Sektor Finance

Timeframe: -28 days

Default Categories (81): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Banking Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Data Loss Prevention Software, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Oś czasu

Sprzedawca

Google166
Not Defined94
Apple94
Microsoft88
Linux24

Produkt

Google Android138
Apple macOS62
Microsoft Windows48
Google Chrome28
Apple iOS28

Przeciwdziałanie

Official Fix560
Temporary Fix0
Workaround0
Unavailable4
Not Defined158

Wykorzystywanie

High0
Functional2
Proof-of-Concept62
Unproven62
Not Defined596

Wektor dostępu

Not Defined0
Physical8
Local296
Adjacent106
Network312

Uwierzytelnianie

Not Defined0
High100
Low408
None214

Interakcja z użytkownikiem

Not Defined0
Required174
None548

C3BM Index

CVSSv3 Base

≤10
≤20
≤340
≤486
≤5128
≤6242
≤7114
≤870
≤934
≤108

CVSSv3 Temp

≤10
≤20
≤344
≤4126
≤5130
≤6276
≤764
≤864
≤914
≤104

VulDB

≤10
≤20
≤354
≤494
≤5168
≤6186
≤7116
≤872
≤924
≤108

NVD

≤1720
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤92
≤100

CNA

≤1570
≤20
≤38
≤48
≤518
≤626
≤740
≤824
≤918
≤1010

Sprzedawca

≤1658
≤20
≤30
≤40
≤50
≤66
≤716
≤816
≤920
≤106

Exploit 0-day

<1k66
<2k136
<5k90
<10k136
<25k158
<50k110
<100k26
≥100k0

Wykorzystaj dzisiaj

<1k240
<2k124
<5k144
<10k106
<25k108
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

IOB - Indicator of Behavior (1000)

Oś czasu

Język

en936
it18
es10
fr10
de6

Kraj

us160
gb34
it32
de20
hu16

Aktorzy

Dealply1
Carbanak1
Naikon1
Qakbot1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Smartphone Operating System30
Anti-Malware Software30
Operating System28
Router Operating System10
Virtualization Software8

Sprzedawca

Apple28
Not Defined22
Microsoft14
IObit12
Google10

Produkt

Apple iOS20
Apple iPadOS20
IObit Malware Fighter12
Microsoft Windows12
Linux Kernel10

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Zhong Bang CRMEB Java list getAdminList sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined5.170.00063CVE-2023-1608
2zwczou WeChat SDK Python to_xml XML External Entity6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix2.630.00063CVE-2018-25082
3Zoho ManageEngine OpManager XML File XML External Entity5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.61+0.00000CVE-2022-43473
4SNIProxy Wildcard Backend Host memory corruption8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.56+0.00000CVE-2023-25076
5Infoline Project Management System privilege escalation6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.54+0.00000CVE-2023-1725
6IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 memory corruption5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.280.00064CVE-2023-1646
7DriverGenius IOCTL mydrivers64.sys 0x9c402084 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.590.00045CVE-2023-1677
8IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.280.00045CVE-2023-1645
9DriverGenius IOCTL mydrivers64.sys 0x9C40A0E0 memory corruption5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.610.00045CVE-2023-1678
10Ubiquiti EdgeRouter X Static Routing Configuration privilege escalation [Sporny]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.030.00043CVE-2023-1457
11IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.110.00045CVE-2023-1642
12IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.000.00045CVE-2023-1640
13Ubiquiti EdgeRouter X NAT Configuration privilege escalation [Sporny]7.26.5$0-$5k$0-$5kProof-of-ConceptUnavailable1.180.00043CVE-2023-1456
14DriverGenius IOCTL mydrivers64.sys 0x9C402088 memory corruption7.87.1$0-$5k$0-$5kProof-of-ConceptNot Defined1.520.00045CVE-2023-1676
15Filseclab Twister Antivirus IoControlCode fildds.sys 0x80112053 denial of service6.55.9$5k-$25k$0-$5kProof-of-ConceptNot Defined1.130.00254CVE-2023-1443
16grinnellplans-php read.php interface_disp_page sql injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix1.110.00045CVE-2015-10097
17JiangMin Antivirus IOCTL kvcore.sys 0x222010 memory corruption5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.130.00045CVE-2023-1629
18Max Secure Anti Virus Plus IoControlCode MaxProctetor64.sys 0x220019 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.060.00042CVE-2023-1493
19Jianming Antivirus IoControlCode kvcore.sys denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.020.00045CVE-2023-1627
20Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 denial of service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.100.00060CVE-2023-1446

