Settore Energy

Timeframe: -28 days

Default Categories (67): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Microsoft82
Apple62
Not Defined46
MediaTek38
Google34

Prodotto

Microsoft Windows60
Apple macOS58
Google Chrome34
MediaTek MT685328
MediaTek MT687328

Contromisure

Official Fix370
Temporary Fix0
Workaround0
Unavailable4
Not Defined116

Sfruttabilità

High0
Functional6
Proof-of-Concept44
Unproven60
Not Defined380

Accesso al vettore

Not Defined0
Physical12
Local164
Adjacent62
Network252

Autenticazione

Not Defined0
High62
Low242
None186

Interazione dell'utente

Not Defined0
Required132
None358

C3BM Index

CVSSv3 Base

≤10
≤20
≤322
≤448
≤570
≤6118
≤798
≤882
≤944
≤108

CVSSv3 Temp

≤10
≤20
≤324
≤480
≤570
≤6154
≤756
≤882
≤920
≤104

VulDB

≤10
≤20
≤328
≤450
≤5104
≤680
≤7104
≤882
≤934
≤108

NVD

≤1488
≤20
≤30
≤42
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1374
≤20
≤30
≤44
≤510
≤610
≤730
≤836
≤918
≤108

Fornitore

≤1428
≤20
≤30
≤40
≤50
≤60
≤718
≤820
≤918
≤106

Exploiter 0 giorni

<1k76
<2k98
<5k74
<10k64
<25k64
<50k86
<100k28
≥100k0

Exploiter aujourd'hui

<1k186
<2k76
<5k78
<10k54
<25k96
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en930
it22
de16
fr8
es8

Nazione

us174
gb70
it30
de20
fr14

Attori

B1txor201
Orchard1
Dealply1

Attività

Interesse

Sequenza temporale

Genere

Operating System44
Router Operating System22
Anti-Malware Software16
Chip Software14
Wireless LAN Software10

Fornitore

Apple28
Qualcomm14
Linux12
Netgear12
D-Link10

Prodotto

Apple macOS26
Qualcomm AR803514
Qualcomm QCA639114
Qualcomm QCA808114
Qualcomm QCA833714

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConCTIEPSSCVE
1Zhong Bang CRMEB Java list getAdminList sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined5.230.00063CVE-2023-1608
2zwczou WeChat SDK Python to_xml XML External Entity6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix2.650.00063CVE-2018-25082
3SNIProxy Wildcard Backend Host buffer overflow8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.57+0.00000CVE-2023-25076
4IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.260.00064CVE-2023-1646
5Infoline Project Management System escalazione di privilegi6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.54+0.00000CVE-2023-1725
6IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.160.00045CVE-2023-1643
7DriverGenius IOCTL mydrivers64.sys 0x9c402084 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.570.00045CVE-2023-1677
8IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.160.00045CVE-2023-1644
9IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.260.00045CVE-2023-1645
10grinnellplans-php read.php interface_disp_page sql injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix1.160.00045CVE-2015-10097
11Ubiquiti EdgeRouter X NAT Configuration escalazione di privilegi [Contestazione]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.250.00043CVE-2023-1456
12D-Link DIR-3040 MiniDLNA Service buffer overflow8.88.6$5k-$25k$5k-$25kNot DefinedNot Defined0.960.00000CVE-2022-43648
13DriverGenius IOCTL mydrivers64.sys 0x9C402088 buffer overflow7.87.1$0-$5k$0-$5kProof-of-ConceptNot Defined1.500.00045CVE-2023-1676
14Ubiquiti EdgeRouter X OSPF escalazione di privilegi [Contestazione]7.26.5$0-$5k$0-$5kProof-of-ConceptNot Defined1.240.00043CVE-2023-1458
15DriverGenius IOCTL mydrivers64.sys 0x9C40A0E0 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.560.00045CVE-2023-1678
16IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.090.00045CVE-2023-1642
17JiangMin Antivirus IOCTL kvcore.sys 0x222010 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.150.00045CVE-2023-1629
18Jianming Antivirus IoControlCode kvcore.sys buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.160.00045CVE-2023-1626
19DriverGenius IOCTL mydrivers64.sys 0x9C40A108 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.490.00045CVE-2023-1679
20Zhong Bang CRMEB Java save cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined3.120.00051CVE-2023-1609

