Sektor Government

Timeframe: -28 days

Default Categories (63): Access Management Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Server Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Oś czasu

Sprzedawca

Linux164
Apple82
Microsoft60
Foxit40
Cisco34

Produkt

Linux Kernel164
Apple macOS76
Foxit PDF Reader40
Microsoft Windows40
Cisco IOS XE18

Przeciwdziałanie

Official Fix494
Temporary Fix0
Workaround0
Unavailable0
Not Defined102

Wykorzystywanie

High0
Functional0
Proof-of-Concept20
Unproven50
Not Defined526

Wektor dostępu

Not Defined0
Physical4
Local108
Adjacent202
Network282

Uwierzytelnianie

Not Defined0
High30
Low334
None232

Interakcja z użytkownikiem

Not Defined0
Required170
None426

C3BM Index

CVSSv3 Base

≤10
≤20
≤320
≤456
≤5110
≤6210
≤794
≤862
≤938
≤106

CVSSv3 Temp

≤10
≤20
≤324
≤458
≤5114
≤6270
≤750
≤854
≤920
≤106

VulDB

≤10
≤20
≤330
≤472
≤5108
≤6184
≤7100
≤860
≤938
≤104

NVD

≤1596
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1444
≤20
≤32
≤42
≤522
≤628
≤722
≤846
≤920
≤1010

Sprzedawca

≤1544
≤20
≤30
≤40
≤52
≤610
≤72
≤820
≤918
≤100

Exploit 0-day

<1k20
<2k158
<5k66
<10k210
<25k84
<50k36
<100k22
≥100k0

Wykorzystaj dzisiaj

<1k220
<2k176
<5k112
<10k46
<25k40
<50k2
<100k0
≥100k0

Wykorzystaj wielkość rynku

IOB - Indicator of Behavior (1000)

Oś czasu

Język

en926
zh32
de22
ja12
fr6

Kraj

us496
cn78
gb48
jp36
de28

Aktorzy

Mirai3
B1txor202
Viper RAT1
Cobalt Strike1
Molerats1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Operating System36
Document Reader Software16
Router Operating System16
Hardware Driver Software12
Web Browser8

Sprzedawca

Linux26
Cisco20
Foxit16
Not Defined16
Nvidia12

Produkt

Linux Kernel26
Foxit PDF Reader16
Nvidia vGPU Driver12
Nvidia Cloud Gaming Driver12
Cisco IOS XE12

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.170.00045CVE-2017-20191
2Linux Kernel ljca auxiliary_device_add memory corruption5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix1.38-0.00000CVE-2024-26653
3Linux Kernel ALSA del_timer denial of service5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix1.20-0.00000CVE-2024-26654
4Cisco IOS XE OSPFv2 denial of service6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix1.140.00000CVE-2024-20313
5Cisco Aironet Access Point IPv4 Packet denial of service6.96.8$5k-$25k$0-$5kNot DefinedOfficial Fix1.100.00043CVE-2024-20271
6Cisco Aironet Access Point Secure Boot Local Privilege Escalation6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix1.100.00043CVE-2024-20265
7Cisco IOS XE UTD Configuration CLI Local Privilege Escalation5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix1.100.00043CVE-2024-20306
8Cisco IOS/IOS XE IS-IS Protocol denial of service6.96.8$5k-$25k$0-$5kNot DefinedOfficial Fix1.070.00043CVE-2024-20312
9RedLettuce PDF Viewer for Elementor Plugin cross site scripting5.04.9$0-$5k$0-$5kNot DefinedNot Defined1.030.00043CVE-2024-30524
10IBM Security Verify Access Docker Snapshot weak encryption4.74.7$0-$5k$0-$5kNot DefinedOfficial Fix0.680.00043CVE-2024-25027
11Cisco IOS XE SD-Access Fabric Edge Node denial of service8.07.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.840.00043CVE-2024-20314
12Cisco IOS XE CLI privilege escalation4.44.3$5k-$25k$0-$5kNot DefinedOfficial Fix1.030.00043CVE-2024-20324
13Cisco IOS XE Data Model Interface Services nieznana luka5.55.4$5k-$25k$5k-$25kNot DefinedOfficial Fix1.000.00043CVE-2024-20316
14IBM Cloud Pak for Business Automation information disclosure4.24.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.500.00043CVE-2023-50959
15Cisco IOS/IOS XE IKEv1 Fragmentation denial of service8.07.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.700.00043CVE-2024-20308
16Prism IT Systems User Rights Access Manager Plugin cross site scripting5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.86-0.00043CVE-2024-31122
17IBM WebSphere Application Server Liberty Request denial of service5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.390.00043CVE-2024-22353
18Cisco IOS/IOS XE IKEv1 Fragmentation memory corruption6.96.7$5k-$25k$5k-$25kNot DefinedOfficial Fix0.630.00043CVE-2024-20307
19Cisco IOS XE AUX denial of service5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.590.00043CVE-2024-20309
20Cisco IOS/IOS XE LISP denial of service8.07.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.640.00043CVE-2024-20311