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAktorRodzajPewność siebie
154.36.108.0/24QakbotpredictiveWysoki
2XX.XXX.XXX.X/XXXxxxxxxpredictiveWysoki
3XX.XX.XXX.X/XXXxxxxxxxpredictiveWysoki
4XXX.XXX.XX.X/XXXxxxxxpredictiveWysoki

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22, CWE-23, CWE-25Pathname TraversalpredictiveWysoki
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveWysoki
3T1055CWE-74InjectionpredictiveWysoki
4T1059CWE-88, CWE-94, CWE-1321Cross Site ScriptingpredictiveWysoki
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveWysoki
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveWysoki
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveWysoki
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveWysoki
10TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
11TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveWysoki
12TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveWysoki
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
15TXXXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveWysoki
16TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
17TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
18TXXXX.XXXCWE-XXXXxxxxxxxpredictiveWysoki
19TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveWysoki
20TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveWysoki
21TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveWysoki

IOA - Indicator of Attack (184)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/ajax/update_certificatepredictiveWysoki
2File/api/admin/store/product/listpredictiveWysoki
3File/api/admin/store/product/savepredictiveWysoki
4File/api/admin/system/store/order/listpredictiveWysoki
5File/api/admin/user/listpredictiveWysoki
6File/batm/app/admin/standalone/deploymentspredictiveWysoki
7File/bookstore/bookPerPub.phppredictiveWysoki
8File/dev/infiniband/rdma_cmpredictiveWysoki
9File/tmp/mulipartFilepredictiveWysoki
10Filea2dp_sbc.ccpredictiveMedium
11FileAccountTypePreference.javapredictiveWysoki
12Fileaidl_utils.ccpredictiveWysoki
13FileAppInfoDashboardFragment.javapredictiveWysoki
14Filearch/x86/kvm/x86.cpredictiveWysoki
15Fileavdt_scb_act.ccpredictiveWysoki
16FileBackupHelper.javapredictiveWysoki
17FileBitmapExport.javapredictiveWysoki
18Fileble_scanner_hci_interface.ccpredictiveWysoki
19FileBluetoothOppUtility.javapredictiveWysoki
20Filebluetooth_ccc.ccpredictiveWysoki
21Filebta_av_act.ccpredictiveWysoki
22Filebta_av_co.ccpredictiveMedium
23Filebta_gatts_api.ccpredictiveWysoki
24Filebtif_bqr.ccpredictiveMedium
25Filebtm_acl.ccpredictiveMedium
26Filexxx_xxx_xxx.xxpredictiveWysoki
27Filexxx_xxx_xxxxxxx.xxpredictiveWysoki
28Filexxx_xxxxxx.xxpredictiveWysoki
29Filexxx_xxx_xxxx.xpredictiveWysoki
30Filexxx_xxx.xxpredictiveMedium
31Filexxx_xxxx.xxpredictiveMedium
32Filexxxx.xpredictiveNiski
33Filexxxxxxxxxxxxxxxx.xxxpredictiveWysoki
34Filex:\xxxxxxxxxx\xxxx\xxxxxxxxxx_xxxxx.xxxpredictiveWysoki
35Filexxxxxx_xxxxxxxx.xpredictiveWysoki
36Filexxxxxxxxxx.xxxpredictiveWysoki
37Filexxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
38Filexxxxxx.xxxpredictiveMedium
