القطاع Energy

Timeframe: -28 days

Default Categories (67): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Linux236
Apple64
Foxit56
Microsoft52
Cisco40

منتج

Linux Kernel236
Foxit PDF Reader56
Apple macOS54
Microsoft Windows36
Qualcomm Snapdragon26

معالجة

Official Fix612
Temporary Fix0
Workaround4
Unavailable0
Not Defined128

قابلية الاستغلال

High0
Functional0
Proof-of-Concept20
Unproven44
Not Defined680

متجه الوصول

Not Defined0
Physical4
Local130
Adjacent280
Network330

توثيق

Not Defined0
High52
Low414
None278

تفاعل المستخدم

Not Defined0
Required186
None558

C3BM Index

CVSSv3 Base

≤10
≤20
≤320
≤466
≤5132
≤6236
≤7148
≤898
≤938
≤106

CVSSv3 Temp

≤10
≤20
≤328
≤466
≤5128
≤6322
≤792
≤888
≤914
≤106

VulDB

≤10
≤22
≤326
≤482
≤5138
≤6212
≤7140
≤8108
≤930
≤106

NVD

≤1744
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1578
≤20
≤30
≤42
≤516
≤626
≤728
≤862
≤926
≤106

المجهز

≤1700
≤20
≤30
≤40
≤50
≤64
≤710
≤816
≤914
≤100

إكسبلويت ذات هجوم فوري

<1k22
<2k222
<5k54
<10k270
<25k122
<50k34
<100k20
≥100k0

إكسبلويت اليوم

<1k272
<2k220
<5k156
<10k52
<25k42
<50k2
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en716
zh66
de40
it26
fr26

البلد

us188
cn126
hu56
de42
it34

الفاعلين

Cobalt Strike6
RedLine Stealer2
Mirai2
Black KingDom1
Wocao1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Operating System72
Document Reader Software36
Web Browser18
Chip Software12
Router Operating System12

المجهز

Linux42
Foxit34
Apple26
Not Defined22
Microsoft16

منتج

Linux Kernel42
Foxit PDF Reader34
Apple macOS22
Microsoft Windows8
Cisco IOS XE8

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.850.00000CVE-2017-20191
2code-projects Online Book System cart.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.700.00045CVE-2024-3003
3code-projects Online Book System Product.php سكربتات مشتركة3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.930.00045CVE-2024-3004
4code-projects Online Book System description.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.010.00045CVE-2024-3002
5Linux Kernel push-switch flush_work تلف الذاكرة8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix1.010.00000CVE-2023-52629
6code-projects Online Book System Product.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.890.00045CVE-2024-3001
7code-projects Online Book System index.php حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.010.00045CVE-2024-3000
8D-Link DIR-3040us A1 FTP Server تلف الذاكرة7.37.3$5k-$25k$5k-$25kNot DefinedNot Defined1.17-0.00000CVE-2024-27619
9Schneider Electric Easergy T200 الكشف عن المعلومات6.76.7$0-$5k$0-$5kNot DefinedOfficial Fix0.540.00043CVE-2024-2051
10AutomationDirect C-MORE EA9 HMI اجتياز الدليل6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.590.00043CVE-2024-25136
11Media Library Assistant Plugin Shortcode mla_gallery سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.120.00045CVE-2024-2475
12Linux Kernel __tracing_map_insert تجاوز الصلاحيات4.64.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.540.00044CVE-2024-26645
13Apple macOS App تجاوز الصلاحيات5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.270.00044CVE-2023-42947
14All In One WP Security & Firewall Plugin طلب تزوير مشترك4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.54-0.00000CVE-2024-30468
15Apple macOS App الكشف عن المعلومات3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.270.00044CVE-2023-42936
16WPdevelop Booking Calendar Plugin حقن إس كيو إل6.16.1$0-$5k$0-$5kNot DefinedNot Defined0.100.00043CVE-2023-23991
17code-projects Mobile Shop Login Page Details.php حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.250.00045CVE-2024-2927
18Apple macOS Web Content تلف الذاكرة6.36.0$5k-$25k$5k-$25kNot DefinedOfficial Fix0.310.00045CVE-2023-42950
19zephyrproject-rtos Zephyr BLE تلف الذاكرة6.16.1$0-$5k$0-$5kNot DefinedNot Defined0.530.00043CVE-2024-3077
20Apple macOS Remote Login Session تجاوز الصلاحيات8.88.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.120.00043CVE-2023-42913