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAktorRodzajPewność siebie
123.154.177.0/24B1txor20predictiveWysoki
243.128.20.0/24MiraipredictiveWysoki
3XX.XX.XX.X/XXXxxxxxxxpredictiveWysoki
4XX.XX.XXX.X/XXXxxxxxx XxxxxxpredictiveWysoki
5XX.XX.XX.X/XXXxxxxxpredictiveWysoki
6XX.XXX.XX.X/XXXxxxxxxxpredictiveWysoki
7XXX.XX.XX.X/XXXxxxxxx Xxxxx XxxxxpredictiveWysoki
8XXX.XXX.XX.X/XXXxxxxxxxpredictiveWysoki
9XXX.XX.XXX.X/XXXxxxxpredictiveWysoki
10XXX.XX.XXX.X/XXXxxxxxxxpredictiveWysoki
11XXX.XX.XX.X/XXXxxxx XxxpredictiveWysoki
12XXX.XXX.XXX.X/XXXxxxxx XxxxxxpredictiveWysoki
13XXX.XX.XX.X/XXXxxxxxxxxpredictiveWysoki
14XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictiveWysoki
15XXX.XXX.XXX.X/XXXxxxxpredictiveWysoki
16XXX.XXX.XX.X/XXXxxxxxxxpredictiveWysoki
17XXX.XXX.XXX.X/XXXxxxxxxxx XxxxxxpredictiveWysoki
18XXX.XXX.XXX.X/XXXxxxxpredictiveWysoki
19XXX.XX.XX.X/XXXxxxpredictiveWysoki

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22, CWE-23Path TraversalpredictiveWysoki
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveWysoki
3T1059CWE-94Argument InjectionpredictiveWysoki
4T1059.007CWE-79Cross Site ScriptingpredictiveWysoki
5TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveWysoki
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
8TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
9TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveWysoki
10TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveWysoki
11TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
12TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveWysoki
13TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveWysoki
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
15TXXXX.XXXCWE-XXXXxxxxxxxpredictiveWysoki
16TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
17TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
18TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveWysoki

