Secteur Industry

Timeframe: -28 days

Default Categories (66): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Chronologie

Fournisseur

Microsoft90
Apple56
Not Defined50
Linux30
MediaTek28

Produit

Microsoft Windows54
Apple macOS50
Linux Kernel30
Google Chrome28
MediaTek MT689526

Contre-mesures

Official Fix390
Temporary Fix0
Workaround0
Unavailable4
Not Defined108

Exploitabilité

High0
Functional4
Proof-of-Concept52
Unproven66
Not Defined380

Vecteur d'accès

Not Defined0
Physical6
Local174
Adjacent76
Network246

Authentification

Not Defined0
High50
Low258
None194

Interaction de l'utilisateur

Not Defined0
Required144
None358

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤450
≤572
≤6142
≤7102
≤866
≤940
≤1014

CVSSv3 Temp

≤10
≤20
≤320
≤470
≤5102
≤6160
≤756
≤864
≤916
≤1014

VulDB

≤10
≤20
≤320
≤446
≤5116
≤6108
≤798
≤870
≤932
≤1012

NVD

≤1500
≤20
≤30
≤42
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1392
≤20
≤34
≤44
≤54
≤64
≤726
≤834
≤916
≤1018

Fournisseur

≤1434
≤20
≤30
≤40
≤50
≤66
≤724
≤822
≤916
≤100

Exploiter 0 jour

<1k66
<2k106
<5k76
<10k78
<25k70
<50k88
<100k18
≥100k0

Exploiter aujourd'hui

<1k190
<2k80
<5k98
<10k52
<25k82
<50k0
<100k0
≥100k0

Exploiter le volume du marché

IOB - Indicator of Behavior (1000)

Chronologie

Langue

en888
fr26
es24
it24
de22

De campagne

us122
gb66
it48
fr32
hu28

Acteurs

Dealply1
Tofsee1

Activités

Intérêt

Chronologie

Taper

Operating System50
Anti-Malware Software32
Router Operating System20
Web Browser10
Chip Software10

Fournisseur

Apple32
Microsoft16
Not Defined12
Qualcomm10
IObit10

Produit

Apple macOS30
Microsoft Windows12
Qualcomm AR803510
Qualcomm QCA639110
Qualcomm QCA808110

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConCTIEPSSCVE
1IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.240.00064CVE-2023-1646
2Zoho ManageEngine OpManager XML File XML External Entity5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.62+0.00000CVE-2022-43473
3DriverGenius IOCTL mydrivers64.sys 0x9c402084 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.550.00045CVE-2023-1677
4IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.240.00045CVE-2023-1645
5IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.140.00045CVE-2023-1644
6IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.140.00045CVE-2023-1643
7DriverGenius IOCTL mydrivers64.sys 0x9C40A0E0 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.570.00045CVE-2023-1678
8SNIProxy Wildcard Backend Host buffer overflow8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.57+0.00000CVE-2023-25076
9IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.110.00045CVE-2023-1642
10DriverGenius IOCTL mydrivers64.sys 0x9C402088 buffer overflow7.87.1$0-$5k$0-$5kProof-of-ConceptNot Defined1.520.00045CVE-2023-1676
11Infoline Project Management System elévation de privilèges6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.54+0.00000CVE-2023-1725
12Ubiquiti EdgeRouter X NAT Configuration elévation de privilèges [Contesté]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.250.00043CVE-2023-1456
13Ubiquiti EdgeRouter X Static Routing Configuration elévation de privilèges [Contesté]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.060.00043CVE-2023-1457
14DriverGenius IOCTL mydrivers64.sys 0x9C40A108 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.530.00045CVE-2023-1679
15JiangMin Antivirus IOCTL kvcore.sys 0x222010 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.150.00045CVE-2023-1629
16Jianming Antivirus IoControlCode kvcore.sys buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.160.00045CVE-2023-1626
17JiangMin Antivirus IOCTL kvcore.sys 0x222010 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.080.00045CVE-2023-1631
18Microsoft Windows ICMP Remote Code Execution9.88.5$25k-$100k$5k-$25kUnprovenOfficial Fix1.190.01074CVE-2023-23415
19IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222018 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.070.00045CVE-2023-1641
20Ubiquiti EdgeRouter X OSPF elévation de privilèges [Contesté]7.26.5$0-$5k$0-$5kProof-of-ConceptNot Defined1.240.00043CVE-2023-1458

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActeurTaperConfiance
145.61.185.0/24B1txor20predictiveÉlevé
2XX.XXX.XXX.X/XXXxxxxxxpredictiveÉlevé
3XX.XX.XXX.X/XXXxxxxxxxpredictiveÉlevé
4XXX.XX.XX.X/XXXxxxxxpredictiveÉlevé
5XXX.XXX.XX.X/XXXxxxxxpredictiveÉlevé

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CWE-22, CWE-23Pathname TraversalpredictiveÉlevé
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveÉlevé
3T1055CWE-74InjectionpredictiveÉlevé
4T1059CWE-88, CWE-94Cross Site ScriptingpredictiveÉlevé
5TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveÉlevé
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveÉlevé
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveÉlevé
9TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveÉlevé
10TXXXXCWE-XXXxx XxxxxxxxxpredictiveÉlevé
11TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveÉlevé
12TXXXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveÉlevé
13TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
15TXXXX.XXXCWE-XXXXxxxxxxxpredictiveÉlevé
16TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveÉlevé
17TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveÉlevé
18TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveÉlevé

