Settore Energyinfo

Timeframe: -28 days

Default Categories (67): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Prodotto

Linux Kernel414
Microsoft Windows84
Apple macOS58
Tungsten Automation Power PDF40
Juniper Junos OS Evolved20

Contromisure

Official Fix954
Temporary Fix0
Workaround2
Unavailable0
Not Defined180

Sfruttabilità

High4
Functional0
Proof-of-Concept64
Unproven100
Not Defined968

Accesso al vettore

Not Defined0
Physical10
Local160
Adjacent480
Network486

Autenticazione

Not Defined0
High104
Low714
None318

Interazione dell'utente

Not Defined0
Required186
None950

C3BM Index

CVSSv3 Base

≤10
≤20
≤326
≤450
≤5202
≤6346
≤7200
≤8262
≤936
≤1014

CVSSv3 Temp

≤10
≤20
≤330
≤464
≤5232
≤6388
≤7184
≤8194
≤932
≤1012

VulDB

≤10
≤20
≤362
≤482
≤5238
≤6278
≤7202
≤8226
≤934
≤1014

NVD

≤1774
≤20
≤30
≤40
≤516
≤6202
≤712
≤8104
≤922
≤106

CNA

≤1726
≤22
≤38
≤48
≤542
≤668
≤794
≤8104
≤962
≤1022

Fornitore

≤11036
≤20
≤30
≤40
≤52
≤610
≤732
≤844
≤910
≤102

Exploiter 0 giorni

<1k66
<2k116
<5k420
<10k124
<25k286
<50k58
<100k58
≥100k8

Exploiter aujourd'hui

<1k490
<2k210
<5k184
<10k164
<25k80
<50k8
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en942
de18
fr16
es8
zh8

Nazione

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

code-projects Pharmacy Management System20
MediaTek MT676512
MediaTek MT676812
MediaTek MT68338
MediaTek MT68538

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1code-projects University Event Management System dodelete.php sql injection7.26.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000002.60CVE-2024-10760
2code-projects E-Health Care System consulting_detail.php sql injection7.26.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.24CVE-2024-10740
3code-projects E-Health Care System registration.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.16CVE-2024-10741
4code-projects E-Health Care System adminlogin.php sql injection7.97.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.06CVE-2024-10739
5code-projects Wazifa System control.php sql injection7.26.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.47CVE-2024-10742
6itsourcecode Tailoring Management System Project typeadd.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.02CVE-2024-10609
7Project Worlds Life Insurance Management System editPayment.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.08CVE-2024-10734
8code-projects University Event Management System submit.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.09CVE-2024-10700
9Project Worlds Life Insurance Management System editNominee.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.03CVE-2024-10735
10code-projects Wazifa System logincontrol.php sql injection7.97.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.08CVE-2024-10699
11code-projects Simple Car Rental System signup.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.08CVE-2024-10702
12MediaTek MT8798 KeyInstall buffer overflow4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.49+CVE-2024-20121
13MediaTek MT8798 buffer overflow4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.49+CVE-2024-20120
14MediaTek MT8792 Mms buffer overflow4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.42+CVE-2024-20118
15MediaTek MT8676 Mms buffer overflow4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.31+CVE-2024-20119
16code-projects Courier Management System track-result.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.42CVE-2024-10607
17code-projects Courier Management System login.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.45CVE-2024-10608
18MediaTek MT8195 Ccu buffer overflow4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.24+CVE-2024-20115
19Project Worlds Simple Web-Based Chat Application index.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001380.35CVE-2024-10432
20code-projects Pharmacy Management System add_new_medicine.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.001720.28CVE-2024-10023

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
15.255.120.0/24IcedIDpredictiveAlto
223.129.64.0/24Prophet SpiderpredictiveAlto
3XX.XX.XX.X/XXXxxx XxxxxxpredictiveAlto
4XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
5XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
6XXX.XX.XX.X/XXXxxxx XxxpredictiveAlto
7XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveAlto
8XXX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
9XXX.XXX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
10XXX.XXX.XXX.X/XXXxxxxpredictiveAlto
11XXX.X.XXX.X/XXXxx XxxxxpredictiveAlto
12XXX.XXX.XXX.X/XXXxxxpredictiveAlto
13XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
14XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
15XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
16XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CAPEC-126CWE-22, CWE-23, CWE-25, CWE-36Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
8TXXXX.XXXCAPEC-XXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
9TXXXXCAPEC-XXXCWE-XX, CWE-XX, CWE-XXXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
10TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
11TXXXXCAPEC-XCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
12TXXXX.XXXCAPEC-XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveAlto
14TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
16TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
17TXXXXCAPEC-XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveAlto
18TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveAlto
20TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
21TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
22TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
23TXXXX.XXXCAPEC-XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
24TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto
25TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

This view requires CTI permissions

Just purchase a CTI license today!