Secteur Hospital

Timeframe: -28 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Chronologie

Fournisseur

Microsoft88
Not Defined52
Linux40
Google30
MediaTek22

Produit

Microsoft Windows56
Linux Kernel40
Google Chrome30
MediaTek MT687920
MediaTek MT698320

Contre-mesures

Official Fix328
Temporary Fix0
Workaround0
Unavailable4
Not Defined72

Exploitabilité

High0
Functional0
Proof-of-Concept30
Unproven70
Not Defined304

Vecteur d'accès

Not Defined0
Physical4
Local104
Adjacent56
Network240

Authentification

Not Defined0
High34
Low214
None156

Interaction de l'utilisateur

Not Defined0
Required156
None248

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤442
≤564
≤6106
≤786
≤856
≤932
≤108

CVSSv3 Temp

≤10
≤20
≤312
≤462
≤562
≤6166
≤734
≤858
≤96
≤104

VulDB

≤10
≤20
≤324
≤444
≤590
≤666
≤794
≤852
≤926
≤108

NVD

≤1404
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1310
≤20
≤32
≤44
≤54
≤614
≤732
≤820
≤910
≤108

Fournisseur

≤1334
≤20
≤30
≤40
≤52
≤66
≤716
≤820
≤922
≤104

Exploiter 0 jour

<1k46
<2k104
<5k36
<10k72
<25k44
<50k74
<100k28
≥100k0

Exploiter aujourd'hui

<1k150
<2k62
<5k64
<10k44
<25k84
<50k0
<100k0
≥100k0

Exploiter le volume du marché

IOB - Indicator of Behavior (1000)

Chronologie

Langue

en782
it60
de30
es26
zh24

De campagne

us114
it70
de68
cn58
gb36

Acteurs

Conti2
Raccoon Stealer1
Indexsinas1
Astro Locker1
IcedID1

Activités

Intérêt

Chronologie

Taper

Operating System46
Firewall Software12
Web Browser12
Router Operating System10
Anti-Malware Software8

Fournisseur

Microsoft52
Not Defined14
Linux8
Fortinet6
Zoom4

Produit

Microsoft Windows38
Linux Kernel8
Fortinet FortiOS6
Microsoft Edge6
Zoom Client4

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConCTIEPSSCVE
1Microsoft Windows ICMP Remote Code Execution9.88.5$50k-$100k$10k-$25kUnprovenOfficial Fix10.000.00255CVE-2023-23415
2code-projects Responsive Hotel Site Newsletter Log messages.php sql injection6.35.7$1k-$2k$0-$1kProof-of-ConceptNot Defined1.570.00045CVE-2023-1498
3Filseclab Twister Antivirus IoControlCode fildds.sys dénie de service6.55.9$10k-$25k$0-$1kProof-of-ConceptNot Defined1.100.00045CVE-2023-1443
4SourceCodester Health Center Patient Record Management System login.php sql injection7.36.6$1k-$2k$0-$1kProof-of-ConceptNot Defined1.350.00063CVE-2023-1253
5Watchdog Anti-Virus IoControlCode wsdk-driver.sys elévation de privilèges4.44.0$2k-$5k$0-$1kProof-of-ConceptNot Defined1.130.00045CVE-2023-1453
6Watchdog Anti-Virus IoControlCode wsdk-driver.sys dénie de service5.55.0$2k-$5k$0-$1kProof-of-ConceptNot Defined1.010.00045CVE-2023-1446
7Filseclab Twister Antivirus IoControlCode fildds.sys dénie de service7.56.8$10k-$25k$0-$1kProof-of-ConceptNot Defined1.130.00045CVE-2023-1444
8Filseclab Twister Antivirus IoControlCode fildds.sys dénie de service3.33.0$2k-$5k$0-$1kProof-of-ConceptNot Defined1.200.00045CVE-2023-1445
9SourceCodester Health Center Patient Record Management System birthing_print.php cross site scripting3.53.2$1k-$2k$0-$1kProof-of-ConceptNot Defined1.220.00051CVE-2023-1254
10Citrix Workspace app ICA File elévation de privilèges5.34.9$2k-$5k$0-$1kFunctionalOfficial Fix0.880.00000CVE-2023-24486
11ATM Consulting dolibarr_module_quicksupplierprice interface.php upatePrice sql injection6.36.0$1k-$2k$0-$1kNot DefinedOfficial Fix1.260.00045CVE-2022-4933
12Apache HTTP Server mod_proxy elévation de privilèges5.04.8$10k-$25k$5k-$10kNot DefinedOfficial Fix1.040.00226CVE-2023-25690
13Microsoft Windows Remote Procedure Call Runtime Remote Code Execution9.88.5$50k-$100k$10k-$25kUnprovenOfficial Fix0.950.00237CVE-2023-21708
14SourceCodester Health Center Patient Record Management System hematology_print.php cross site scripting3.53.2$1k-$2k$0-$1kProof-of-ConceptNot Defined0.750.00060CVE-2023-1180
15Microsoft Windows HTTP Protocol Stack Remote Code Execution9.88.5$50k-$100k$10k-$25kUnprovenOfficial Fix0.700.00237CVE-2023-23392
16OTRS Community Edition ACL Module elévation de privilèges6.96.8$1k-$2k$0-$1kNot DefinedOfficial Fix1.38-0.00000CVE-2023-1250
17DrayTek Vigor 2960 mainfunction.cgi sub_1DA58 directory traversal4.33.9$1k-$2k$0-$1kProof-of-ConceptNot Defined0.620.00078CVE-2023-1163
18SourceCodester Electronic Medical Records System Cookie administrator.php sql injection6.35.7$1k-$2k$0-$1kProof-of-ConceptNot Defined0.650.00063CVE-2023-1151
19SourceCodester Health Center Patient Record Management System fecalysis_form.php cross site scripting3.53.2$1k-$2k$0-$1kProof-of-ConceptNot Defined0.650.00052CVE-2023-1156
20DrayTek Vigor 2960 mainfunction.cgi sub_1225C elévation de privilèges6.35.7$1k-$2k$0-$1kProof-of-ConceptNot Defined0.690.00139CVE-2023-1162

