القطاع Industry

Timeframe: -28 days

Default Categories (66): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Mozilla80
Apple50
Not Defined46
Microsoft42
Linux40

منتج

Apple macOS40
Linux Kernel40
Mozilla Firefox38
Mozilla Thunderbird32
Microsoft Windows30

معالجة

Official Fix408
Temporary Fix0
Workaround6
Unavailable0
Not Defined82

قابلية الاستغلال

High2
Functional0
Proof-of-Concept20
Unproven36
Not Defined438

متجه الوصول

Not Defined0
Physical6
Local48
Adjacent76
Network366

توثيق

Not Defined0
High56
Low200
None240

تفاعل المستخدم

Not Defined0
Required190
None306

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤436
≤584
≤692
≤7164
≤860
≤942
≤108

CVSSv3 Temp

≤10
≤20
≤316
≤432
≤586
≤6178
≤796
≤870
≤912
≤106

VulDB

≤10
≤22
≤310
≤446
≤582
≤680
≤7184
≤844
≤940
≤108

NVD

≤1448
≤20
≤32
≤40
≤510
≤612
≤74
≤88
≤98
≤104

CNA

≤1412
≤20
≤32
≤44
≤56
≤612
≤720
≤828
≤98
≤104

المجهز

≤1458
≤20
≤30
≤40
≤50
≤60
≤74
≤826
≤98
≤100

إكسبلويت ذات هجوم فوري

<1k16
<2k134
<5k28
<10k120
<25k134
<50k36
<100k28
≥100k0

إكسبلويت اليوم

<1k140
<2k94
<5k104
<10k88
<25k70
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en742
ja180
ru32
de12
zh10

البلد

jp210
us190
cn46
ru36
it34

الفاعلين

Conti1
Cuba Ransomware1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Web Browser50
Operating System32
Mail Client Software24
Router Operating System18
Cloud Software14

المجهز

Mozilla58
Not Defined14
Microsoft14
Google12
MediaTek12

منتج

Mozilla Firefox32
Mozilla Thunderbird24
Google Chrome12
Microsoft Windows12
MediaTek MT678910

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect تلف الذاكرة8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix6.390.00950CVE-2022-47939
2Linux Kernel ksmbd smb2misc.c smb2_get_data_area_len الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix2.110.00950CVE-2022-47943
3Linux Kernel ksmbd smb2pdu.c smb2_write الكشف عن المعلومات4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix1.830.00950CVE-2022-47940
4sproctor php-calendar index.php سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.060.00885CVE-2022-4455
5Openstack Kolla sudoers تجاوز الصلاحيات8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.780.00885CVE-2022-38060
6y_project RuoYi GenController حقن إس كيو إل5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.720.01018CVE-2022-4566
7HXL BigFix Server Automation Notification Service Privilege Escalation7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.670.00885CVE-2022-38658
8VMware ESXi/Workstation/Fusion/Cloud Foundation USB 2.0 controller تلف الذاكرة8.88.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.830.01036CVE-2022-31705
9D-Link DIR-882 SetWLanRadioSecurity Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.670.00885CVE-2022-46569
10D-Link DIR-882 SetWan2Settings Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.730.00885CVE-2022-46560
11Linux Kernel smb2misc.c smb2_get_data_area_len الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.620.00950CVE-2022-47938
12FeMiner wms تجاوز الصلاحيات7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.620.00885CVE-2022-4272
13HCL IBM Notes Micro Focus KeyView lasr.dll تلف الذاكرة8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.700.01103CVE-2022-44755
14TP-Link TL-WR740N ARP الحرمان من الخدمة6.55.7$0-$5k$0-$5kProof-of-ConceptWorkaround0.710.00885CVE-2022-4296
15Sophos Firewall Webadmin Import Group Wizard سكربتات مشتركة5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.620.00885CVE-2022-3709
16Horner Automation RCC 972 تشفير ضعيف9.89.6$0-$5k$0-$5kNot DefinedNot Defined0.630.01086CVE-2022-2641
17CalendarXP سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.580.00954CVE-2022-4522
18Linux Kernel io_uring.c io_sqpoll_wait_sq الحرمان من الخدمة6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.650.00885CVE-2022-47946
19D-Link DIR-882 SetDynamicDNSSettings Module تلف الذاكرة5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.620.00885CVE-2022-46563
20Horner Automation RCC 972 تشفير ضعيف6.46.3$0-$5k$0-$5kNot DefinedNot Defined0.570.00885CVE-2022-2640