39Filexxxxxx/xxxx/xxxx_xxx.xpredictiveWysoki
40Filexxxxxxx.xpredictiveMedium
41Filexxxxxxxxxxxxxxxx.xxxpredictiveWysoki
42Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
43Filexxx_xxxxxx.xpredictiveMedium
44Filexxx_xxx.xpredictiveMedium
45Filexxx.xpredictiveNiski
46Filexxxxxxx/xxx/xxx-xxxx.xpredictiveWysoki
47Filexxxxxxx/xxx/xxx-xxxx.xpredictiveWysoki
48Filexxxxxxx/xxx/xxx.xpredictiveWysoki
49Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveWysoki
50Filexxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx_xxx.xpredictiveWysoki
51Filexxxxxxxxx.xxxpredictiveWysoki
52Filexxxx-xxxxxx.xpredictiveWysoki
53Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveWysoki
54Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
55Filexxxxxxxxxxxxxxx.xxxpredictiveWysoki
56Filexxxxxxxxxxxx.xxxxpredictiveWysoki
57Filexxx.xpredictiveNiski
58Filexx/xxxx/xxxxxxx.xpredictiveWysoki
59Filexx/xxxx/xxxxxxxx.xpredictiveWysoki
60Filexx/xxxxx/xxxxx.xpredictiveWysoki
61Filexx/xxxxx/xxxxxx.xpredictiveWysoki
62Filexx/xxxxxxxxx/xxxx_xx.xpredictiveWysoki
63Filexxxx_xx.xxpredictiveMedium
64Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveWysoki
65Filexxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
66Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveWysoki
67Filexxxxxxx.xxxpredictiveMedium
68Filexx/xxx/xxxxx.xpredictiveWysoki
69Filexxxx.xxxpredictiveMedium
70Filexxxxxx_xxxxxxx.xpredictiveWysoki
71Filexxxxxxxxxx.xxxpredictiveWysoki
72Filexxxxxxx.xpredictiveMedium
73Filexxxxxxxxxxxx.xxxxpredictiveWysoki
74Filexx_xxxxx/xxxxxxxxx.xpredictiveWysoki
75Filexxxxxxxxx.xpredictiveMedium
76Filexxxxxx/xxxxx/xx.xpredictiveWysoki
77Filexxxxxxxx_xxx_xx.xxxpredictiveWysoki
78Filexxx.xxxpredictiveNiski
79Filexxxx_xxx_xxxxxx.xpredictiveWysoki
80Filexxxxxxxxxxxxx.xxpredictiveWysoki
81Filexxxxx_xxxx.xxxxxpredictiveWysoki
82Filexxxxx_xxxxx_xxxxxxx.xxxxxpredictiveWysoki
83Filexxxxx_xxxxxx.xxxxxpredictiveWysoki
84Filexxx_xxxxxxxxxx.xpredictiveWysoki
85Filexxx_xxxxxxxxxxxxx.xpredictiveWysoki
86Filexxxx_xxxxxx_xxx.xpredictiveWysoki
87Filexxxx.xpredictiveNiski
88Filexxxxxxxxxxxx.xxxpredictiveWysoki
89Filexxxxxxxxxx.xxxpredictiveWysoki
90Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
91Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
92Filexxxxxxxxxxx.xxxpredictiveWysoki
93Filexxxxxxxxxxxxxx.xxxpredictiveWysoki
94Filexxxxxxx_xxx.xxxpredictiveWysoki
95Filexxx.xxxpredictiveNiski
96Filexxx/xxxxxxxxx/xxx_xxxx.xpredictiveWysoki
97Filexxx/xxx/xxxxxxx.xpredictiveWysoki
98Filexxx/xxxx/xxxx.xpredictiveWysoki
99Filexxx/xxxx/xxxxxx.xpredictiveWysoki
100Filexxx/xxx/xxx_xxxx.xpredictiveWysoki
101Filexxx/xxx/xxx_xx.xpredictiveWysoki
102Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
103Filexxxxx.xxxxpredictiveMedium
104Filexxx_xxxxx.xxxpredictiveWysoki
105Filexxxxx_xxxx.xpredictiveMedium
106Filexxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
107Filexxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
108Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
109Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
110Filexxxx.xxxpredictiveMedium
111Filexxxx.xxxpredictiveMedium
