| Title | Versions 4.2 and 4.3 of Cobalt Strike’s server contain multiple Denial of Service vulnerabilities (CVE-2021-36798) |
|---|
| Description | The vulnerabilities can render existing Beacons unable to communicate with their C2 server, prevent new beacons from being installed, and have the potential to interfere with ongoing operations.
CVE-2021-36798
Poc: https://github.com/Sentinel-One/CobaltStrikeParser/blob/master/extra/communication_poc.py
Fix: HelpSystems released Cobalt Strike 4.4, which contains a fix for CVE-2021-36798. |
|---|
| Source | ⚠️ https://labs.sentinelone.com/hotcobalt-new-cobalt-strike-dos-vulnerability-that-lets-you-halt-operations/ |
|---|
| User | misc (ID 3) |
|---|
| Submission | 2021-08-04 19:14 (3 years ago) |
|---|
| Moderation | 2021-08-04 19:57 (43 minutes later) |
|---|
| Status | Przyjęty |
|---|
| VulDB Entry | 180073 |
|---|