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
184.17.52.0/24Contipredictiveعالي
2XXX.XXX.XX.X/XXXxxxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-21, CWE-22Pathname Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Injectionpredictiveعالي
4T1059CWE-88, CWE-94Cross Site Scriptingpredictiveعالي
5T1059.007CWE-79, CWE-85Cross Site Scriptingpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictiveعالي
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxxxxxxpredictiveعالي
11TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
12TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
13TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
15TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
17TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveعالي
18TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveعالي
19TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxxpredictiveعالي
20TXXXX.XXXCWE-XXXXxxxxxxxxxxx Xxxxxxpredictiveعالي
21TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (49)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/etc/sudoerspredictiveمتوسط
2File/product/savenewproduct.php?flag=1predictiveعالي
3File102/tcppredictiveواطئ
4Fileaddons/ooh323c/src/ooq931.cpredictiveعالي
5Fileb/fs/ksmbd/smb2misc.cpredictiveعالي
6Filebarbican/api/controllers/__init__.pypredictiveعالي
7Filecom/ruoyi/generator/controller/GenControllerpredictiveعالي
8Filexxxxxx_xxx.xpredictiveمتوسط
9Filexxxxxxx/xxx/xxx/xxx.xpredictiveعالي
10Filexxxxxxx/xxx/xxx/xxx/xxxxxx/xxx_xxxx.xpredictiveعالي
11Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxx.xpredictiveعالي
12Filexxxxxxx/xxxxxxxxxx/xxxx/xxxxxx_xxxx.xpredictiveعالي
13Filexxxxxxx/xxxxx/xxxxxxxx/xxx-xxxxxx/xxx_xxxxxx_xx_xxx.xpredictiveعالي
14Filexxxxxxx/xxxx/xxxxx/xxxx.xpredictiveعالي
15Filexxxxxxx/xxx/xxxxxxxx/xxx/xxxxx_xxx.xpredictiveعالي
16Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxx.xpredictiveعالي
17Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveعالي
18Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveعالي
19Filexxxxxxx/xxxxx/xxxxxx/xxxxxx_xxxxx.xpredictiveعالي
20Filexxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxx/xxxx_xxxxxxx.xpredictiveعالي
21Filexxxxxxx/xxxxxxx/xxxxxxx/xxxx/xxx_xxxx.xpredictiveعالي
22Filexx/xx_xxxxx.xpredictiveعالي
23Filexx/xxxxx/xxxxxxxx.xpredictiveعالي
24Filexx/xxxxx/xxxxxxx.xpredictiveعالي
25Filexx/xxxxx/xxxxxx.xpredictiveعالي
26Filexxxxx.xxxpredictiveمتوسط
27Filexxxxx_xxxpredictiveمتوسط
28Filexxx-xxx/xxxxx.xpredictiveعالي
29Filexxx/xxxx/xxxx_xxxx.xpredictiveعالي
30Filexxxxxxxxxxxxxxpredictiveعالي
31Filexxxx_xxxxxxxxpredictiveعالي
32Filexxxxxx_xxxxx.xxxpredictiveعالي
33Filexxx_xxxxx_xxxxxx.xpredictiveعالي
34Filexxxxxxxxxx.xxxpredictiveعالي
35Libraryxxxxxxxx.xxxpredictiveمتوسط
36Libraryxxxx.xxxpredictiveمتوسط
37Libraryxxxxx.xxxpredictiveمتوسط
38Argument$_xxxxxx['xxx_xxxx']predictiveعالي
39Argumentxxxxxxxxxxxxxxxpredictiveعالي
40Argumentxx(x)_xxxxx_xxxxxxxxxxpredictiveعالي
41Argumentxxxx_xxxxxxx_xxxxpredictiveعالي
42Argumentxxxxpredictiveواطئ
43Argumentxxxxxxxxx_xxx_xxxx_xxxxxxx_xxxxpredictiveعالي
44Argumentxxxxxxxxx_xxx_xxxx_xxxx_xxxxxxxpredictiveعالي
45Argumentxxxpredictiveواطئ
46Argumentxxxxxxpredictiveواطئ
47Argumentxxxxxxxxpredictiveمتوسط
48Argumentxxxpredictiveواطئ
49Argumentxxxxxxpredictiveواطئ
التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!