112Filexxxxxxxxxx_xxxxxxx.xxxpredictiveWysoki
113Filexxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
114Filexxx_xxxxxxxx_xxxxxx.xxxpredictiveWysoki
115Filexxxx.xxxpredictiveMedium
116Filexxxxxx/xxxxxxxxx.xxxpredictiveWysoki
117Filexxx_xx.xxpredictiveMedium
118Filexxxxxxxxxxxxx.xxxpredictiveWysoki
119Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
120Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
121Filexxxxxx_xxx.xpredictiveMedium
122Filexxxxxxx.xxxpredictiveMedium
123Filexxx_xxxxxxxxxxxxx.xpredictiveWysoki
124Filexxx_xxxxxxxxxxxxxxx.xpredictiveWysoki
125Filexxx_xxxxxxxx.xpredictiveWysoki
126Filexxxxxxxxxxxx.xxxxpredictiveWysoki
127Filexxx/xxxxx.xxpredictiveMedium
128Filexxxxxxxxxxxxx.xxxpredictiveWysoki
129Filexxx_xxxxx.xpredictiveMedium
130Filexxxxxx.xpredictiveMedium
131Filexxxxx.xxxpredictiveMedium
132Filexxxx_xxxxxxx.xpredictiveWysoki
133Filexxxx_xxxxxxx.xpredictiveWysoki
134Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
135Filexxxxxxxxx.xxpredictiveMedium
136Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveWysoki
137Filexxxxxxxxxxx.xxxxpredictiveWysoki
138Filexxxxxxxxxxxxxxx.xxxxpredictiveWysoki
139Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
140Filexxxxxx.xxxpredictiveMedium
141Filexx_xxxxxxx.xpredictiveMedium
142Filexx_xxxx.xpredictiveMedium
143Filexxx/xxxxx/xxx.xpredictiveWysoki
144Libraryxxxxxx.xxxpredictiveMedium
145Libraryxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
146Libraryxxxxxxxxxxxxxx.xxxpredictiveWysoki
147Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
148Libraryxxxxxx.xxxpredictiveMedium
149Libraryxxx/xxxxxx.xpredictiveMedium
150Libraryxxx/xxx_xxx.xpredictiveWysoki
151Libraryxxxxxxxxxxx.xxxpredictiveWysoki
152Libraryxxxxxxxxx.xxxpredictiveWysoki
153Libraryxxxxxxxxxxxxxx.xxxpredictiveWysoki
154Libraryxxxxxxxxxxx.xxxpredictiveWysoki
155Libraryxxxxxx.xxpredictiveMedium
156Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
157Libraryxxxxxxxx.xxxpredictiveMedium
158Libraryxxxx-xxxxxx.xxxpredictiveWysoki
159Argumentxxxxx xxxxpredictiveMedium
160Argumentxxx_xxxxx[]/xxx_xxxxx[]predictiveWysoki
161ArgumentxxxxpredictiveNiski
162ArgumentxxxxpredictiveNiski
163ArgumentxxxxxxpredictiveNiski
164ArgumentxxxxxxxpredictiveNiski
165ArgumentxxxxxxxxxxxxxpredictiveWysoki
166ArgumentxxxxxpredictiveNiski
167ArgumentxxxxxxxxpredictiveMedium
168ArgumentxxxxxxxxpredictiveMedium
169ArgumentxxxpredictiveNiski
170ArgumentxxxxxxxxxxxxxxpredictiveWysoki
171Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveWysoki
172Argumentxxx_xxx_xxxpredictiveMedium
173ArgumentxxxxxxxxxxxxxxxxxpredictiveWysoki
174Argumentxxxx/xxxxxpredictiveMedium
175Argumentxxxx-xxx-xxxxxxxxxpredictiveWysoki
176ArgumentxxxxxxxxpredictiveMedium
177Argumentxxxx_xxxxpredictiveMedium
178Argumentxxxxxxxxxxx/xxxxx_xxxxxxx/xxxxxxxxpredictiveWysoki
179Argumentxxxxxx_xxxxpredictiveMedium
180Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveWysoki
181ArgumentxxxxxxpredictiveNiski
182ArgumentxxxxxxxxxxxxpredictiveMedium
183ArgumentxxxpredictiveNiski
184Argumentxxxx xxxxpredictiveMedium
PoprzedniPrzeglądKolejny

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!