IOC - Indicator of Compromise (30)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
12.57.122.0/24Miraipredictiveعالي
23.75.178.0/24Cobalt Strikepredictiveعالي
35.42.65.0/24Zusypredictiveعالي
4X.XXX.XX.X/XXXxxxxx Xxxxxxpredictiveعالي
5X.XXX.XX.X/XXXxxxxx Xxxxxxpredictiveعالي
6X.XXX.XXX.X/XXXxxxxxxxxpredictiveعالي
7X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
8X.XXX.XXX.X/XXXxxxxxxxxpredictiveعالي
9X.XXX.XXX.X/XXXxxxxpredictiveعالي
10X.XXX.XXX.X/XXXxxxxxpredictiveعالي
11X.XXX.XXX.X/XXXxxxxpredictiveعالي
12X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
13X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
14X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
15X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
16X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
17XX.XXX.XXX.X/XXXxxxxxxxpredictiveعالي
18XX.XXX.XXX.X/XXXxxxxxxpredictiveعالي
19XX.XX.XXX.X/XXXxxxxxxxpredictiveعالي
20XX.XX.XXX.X/XXXxxxxpredictiveعالي
21XXX.XX.XXX.X/XXXxxxxpredictiveعالي
22XXX.XX.XXX.X/XXXxxxxxxxpredictiveعالي
23XXX.XX.XX.X/XXXxxxx Xxxpredictiveعالي
24XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
25XXX.XX.XXX.X/XXXxxxxxx Xxxxx Xxxxxpredictiveعالي
26XXX.XXX.XXX.X/XXXxxxxxxxxpredictiveعالي
27XXX.XX.XX.X/XXXxxxxxx Xxxxxxpredictiveعالي
28XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictiveعالي
29XXX.XX.XXX.X/XXXxxxxx Xxxpredictiveعالي
30XXX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-23Path Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
4T1059CWE-94Argument Injectionpredictiveعالي
5T1059.007CWE-79Cross Site Scriptingpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictiveعالي
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
10TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
11TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
12TXXXXCWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
14TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveعالي
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
19TXXXX.XXXCWE-XXXXxxxxxxxpredictiveعالي
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictiveعالي
22TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (90)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/admin/index.phppredictiveعالي
2File/cart.phppredictiveمتوسط
3File/cgi-bin/gui.cgipredictiveعالي
4File/description.phppredictiveعالي
5File/Employer/DeleteJob.php?JobId=1predictiveعالي
6File/index.phppredictiveمتوسط
7File/login.phppredictiveمتوسط
8File/member/chat.phppredictiveعالي
9File/member/member_edit.phppredictiveعالي
10File/member/view.phppredictiveعالي
11File/Product.phppredictiveمتوسط
12File/secret_coder.sqlpredictiveعالي
13File/xxxxx.xxxpredictiveمتوسط
14Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveعالي
15Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveعالي
16Filexxxx/xxx/xxx/xxx/xxxxxx.xpredictiveعالي
17Filexxxxxxx.xxxpredictiveمتوسط
18Filexxxxxxx/xxxx/xxxx_xxxxxx.xpredictiveعالي
19Filexxxxxxx/xxx/xxx/xxxx_xxxxxx.xpredictiveعالي
20Filexxxxxxx/xxx/xxx/xxxxxxxx.xpredictiveعالي