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
145.61.185.0/24B1txor20predictiveAlto
2XX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
3XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CWE-22, CWE-23Pathname TraversalpredictiveAlto
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CWE-74InjectionpredictiveAlto
4T1059CWE-88, CWE-94Cross Site ScriptingpredictiveAlto
5TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveAlto
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveAlto
9TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
10TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
11TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
12TXXXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveAlto
13TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
15TXXXX.XXXCWE-XXXXxxxxxxxpredictiveAlto
16TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveAlto
17TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveAlto
18TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (87)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/api/admin/store/product/listpredictiveAlto
2File/api/admin/store/product/savepredictiveAlto
3File/api/admin/system/store/order/listpredictiveAlto
4File/api/admin/user/listpredictiveAlto
5File/batm/app/admin/standalone/deploymentspredictiveAlto
6File/bookstore/bookPerPub.phppredictiveAlto
7File/dev/infiniband/rdma_cmpredictiveAlto
8File/tmp/mulipartFilepredictiveAlto
9Filearch/x86/kvm/x86.cpredictiveAlto
10Filebugs.cpredictiveBasso
11FileC:\AdwCleaner\Logs\AdwCleaner_Debug.logpredictiveAlto
12Filecircleinfo.txtpredictiveAlto
13Filexxxxxxx/xxxxxxxxxx.xxpredictiveAlto
14Filexxxxxx.xxxpredictiveMedia
15Filexxxxxx/xxxx/xxxx_xxx.xpredictiveAlto
16Filexxxxxxx/xxx/xxx-xxxx.xpredictiveAlto
17Filexxxxxxx/xxx/xxx-xxxx.xpredictiveAlto
18Filexxxxxxx/xxx/xxx.xpredictiveAlto
19Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveAlto
20Filexxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx_xxx.xpredictiveAlto
21Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveAlto
22Filexx/xxxx/xxxxxxx.xpredictiveAlto
23Filexx/xxxx/xxxxxxxx.xpredictiveAlto
24Filexx/xxxxx/xxxxx.xpredictiveAlto
25Filexx/xxxxx/xxxxxx.xpredictiveAlto
26Filexx/xxxxxxxxx/xxxx_xx.xpredictiveAlto
27Filexx/xxx/xxxxx.xpredictiveAlto
28Filexx_xxxxx/xxxxxxxxx.xpredictiveAlto
29Filexxxxxx/xxxxx/xx.xpredictiveAlto
30Filexxx.xxxpredictiveBasso
31Filexxxxxxxxxxxxx.xxpredictiveAlto
32Filexxxxxxxxxxxx.xxxpredictiveAlto
33Filexxxxxxx_xxx.xxxpredictiveAlto
34Filexxx/xxxxxxxxx/xxx_xxxx.xpredictiveAlto
35Filexxx/xxx/xxxxxxx.xpredictiveAlto
36Filexxx/xxxx/xxxx.xpredictiveAlto
37Filexxx/xxxx/xxxxxx.xpredictiveAlto
38Filexxx/xxx/xxx_xxxx.xpredictiveAlto
39Filexxx/xxx/xxx_xx.xpredictiveAlto
40Filexxxx.xxxpredictiveMedia
41Filexxxx.xxxpredictiveMedia
42Filexxxxxxxxxx_xxxxxxx.xxxpredictiveAlto
43Filexxxxxx/xxxxxxxxx.xxxpredictiveAlto
44Filexxx_xxxxx.xpredictiveMedia
45Filexxxxxxxxxx.xxxpredictiveAlto
46Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveAlto
47Filexxxxxx.xxxpredictiveMedia
48Filexxx/xxxxx/xxx.xpredictiveAlto
49Libraryxxxxxx.xxxpredictiveMedia
50Libraryxxxxxxxxxxxxxxxx.xxxpredictiveAlto
51Libraryxxxxxxxxxxxxxx.xxxpredictiveAlto
52Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
53Libraryxxxxxx.xxxpredictiveMedia
54Libraryxxx/xxxxxx.xpredictiveMedia
55Libraryxxx/xxx_xxx.xpredictiveAlto
56Libraryxxxxxxxxxxx.xxxpredictiveAlto
57Libraryxxxxxxxxx.xxxpredictiveAlto
58Libraryxxxxxxxxxxxxxx.xxxpredictiveAlto
59Libraryxxxxxxxxxxx.xxxpredictiveAlto
60Libraryxxxxxx.xxpredictiveMedia
61Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
62Libraryxxxxxxxx.xxxpredictiveMedia
63Libraryxxxx-xxxxxx.xxxpredictiveAlto
64Argumentxxxxx xxxxpredictiveMedia
65Argumentxxx_xxxxx[]/xxx_xxxxx[]predictiveAlto
66ArgumentxxxxpredictiveBasso
67ArgumentxxxxpredictiveBasso
68ArgumentxxxxxxpredictiveBasso
69ArgumentxxxxxxxpredictiveBasso
70ArgumentxxxxxxxxxxxxxpredictiveAlto
71ArgumentxxxxxxxxpredictiveMedia
72ArgumentxxxxxxxxpredictiveMedia
73ArgumentxxxpredictiveBasso
74ArgumentxxxxxxxxxxxxxxpredictiveAlto
75Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveAlto
76Argumentxxx_xxx_xxxpredictiveMedia
77ArgumentxxxxxxxxxxxxxxxxxpredictiveAlto
78Argumentxxxx/xxxxxpredictiveMedia
79Argumentxxxx-xxx-xxxxxxxxxpredictiveAlto
80ArgumentxxxxxxxxpredictiveMedia
81Argumentxxxx_xxxxpredictiveMedia
82Argumentxxxxxx_xxxxpredictiveMedia
83Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveAlto
84ArgumentxxxxxxpredictiveBasso
85ArgumentxxxxxxxxxxxxpredictiveMedia
86ArgumentxxxpredictiveBasso
87Argumentxxxx xxxxpredictiveMedia
PrecedenteVisione d'insiemeIl prossimo

Do you know our Splunk app?

Download it now for free!