IOA - Indicator of Attack (85)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/ajax/update_certificatepredictiveÉlevé
2File/batm/app/admin/standalone/deploymentspredictiveÉlevé
3File/bookstore/bookPerPub.phppredictiveÉlevé
4File/dev/infiniband/rdma_cmpredictiveÉlevé
5File/tmppredictiveFaible
6File/tmp/mulipartFilepredictiveÉlevé
7Filearch/x86/kvm/x86.cpredictiveÉlevé
8Filebugs.cpredictiveFaible
9FileC:\AdwCleaner\Logs\AdwCleaner_Debug.logpredictiveÉlevé
10Filecircleinfo.txtpredictiveÉlevé
11FileClasses/RestClient.cspredictiveÉlevé
12Fileconfig.xmlpredictiveMoyen
13Filexxxxxx/xxxx/xxxx_xxx.xpredictiveÉlevé
14Filexxxxxxx/xxx/xxx-xxxx.xpredictiveÉlevé
15Filexxxxxxx/xxx/xxx-xxxx.xpredictiveÉlevé
16Filexxxxxxx/xxx/xxx.xpredictiveÉlevé
17Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveÉlevé
18Filexxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx_xxx.xpredictiveÉlevé
19Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveÉlevé
20Filexx/xxxx/xxxxxxx.xpredictiveÉlevé
21Filexx/xxxx/xxxxxxxx.xpredictiveÉlevé
22Filexx/xxxxx/xxxxx.xpredictiveÉlevé
23Filexx/xxxxx/xxxxxx.xpredictiveÉlevé
24Filexx/xxxxxxxxx/xxxx_xx.xpredictiveÉlevé
25Filexx/xxx/xxxxx.xpredictiveÉlevé
26Filexx_xxxxx/xxxxxxxxx.xpredictiveÉlevé
27Filexxxxxx/xxxxx/xx.xpredictiveÉlevé
28Filexxx.xxxpredictiveFaible
29Filexxxxxxxxxxxxx.xxpredictiveÉlevé
30Filexxxxx_xxxx.xxxxxpredictiveÉlevé
31Filexxxxx_xxxxx_xxxxxxx.xxxxxpredictiveÉlevé
32Filexxxxx_xxxxxx.xxxxxpredictiveÉlevé
33Filexxxxxxxxxxxx.xxxpredictiveÉlevé
34Filexxxxxxx_xxx.xxxpredictiveÉlevé
35Filexxx/xxxxxxxxx/xxx_xxxx.xpredictiveÉlevé
36Filexxx/xxx/xxxxxxx.xpredictiveÉlevé
37Filexxx/xxxx/xxxx.xpredictiveÉlevé
38Filexxx/xxxx/xxxxxx.xpredictiveÉlevé
39Filexxx/xxx/xxx_xxxx.xpredictiveÉlevé
40Filexxx/xxx/xxx_xx.xpredictiveÉlevé
41Filexxxx.xxxpredictiveMoyen
42Filexxxxxxxxxx_xxxxxxx.xxxpredictiveÉlevé
43Filexxxxxx/xxxxxxxxx.xxxpredictiveÉlevé
44Filexxx_xxxxx.xpredictiveMoyen
45Filexxxxxxxxxx.xxxpredictiveÉlevé
46Filexxxxx/xxxxxx.xpredictiveÉlevé
47Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveÉlevé
48Filexxxxxx.xxxpredictiveMoyen
49Filexxx/xxxxx/xxx.xpredictiveÉlevé
50Libraryxxxxxx.xxxpredictiveMoyen
51Libraryxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
52Libraryxxxxxxxxxxxxxx.xxxpredictiveÉlevé
53Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
54Libraryxxxxxx.xxxpredictiveMoyen
55Libraryxxx/xxxxxx.xpredictiveMoyen
56Libraryxxx/xxx_xxx.xpredictiveÉlevé
57Libraryxxxxxxxxxxx.xxxpredictiveÉlevé
58Libraryxxxxxxxxx.xxxpredictiveÉlevé
59Libraryxxxxxxxxxxxxxx.xxxpredictiveÉlevé
60Libraryxxxxxxxxxxx.xxxpredictiveÉlevé
61Libraryxxxxxx.xxpredictiveMoyen
62Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
63Libraryxxx.xxxpredictiveFaible
64Libraryxxxxxxxx.xxxpredictiveMoyen
65Libraryxxxx-xxxxxx.xxxpredictiveÉlevé
66Argumentxxx_xxxxx[]/xxx_xxxxx[]predictiveÉlevé
67ArgumentxxxxpredictiveFaible
68ArgumentxxxxpredictiveFaible
69ArgumentxxxxxxxpredictiveFaible
70ArgumentxxxxxxxxxxxxxpredictiveÉlevé
71ArgumentxxxxxxxxpredictiveMoyen
72ArgumentxxxpredictiveFaible
73ArgumentxxxxxxxxxxxxxxpredictiveÉlevé
74Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveÉlevé
75Argumentxxx_xxx_xxxpredictiveMoyen
76ArgumentxxxxxxxxxxxxxxxxxpredictiveÉlevé
77Argumentxxxx/xxxxxpredictiveMoyen
78Argumentxxxx-xxx-xxxxxxxxxpredictiveÉlevé
79ArgumentxxxxxxxxpredictiveMoyen
80Argumentxxxx_xxxxpredictiveMoyen
81Argumentxxxxxx_xxxxpredictiveMoyen
82Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveÉlevé
83ArgumentxxxxxxpredictiveFaible
84ArgumentxxxxxxxxxxxxpredictiveMoyen
85ArgumentxxxpredictiveFaible
PrécédentAperçuSuivant

Want to stay up to date on a daily basis?

Enable the mail alert feature now!