxxpredictiveمتوسط
38Libraryxxxxx.xxxpredictiveمتوسط
39Argument$_xxxxxx['xxx_xxxx']predictiveعالي
40Argumentxxxxxxxxxxxxxxxpredictiveعالي
41Argumentxx(x)_xxxxx_xxxxxxxxxxpredictiveعالي
42Argumentxxxx_xxxxxxx_xxxxpredictiveعالي
43Argumentxxxxpredictiveواطئ
44Argumentxxxxxxxxx_xxx_xxxx_xxxxxxx_xxxxpredictiveعالي
45Argumentxxxxxxxxx_xxx_xxxx_xxxx_xxxxxxxpredictiveعالي
46Argumentxxxpredictiveواطئ
47Argumentxxxxxxpredictiveواطئ
48Argumentxxxxxxxxpredictiveمتوسط
49Argumentxxxpredictiveواطئ
50Argumentxxxxxxxx[xx]predictiveمتوسط
51Argumentxxxxx_xxxxxxx/xxxx_xxxxxxxpredictiveعالي
التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!