IOA - Indicator of Attack (79)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin/index.phppredictiveWysoki
2File/cart.phppredictiveMedium
3File/cgi-bin/gui.cgipredictiveWysoki
4File/description.phppredictiveWysoki
5File/Employer/DeleteJob.php?JobId=1predictiveWysoki
6File/index.phppredictiveMedium
7File/login.phppredictiveMedium
8File/member/chat.phppredictiveWysoki
9File/member/member_edit.phppredictiveWysoki
10File/member/view.phppredictiveWysoki
11File/xxxxxxx.xxxpredictiveMedium
12File/xxxxxx_xxxxx.xxxpredictiveWysoki
13File/xxxxx.xxxpredictiveMedium
14Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
15Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveWysoki
16Filexxxxxxx.xxxpredictiveMedium
17Filexxxxxxx/xxxx/xxxx_xxxxxx.xpredictiveWysoki
18Filexx/xxxxx/xxxxxxxxxxx.xpredictiveWysoki
19Filexx/xxxxx/xxxx-xxx.xpredictiveWysoki
20Filexx/xxxx/xxxxxxx_xxxxxx.xpredictiveWysoki
21Filexx/xxx/xxx_xxxx.xpredictiveWysoki
22Filexx/xxx/xxx_xxxxx.xpredictiveWysoki
23Filexx/xxx/xxx_xxxx.xpredictiveWysoki
24Filexxx_xxx_xxxx.xpredictiveWysoki
25Filexxxxxxx/xxxxx/xxxx.xpredictiveWysoki
26Filexxxxxx/xxx/xxxxxxx.xpredictiveWysoki
27Filexxxxxx.xpredictiveMedium
28Filexxxxx.xxxpredictiveMedium
29Filexxxxx.xxxpredictiveMedium
30Filexxxxxxx/xxxxxx.xxxpredictiveWysoki
31Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveWysoki
32Filexx/xxxx_xxxxx.xpredictiveWysoki
33Filexxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxx.xpredictiveWysoki
34Filexxx/xxxx/xxx.xpredictiveWysoki
35Filexxx/xxxx/xxxxxx.xpredictiveWysoki
36Filexxx/xxxx/xxxxx.xpredictiveWysoki
37Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictiveWysoki
38Filexxx/xxxxxxxxxxx/xxxx.xpredictiveWysoki
39Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveWysoki
40Filexxxxxxxxx.xxxpredictiveWysoki
41Filexxx/xxx/xxx_xxx/xxxxxx/xxx_xxxxx_xxxxxxxx_xxxx_xxxxxxx.xpredictiveWysoki
42Filexxx.xxxxxxpredictiveMedium
43Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveWysoki
44Library/xxxxx/xxxx/xxxx/xxxx/xxx/xxx/xxxxxxxxx.xpredictiveWysoki
45Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveWysoki
46Libraryxxxxxxx/xxxxx/xxx.xpredictiveWysoki
47Libraryxxxxxxx/xxxxx/xxxx.xpredictiveWysoki
48Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveWysoki
49Libraryxxx/xxx_xxxx.xpredictiveWysoki
50Libraryxxx/xxxx_xxxxx.xpredictiveWysoki
51Libraryxxx/xxxxxxxx.xpredictiveWysoki
52Libraryxxx/xxxpredictiveNiski
53Libraryxxx/xxxxxxxx.xpredictiveWysoki
54Libraryxxxxx.xxxpredictiveMedium
55ArgumentxxxxpredictiveNiski
56ArgumentxxxxxxxxpredictiveMedium
57ArgumentxxxxpredictiveNiski
58ArgumentxxxxxpredictiveNiski
59Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveWysoki
60Argumentxxxxxx_xxxxpredictiveMedium
61Argumentx_xxxxpredictiveNiski
62ArgumentxxpredictiveNiski
63ArgumentxxpredictiveNiski
64ArgumentxxxxxxxpredictiveNiski
65ArgumentxxxpredictiveNiski
66ArgumentxxxxpredictiveNiski
67Argumentxxxx_xxxxpredictiveMedium
68ArgumentxxxxxxpredictiveNiski
69Argumentxxx_xxxxxxpredictiveMedium
70Argumentxx_xxxxx_xxxxxxxpredictiveWysoki
71Argumentxxxx_xxxxxx_xxxxxpredictiveWysoki
72ArgumentxxxxxxxpredictiveNiski
73Argumentxxxxxxxx/xxxxxxpredictiveWysoki
74ArgumentxxxxxxpredictiveNiski
75Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictiveWysoki
76ArgumentxxxxxxxxxpredictiveMedium
77ArgumentxxxxxxxxpredictiveMedium
78Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveWysoki
79ArgumentxxxxxpredictiveNiski
PoprzedniPrzeglądKolejny

Want to stay up to date on a daily basis?

Enable the mail alert feature now!