Settore Chemical

Timeframe: -28 days

Default Categories (89): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Automation Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Chat Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Data Loss Prevention Software, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Product Lifecycle Management Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, SCADA Software, Security Testing Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Testing Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Not Defined86
Microsoft84
Apple56
Google40
MediaTek30

Prodotto

Microsoft Windows56
Apple macOS52
Google Chrome40
Linux Kernel28
MediaTek MT689524

Contromisure

Official Fix438
Temporary Fix0
Workaround2
Unavailable4
Not Defined140

Sfruttabilità

High0
Functional2
Proof-of-Concept48
Unproven66
Not Defined468

Accesso al vettore

Not Defined0
Physical6
Local170
Adjacent84
Network324

Autenticazione

Not Defined0
High72
Low284
None228

Interazione dell'utente

Not Defined0
Required182
None402

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤458
≤592
≤6150
≤7136
≤874
≤948
≤1010

CVSSv3 Temp

≤10
≤20
≤320
≤484
≤5106
≤6192
≤768
≤884
≤924
≤106

VulDB

≤10
≤20
≤336
≤462
≤5128
≤6100
≤7134
≤880
≤936
≤108

NVD

≤1580
≤20
≤30
≤42
≤50
≤60
≤70
≤80
≤92
≤100

CNA

≤1398
≤20
≤36
≤40
≤516
≤628
≤736
≤854
≤930
≤1016

Fornitore

≤1516
≤20
≤30
≤40
≤52
≤64
≤720
≤816
≤920
≤106

Exploiter 0 giorni

<1k76
<2k142
<5k78
<10k98
<25k78
<50k88
<100k24
≥100k0

Exploiter aujourd'hui

<1k236
<2k76
<5k120
<10k54
<25k98
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en924
de20
fr14
es12
it12

Nazione

us138
it42
de20
gb18
fr14

Attori

Carbanak1
Naikon1

Attività

Interesse

Sequenza temporale

Genere

Anti-Malware Software30
Operating System22
Router Operating System16
Wireless LAN Software10
Firewall Software6

Fornitore

Not Defined12
IObit12
Apple10
Netgear10
Microsoft10

Prodotto

IObit Malware Fighter12
Apple macOS10
Netgear R6700v310
Linux Kernel8
JiangMin Antivirus6

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConCTIEPSSCVE
1Zhong Bang CRMEB Java list getAdminList sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined5.240.00063CVE-2023-1608
2zwczou WeChat SDK Python to_xml XML External Entity6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix2.610.00063CVE-2018-25082
3KMPlayer SHFOLDER.dll escalazione di privilegi5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.89+0.00000CVE-2023-1745
4Zoho ManageEngine OpManager XML File XML External Entity5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.61+0.00000CVE-2022-43473
5SNIProxy Wildcard Backend Host buffer overflow8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.56+0.00000CVE-2023-25076
6DriverGenius IOCTL mydrivers64.sys 0x9c402084 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.620.00045CVE-2023-1677
7Infoline Project Management System escalazione di privilegi6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.53+0.00000CVE-2023-1725
8IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.310.00064CVE-2023-1646
9DriverGenius IOCTL mydrivers64.sys 0x9C402088 buffer overflow7.87.1$0-$5k$0-$5kProof-of-ConceptNot Defined1.550.00045CVE-2023-1676
10IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.310.00045CVE-2023-1645
11IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.210.00045CVE-2023-1644
12IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.210.00045CVE-2023-1643
13IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.190.00045CVE-2023-1642
14SourceCodester Medical Certificate Generator App action.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.220.00055CVE-2023-1566
15Ubiquiti EdgeRouter X Static Routing Configuration escalazione di privilegi [Contestazione]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.090.00043CVE-2023-1457
16DriverGenius IOCTL mydrivers64.sys 0x9C40A108 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.500.00045CVE-2023-1679
17IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.090.00045CVE-2023-1640
18Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 escalazione di privilegi4.44.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.160.00042CVE-2023-1453
19IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222018 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.140.00045CVE-2023-1641
20Ubiquiti EdgeRouter X NAT Configuration escalazione di privilegi [Contestazione]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.210.00043CVE-2023-1456