21Filexx/xxxxx/xxxxxxxxxxx.xpredictiveعالي
22Filexx/xxxxx/xxxx-xxx.xpredictiveعالي
23Filexx/xxxx/xxxxxxx_xxxxxx.xpredictiveعالي
24Filexx/xxx/xxx_xxxx.xpredictiveعالي
25Filexx/xxx/xxx_xxxxx.xpredictiveعالي
26Filexx/xxx/xxx_xxxx.xpredictiveعالي
27Filexxx_xxx_xxxx.xpredictiveعالي
28Filexxxxxxx/xxxxx/xxxx.xpredictiveعالي
29Filexxxxxx/xxx/xxxxxxx.xpredictiveعالي
30Filexxxxxx.xpredictiveمتوسط
31Filexxxxx.xxxpredictiveمتوسط
32Filexxxxx.xxxpredictiveمتوسط
33Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveعالي
34Filexx/xxxx_xxxxx.xpredictiveعالي
35Filexxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxx.xpredictiveعالي
36Filexxx/xxxx/xxx.xpredictiveعالي
37Filexxx/xxxx/xxxxxx.xpredictiveعالي
38Filexxx/xxxx/xxx_xxxxxx.xpredictiveعالي
39Filexxx/xxxx/xxxxx.xpredictiveعالي
40Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictiveعالي
41Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveعالي
42Filexxx/xxxxxxxxxxx/xxxx.xpredictiveعالي
43Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveعالي
44Filexxx/xxx/xxx_xxx/xxxxxx/xxx_xxxxx_xxxxxxxx_xxxx_xxxxxxx.xpredictiveعالي
45Filexxx.xxxxxxpredictiveمتوسط
46Filexxxxxx-xxxxx.xxxpredictiveعالي
47Filexxxxxx-xxxxxxxx.xxxpredictiveعالي
48Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveعالي
49Filexxx/xxxxxxxxxxxx:predictiveعالي
50Library/xxxxx/xxxx/xxxx/xxxx/xxx/xxx/xxxxxxxxx.xpredictiveعالي
51Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveعالي
52Libraryxxxxxxx/xxxxx/xxx.xpredictiveعالي
53Libraryxxxxxxx/xxxxx/xxxx.xpredictiveعالي
54Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveعالي
55Libraryxxxx_xx.xxpredictiveمتوسط
56Libraryxxx/xxx_xxxx.xpredictiveعالي
57Libraryxxx/xxxx_xxxxx.xpredictiveعالي
58Libraryxxx/xxxxxxxx.xpredictiveعالي
59Libraryxxx/xxxx_xxxxx.xpredictiveعالي
60Libraryxxx/xxxpredictiveواطئ
61Libraryxxx/xxxxxxxx.xpredictiveعالي
62Libraryxxxx.xxpredictiveواطئ
63Libraryxxxxx.xxxpredictiveمتوسط
64Argumentxxxxx_xxpredictiveمتوسط
65Argumentxxxxxxxxpredictiveمتوسط
66Argumentxxxxpredictiveواطئ
67Argumentxxxxxpredictiveواطئ
68Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveعالي
69Argumentxxxxxx_xxxxpredictiveمتوسط
70Argumentx_xxxxpredictiveواطئ
71Argumentxxpredictiveواطئ
72Argumentxxpredictiveواطئ
73Argumentxxxxxxxpredictiveواطئ
74Argumentxxxpredictiveواطئ
75Argumentxxxxpredictiveواطئ
76Argumentxxxx_xxxxpredictiveمتوسط
77Argumentxxxxx[]predictiveواطئ
78Argumentxxxxxxpredictiveواطئ
79Argumentxxx_xxxxxxpredictiveمتوسط
80Argumentxx_xxxxx_xxxxxxxpredictiveعالي
81Argumentxxxx_xxxxxx_xxxxxpredictiveعالي
82Argumentxxxxxxxpredictiveواطئ
83Argumentxxxxxxxx/xxxxxxpredictiveعالي
84Argumentxxxxxxpredictiveواطئ
85Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictiveعالي
86Argumentxxx/xxxxxxpredictiveمتوسط
87Argumentxxxxxxxxxpredictiveمتوسط
88Argumentxxxxxxxxpredictiveمتوسط
89Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveعالي
90Argumentxxxxxpredictiveواطئ
التالي نظرة عامة السابق

Interested in the pricing of exploits?

See the underground prices here!