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActeurTaperConfiance
12.58.56.0/24Raccoon StealerpredictiveÉlevé
2XX.XX.XXX.X/XXXxxx XxxxxxxxxxpredictiveÉlevé
3XX.XXX.XXX.X/XXXxxxxxxx XxxxpredictiveÉlevé
4XXX.XX.X.X/XXXxxxxxpredictiveÉlevé
5XXX.XX.XXX.X/XXXxxxxxxxxxpredictiveÉlevé
6XXX.XX.XXX.X/XXXxxxx XxxxxxpredictiveÉlevé
7XXX.XX.XXX.X/XXXxxxxpredictiveÉlevé

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CWE-22, CWE-23Pathname TraversalpredictiveÉlevé
2T1055CWE-74InjectionpredictiveÉlevé
3T1059CWE-94Cross Site ScriptingpredictiveÉlevé
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveÉlevé
5TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
6TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveÉlevé
7TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveÉlevé
8TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveÉlevé
9TXXXXCWE-XXXxx XxxxxxxxxpredictiveÉlevé
10TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveÉlevé
11TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
12TXXXXCWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveÉlevé
13TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveÉlevé
14TXXXX.XXXCWE-XXXXxx Xx Xxxx XxxxpredictiveÉlevé
15TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveÉlevé