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
154.213.123.0/24DealplypredictiveAlto
2XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
3XXX.XXX.XX.X/XXXxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CWE-22, CWE-23, CWE-25Pathname TraversalpredictiveAlto
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CWE-74InjectionpredictiveAlto
4T1059CWE-88, CWE-94Cross Site ScriptingpredictiveAlto
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveAlto
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
11TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
13TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
14TXXXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveAlto
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
17TXXXX.XXXCWE-XXXXxxxxxxxpredictiveAlto
18TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveAlto
19TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveAlto
20TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveAlto
21TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (105)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/ajax/update_certificatepredictiveAlto
2File/api/admin/store/product/listpredictiveAlto
3File/api/admin/store/product/savepredictiveAlto
4File/api/admin/system/store/order/listpredictiveAlto
5File/api/admin/user/listpredictiveAlto
6File/batm/app/admin/standalone/deploymentspredictiveAlto
7File/bookstore/bookPerPub.phppredictiveAlto
8File/dev/infiniband/rdma_cmpredictiveAlto
9File/tmppredictiveBasso
10File/tmp/mulipartFilepredictiveAlto
11Fileaction.phppredictiveMedia
12Filearch/x86/kvm/x86.cpredictiveAlto
13Filebirthing_print.phppredictiveAlto
14Filebugs.cpredictiveBasso
15Filex:\xxxxxxxxxx\xxxx\xxxxxxxxxx_xxxxx.xxxpredictiveAlto
16Filexxxxxxxxxx.xxxpredictiveAlto
17Filexxxxxxx/xxxxxxxxxx.xxpredictiveAlto
18Filexxxxxx.xxxpredictiveMedia
19Filexxxxxx/xxxx/xxxx_xxx.xpredictiveAlto
20Filexxxxxxx/xxx/xxx-xxxx.xpredictiveAlto
21Filexxxxxxx/xxx/xxx-xxxx.xpredictiveAlto
22Filexxxxxxx/xxx/xxx.xpredictiveAlto
23Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveAlto
24Filexxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx_xxx.xpredictiveAlto
25Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveAlto
26Filexx/xxxx/xxxxxxx.xpredictiveAlto
27Filexx/xxxx/xxxxxxxx.xpredictiveAlto
28Filexx/xxxxx/xxxxx.xpredictiveAlto
29Filexx/xxxxx/xxxxxx.xpredictiveAlto
30Filexx/xxxxxxxxx/xxxx_xx.xpredictiveAlto
31Filexxxxxxxxxx_xxxxx.xxxpredictiveAlto
32Filexx/xxx/xxxxx.xpredictiveAlto
33Filexx_xxxxx/xxxxxxxxx.xpredictiveAlto
34Filexxxxxx/xxxxx/xx.xpredictiveAlto
35Filexxx.xxxpredictiveBasso
36Filexxxxxxxxxxxxx.xxpredictiveAlto
37Filexxxxx.xxxpredictiveMedia
38Filexxxxx_xxxx.xxxxxpredictiveAlto
39Filexxxxx_xxxxx_xxxxxxx.xxxxxpredictiveAlto
40Filexxxxx_xxxxxx.xxxxxpredictiveAlto
41Filexxxxxxxxxxxx.xxxpredictiveAlto
42Filexxxxxxx_xxx.xxxpredictiveAlto
43Filexxx/xxxxxxxxx/xxx_xxxx.xpredictiveAlto
44Filexxx/xxx/xxxxxxx.xpredictiveAlto
45Filexxx/xxxx/xxxx.xpredictiveAlto
46Filexxx/xxxx/xxxxxx.xpredictiveAlto
47Filexxx/xxx/xxx_xxxx.xpredictiveAlto
48Filexxx/xxx/xxx_xx.xpredictiveAlto
49Filexxxxxxx-xxxxxx.xxxpredictiveAlto
50Filexxxx.xxxpredictiveMedia
51Filexxxx.xxxpredictiveMedia
52Filexxxxxxxxxx_xxxxxxx.xxxpredictiveAlto
53Filexxxxxx/xxxxxxxxx.xxxpredictiveAlto
54Filexxx_xxxxx.xpredictiveMedia
55Filexxxxxxxxxx.xxxpredictiveAlto
56Filexxxxx/xxxxxx.xpredictiveAlto
57Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveAlto
58Filexxxxxx.xxxpredictiveMedia
59Filexxx/xxxxx/xxx.xpredictiveAlto
60Libraryxxxxxx.xxxpredictiveMedia
61Libraryxxxxxxxxxxxxxxxx.xxxpredictiveAlto
62Libraryxxxxxxxxxxxxxx.xxxpredictiveAlto
63Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
64Libraryxxxxxx.xxxpredictiveMedia
65Libraryxxx/xxxxxx.xpredictiveMedia
66Libraryxxx/xxx_xxx.xpredictiveAlto
67Libraryxxxxxxxxxxx.xxxpredictiveAlto
68Libraryxxxxxxxxx.xxxpredictiveAlto
69Libraryxxxxxxxxxxxxxx.xxxpredictiveAlto
70Libraryxxxxxxxxxxx.xxxpredictiveAlto
71Libraryxxxxxx.xxpredictiveMedia
72Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
73Libraryxxx.xxxpredictiveBasso
74Libraryxxxxxxxx.xxxpredictiveMedia
75Libraryxxxxxxxx.xxxpredictiveMedia
76Libraryxxxx-xxxxxx.xxxpredictiveAlto
77Argumentxxxxx xxxxpredictiveMedia
78Argumentxxx_xxxxx[]/xxx_xxxxx[]predictiveAlto
79ArgumentxxxxpredictiveBasso
80ArgumentxxxxpredictiveBasso
81Argumentxxxxx_xxpredictiveMedia
82ArgumentxxxxxxpredictiveBasso
83ArgumentxxxxxxxpredictiveBasso
84ArgumentxxxxxxxxxxxxxpredictiveAlto
85Argumentxxx_xxpredictiveBasso
86ArgumentxxpredictiveBasso
87ArgumentxxxxxxxxpredictiveMedia
88ArgumentxxxxxxxxpredictiveMedia
89ArgumentxxxpredictiveBasso
90ArgumentxxxxxxxxxxxxxxpredictiveAlto
91Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveAlto
92Argumentxxx_xxx_xxxpredictiveMedia
93ArgumentxxxxxxxxxxxxxxxxxpredictiveAlto
94Argumentxxxx/xxxxxpredictiveMedia
95Argumentxxxx-xxx-xxxxxxxxxpredictiveAlto
96ArgumentxxxxxxxxpredictiveMedia
97Argumentxxxx_xxxxpredictiveMedia
98Argumentxxxxxx_xxxxpredictiveMedia
99Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveAlto
100ArgumentxxxxxxxxxxpredictiveMedia
101ArgumentxxxxxxpredictiveBasso
102ArgumentxxxxxxxxxxxxpredictiveMedia
103ArgumentxxxpredictiveBasso
104Argumentxxxx xxxxpredictiveMedia
105ArgumentxxxxxxxxpredictiveMedia
PrecedenteVisione d'insiemeIl prossimo

Interested in the pricing of exploits?

See the underground prices here!