Sektor Industry

Timeframe: -28 days

Default Categories (66): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Zeitverlauf

Hersteller

Linux376
Microsoft134
Oracle60
Foxit56
Juniper34

Produkt

Linux Kernel376
Microsoft Windows100
Foxit PDF Reader56
Juniper Junos OS30
MediaTek MT876526

Massnahmen

Official Fix892
Temporary Fix0
Workaround2
Unavailable0
Not Defined110

Ausnutzbarkeit

High6
Functional2
Proof-of-Concept30
Unproven120
Not Defined846

Zugriffsart

Not Defined0
Physical4
Local160
Adjacent406
Network434

Authentisierung

Not Defined0
High114
Low564
None326

Benutzeraktivität

Not Defined0
Required214
None790

C3BM Index

CVSSv3 Base

≤10
≤20
≤334
≤460
≤5250
≤6294
≤7152
≤8148
≤960
≤106

CVSSv3 Temp

≤10
≤20
≤334
≤482
≤5238
≤6394
≤7116
≤8114
≤920
≤106

VulDB

≤10
≤22
≤346
≤482
≤5232
≤6282
≤7160
≤8148
≤946
≤106

NVD

≤11004
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1734
≤20
≤36
≤44
≤548
≤662
≤744
≤866
≤930
≤1010

Hersteller

≤1876
≤20
≤30
≤40
≤52
≤614
≤722
≤854
≤936
≤100

Exploit 0-day

<1k44
<2k182
<5k44
<10k478
<25k128
<50k112
<100k16
≥100k0

Exploit heute

<1k368
<2k266
<5k180
<10k94
<25k84
<50k12
<100k0
≥100k0

Exploitmarktvolumen

IOB - Indicator of Behavior (1000)

Zeitverlauf

Sprache

en630
ja76
de62
zh52
ru50

Land

us228
jp78
de72
gb68
fr60

Akteure

Cobalt Strike5
QakBot1
RedLine Stealer1
Unrecom1
DPRK1

Aktivitäten

Interesse

Zeitverlauf

Typ

Operating System56
Web Browser30
Database Software18
Router Operating System18
Virtualization Software14

Hersteller

Linux38
Microsoft34
Not Defined24
Oracle20
Google20

Produkt

Linux Kernel38
Google Chrome18
Microsoft Windows14
Microsoft OLE DB Driver8
Microsoft SQL Server8

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasEPSSCTICVE
1Backdoor.Win32.Dumador.c FTP Server Pufferüberlauf6.35.6$0-$5k$0-$5kProof-of-ConceptWorkaround0.000002.06-
2PuTTY ECDSA Nonce Generation Information Disclosure3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000460.13CVE-2024-31497
3Cisco ClamAV HTML Parser Denial of Service7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.03CVE-2024-20380
4GNU C Library iconv Pufferüberlauf5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.17CVE-2024-2961
5Microsoft Edge Information Disclosure5.45.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.30CVE-2024-29987
6Palo Alto Networks PAN-OS GlobalProtect erweiterte Rechte8.98.7$0-$5k$0-$5kHighOfficial Fix0.022210.17CVE-2024-3400
7Check Point ZoneAlarm Extreme Security NextGen erweiterte Rechte5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-24910
8SolarWinds Serv-U Directory Traversal6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.06CVE-2024-28073
9Google Chrome V8 Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.17CVE-2024-3914
10Microsoft Edge Information Disclosure4.84.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.06CVE-2024-29986
11Google Chrome Downloads Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.06CVE-2024-3834
12code-projects Online Book System index.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.20CVE-2024-3000
13code-projects Online Book System description.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.22CVE-2024-3002
14Google Chrome V8 Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.09CVE-2024-3832
15Vesystem Cloud Desktop fileupload2.php erweiterte Rechte6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.03CVE-2024-3804
16Vesystem Cloud Desktop fileupload.php erweiterte Rechte6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.03CVE-2024-3803
17Fortinet FortiOS HTTP Request Information Disclosure5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-23662
18HashiCorp Shared library erweiterte Rechte8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.03CVE-2024-3817
19Cisco IOS/IOS XE SNMP Extended Named Access erweiterte Rechte5.35.1$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000000.06CVE-2024-20373
20Microsoft Edge erweiterte Rechte5.04.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.07CVE-2024-29991

IOC - Indicator of Compromise (22)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP-BereichAkteurTypAkzeptanz
118.193.71.0/24Cobalt StrikeprädiktivHigh
231.50.144.0/24QakBotprädiktivHigh
343.156.67.0/24Cobalt StrikeprädiktivHigh
4XX.XX.XX.X/XXXxxxxx XxxxxxprädiktivHigh
5XX.X.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
6XX.XXX.XX.X/XXXxxxxx XxxxxxprädiktivHigh
7XX.XXX.XXX.X/XXXxxxxxxprädiktivHigh
8XX.XX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
9XX.XXX.XXX.X/XXXxxxxxxprädiktivHigh
10XX.XXX.XXX.X/XXXxxxxxprädiktivHigh
11XX.XXX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
12XX.XXX.X.X/XXXxxxx XxxxxxxprädiktivHigh
13XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
14XXX.XXX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
15XXX.XX.XXX.X/XXXxxxxxx Xxxxx XxxxxprädiktivHigh
16XXX.XXX.XXX.X/XXXxxxprädiktivHigh
17XXX.XX.XXX.X/XXXxxxxprädiktivHigh
18XXX.XXX.XXX.X/XXXxxxxprädiktivHigh
19XXX.XXX.XXX.X/XXXxxxxprädiktivHigh
20XXX.XXX.XXX.X/XXXxxxx XxxxxxxprädiktivHigh
21XXX.XX.XX.X/XXXxxxxxxprädiktivHigh
22XXX.XXX.XXX.X/XXXxxxxprädiktivHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1006CWE-22, CWE-23, CWE-35Path TraversalprädiktivHigh
2T1040CWE-319Authentication Bypass by Capture-replayprädiktivHigh
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
4T1059CWE-88, CWE-94, CWE-1321Argument InjectionprädiktivHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingprädiktivHigh
6T1068CWE-250, CWE-269, CWE-274, CWE-284Execution with Unnecessary PrivilegesprädiktivHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxprädiktivHigh
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxprädiktivHigh
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
10TXXXX.XXXCWE-XXXXxxx XxxxxxxxprädiktivHigh
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxprädiktivHigh
12TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxprädiktivHigh
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxprädiktivHigh
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxprädiktivHigh
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
16TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxprädiktivHigh
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxprädiktivHigh
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxprädiktivHigh
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxprädiktivHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
21TXXXXCWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxprädiktivHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
23TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxprädiktivHigh
24TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxprädiktivHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh
26TXXXXCWE-XXXXxxxxxxxxxx XxxxxxprädiktivHigh
ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!