IOA - Indicator of Attack (105)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/ajax/update_certificatepredictiveÉlevé
2File/bookstore/bookPerPub.phppredictiveÉlevé
3File/cgi-bin/mainfunction.cgipredictiveÉlevé
4File/debugpredictiveFaible
5File/ResourceServicepredictiveÉlevé
6File/tmp/mulipartFilepredictiveÉlevé
7File/web/api/app/Controller/HostController.phppredictiveÉlevé
8File/web/index.phppredictiveÉlevé
9File/zm/index.phppredictiveÉlevé
10Fileadmin/fecalysis_form.phppredictiveÉlevé
11Fileadministrator.phppredictiveÉlevé
12Filebirthing_print.phppredictiveÉlevé
13Filebits.cpredictiveFaible
14Filexxxx.xpredictiveFaible
15Filexxxxxx.xxxpredictiveMoyen
16Filexxxxxxx/xxxxxxxxx/xxx_xxx.xpredictiveÉlevé
17Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxxxx.xpredictiveÉlevé
18Filexxxxxxx/xxx/xxx/xxxxxx/xxxxxxx_xxxxxx.xpredictiveÉlevé
19Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx/xxxxxxxx/xx_xxxxxx.xpredictiveÉlevé
20Filexxxxxxx/xxx/xxx.xpredictiveÉlevé
21Filexxxxxxx/xxx/xxxxx/xxxx.xpredictiveÉlevé
22Filexxxxxxx/xxxx/xxx/xxx-xxxxxxxx.xpredictiveÉlevé
23Filexxxxxxx/xxx/xxxx/xxxx_xxxx.xpredictiveÉlevé
24Filexxxxxxx/xxx/xxx.xpredictiveÉlevé
25Filexxxxxxx/xxx/xxxx/xxxx-xxxx.xpredictiveÉlevé
26Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveÉlevé
27Filexx/xxxx/xxxxxxx.xpredictiveÉlevé
28Filexx/xx-xxxxxxxxx.xpredictiveÉlevé
29Filexx/xxxx/xxxxxx.xpredictiveÉlevé
30Filexx/xxxxx/xxxxxx.xpredictiveÉlevé
31Filexx/xxxxx/xxxxx.xpredictiveÉlevé
32Filexx/xxxxx/xxxxxx.xpredictiveÉlevé
33Filexx/xxxxx/xxx.xpredictiveÉlevé
34Filexxxxxxxxxx_xxxxx.xxxpredictiveÉlevé
35Filexx/xxx/xxxxx.xpredictiveÉlevé
36Filexxxxxx/xxxxxx/xxxxxxxxxx.xpredictiveÉlevé
37Filexxxxxx/xxxxx/xx.xpredictiveÉlevé
38Filexxx.xxxpredictiveFaible
39Filexxxxx.xxxpredictiveMoyen
40Filexxxxxxxxxxxx.xxxpredictiveÉlevé
41Filexxxxxxxx.xxxpredictiveMoyen
42Filexx/xxxxxx-xxxxx.xpredictiveÉlevé
43Filexxxxxxx_xxx.xxxpredictiveÉlevé
44Filexxx/xxxx/xx_xxxx.xpredictiveÉlevé
45Filexxx/xxx/xxxxxxx.xpredictiveÉlevé
46Filexxx/xxxx/xxxx.xpredictiveÉlevé
47Filexxx/xxx/xxx_xxxx.xpredictiveÉlevé
48Filexxx/xxx/xxx_xx.xpredictiveÉlevé
49Filexxxx.xxxpredictiveMoyen
50Filexxxxxx/xxxxxxxxx.xxxpredictiveÉlevé
51Filexxx_xxxxx.xpredictiveMoyen
52Filexxxxx/xxxx/xxxx/xxxx.xpredictiveÉlevé
53Filexxxxx/xxxxxx.xpredictiveÉlevé
54Filexxxxxx_xxxx.xxxpredictiveÉlevé
55Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveÉlevé
56Filexxx/xxxx/xxxxx.xxxpredictiveÉlevé
57Filexxxxxx.xxxpredictiveMoyen
58Libraryxxxxxx.xxxpredictiveMoyen
59Libraryxxxxxx.xxxpredictiveMoyen
60Libraryxxxxxxxxxxx.xxxpredictiveÉlevé
61Libraryxxxxxxxxx.xxxpredictiveÉlevé
62Libraryxxxxxxxxxxxxxx.xxxpredictiveÉlevé
63Libraryxxxxxxxx.xxxpredictiveMoyen
64Libraryxxxx-xxxxxx.xxxpredictiveÉlevé
65Argumentxxxxx_xxxxxx_xxxxpredictiveÉlevé
66ArgumentxxxxpredictiveFaible
67ArgumentxxxxpredictiveFaible
68Argumentxxxxx_xxpredictiveMoyen
69ArgumentxxxxxxxxpredictiveMoyen
70ArgumentxxxxxxxpredictiveFaible
71ArgumentxxxxxxxxxxxxpredictiveMoyen
72Argumentxxxx_xxxxx_xxx_xxxxx_xxxxxxxxpredictiveÉlevé
73Argumentxxx_xxx_xxxxx_xxx_xx_xxxxxpredictiveÉlevé
74Argumentxxxx_xxxx_xxxxxx_xxx_xxx_xxxxxxxpredictiveÉlevé
75Argumentxxxxxx[xxxxx][xxxxx][x][xxxx]predictiveÉlevé
76Argumentxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxx/xxxxxxxxxxx/xxxxxx xxxxxxxx/xxxxxx xxxxxxpredictiveÉlevé
77ArgumentxxxxxxxxxxxxxpredictiveÉlevé
78Argumentxxxxxxx__xxxpredictiveMoyen
79Argumentxxx_xxpredictiveFaible
80Argumentxxx_xxpredictiveFaible
81ArgumentxxxxxxxxpredictiveMoyen
82ArgumentxxxxxxxxxxxxxxpredictiveÉlevé
83Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveÉlevé
84Argumentxxx_xxx_xxxpredictiveMoyen
85Argumentxxxx_xxx_xxxx_xxxxpredictiveÉlevé
86Argumentxxxxxx_xxx_xxxx_xxxxpredictiveÉlevé
87ArgumentxxxxxxxxxxxxxxxxxpredictiveÉlevé
88Argumentxxxx-xxx-xxxxxxxxxpredictiveÉlevé
89ArgumentxxxxxxxxpredictiveMoyen
90Argumentxx_xxxx_xxxxxx_xx_xxxxpredictiveÉlevé
91ArgumentxxxxxxpredictiveFaible
92Argumentxxxx_xxxxpredictiveMoyen
93ArgumentxxxxxxxxpredictiveMoyen
94Argumentxxxxxxxxx_xxxpredictiveÉlevé
95Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveÉlevé
96ArgumentxxxxxxxxxxxxpredictiveMoyen
97ArgumentxxxpredictiveFaible
98ArgumentxxxxxpredictiveFaible
99ArgumentxxxxxxpredictiveFaible
100ArgumentxxxxxxxxpredictiveMoyen
101ArgumentxxxxxxxxpredictiveMoyen
102Argumentxxxx_xxpredictiveFaible
103ArgumentxxxxpredictiveFaible
104Input Value"><xxxxxx>xxxxxx(x)</xxxxxx>predictiveÉlevé
105Input Value/../xxx/xxxxxxxxpredictiveÉlevé
PrécédentAperçuSuivant

Want to stay up to date on a daily basis?

Enable the mail alert feature now!