SpyAgent Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (31)

Lang

en	30
de	2

Land

co	28

Skådespelare

BumbleBee	2
Cobalt Strike	2
SpyAgent	2
TrickBot	1
XWorm	1

Intressera

Typ

Not Defined	12
Domain Name Software	2
Document Reader Software	2
Access Management Software	2
Content Management System	2

Säljare

Interspire	4
ISC	2
Not Defined	2
Mitsubishi Electric	2
IBM	2

Produkt

Interspire Email Marketer	4
ISC BIND	2
STDU Viewer	2
Mitsubishi Electric MELSEC iQ-F FX5U(C)	2
IBM Security Identity Manager	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	CTI	EPSS	CVE
1	Interspire Email Marketer Dynamiccontenttags.php sql injektion	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00087	CVE-2018-19551
2	Sales / Company Management System member_order.php sql injektion	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00153	CVE-2018-19925
3	Interspire Email Marketer Dynamiccontenttags.php sql injektion	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00087	CVE-2018-19549
4	VMware vCenter Server/Cloud Foundation vSphere Client Privilege Escalation	6.3	6.0	$5k-$25k	$0-$5k	High	Official Fix	0.03	0.97299	CVE-2021-21972
5	Advanced Comment System admin.php sql injektion	8.5	7.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02	0.00332	CVE-2018-18619
6	Interspire Email Marketer Dynamiccontenttags.php sql injektion	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00087	CVE-2018-19553
7	IBM Security Identity Manager minneskorruption	6.4	6.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00071	CVE-2021-20494
8	Void Aural Rec Monitor svc-login.php sql injektion	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.50721	CVE-2021-25899
9	SolarWinds Advanced Monitoring Agent privilegier eskalering	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00042	CVE-2020-13912
10	Mitsubishi Electric MELSEC iQ-F FX5U(C) ARP Packet Remote Code Execution	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00176	CVE-2020-5665
11	Sonus SBC 1000/SBC 2000/SBC SWe Lite Web Interface kataloggenomgång	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00172	CVE-2018-11543
12	Sonus SBC 1000/SBC 2000/SBC SWe Lite Web Interface privilegier eskalering	9.8	9.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00245	CVE-2018-11541
13	Softing Industrial Automation minneskorruption	8.5	8.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00544	CVE-2020-14524
14	ISC BIND QNAME förnekande av tjänsten	7.5	7.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00737	CVE-2020-8621
15	MetalGenix GeniXCMS User.class.php sql injektion	8.5	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.00219	CVE-2015-3933
16	Interspire Email Marketer Dynamiccontenttags.php sql injektion	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00087	CVE-2018-19552
17	Microsoft Office RTF minneskorruption	7.0	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.10418	CVE-2018-0797
18	Microsoft Windows OpenType Font Parser minneskorruption	7.6	7.5	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.04	0.04046	CVE-2019-1456
19	STDU Viewer xps File minneskorruption	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00044	CVE-2017-14574
20	WordPress Static Query informationsgivning	5.3	5.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.01118	CVE-2019-17671

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Identified	Typ	Förtroende
1	23.19.227.217		SpyAgent	08/04/2024	verified	Hög
2	XX.XX.XXX.XXX		Xxxxxxxx	08/04/2024	verified	Hög
3	XXX.XX.XXX.XX	xxxxxx-xxx-xx-xxx-xx.xxxxxxxxx.xx	Xxxxxxxx	08/04/2024	verified	Hög

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1	T1006	CWE-22	Path Traversal	predictive	Hög
2	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
3	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Hög
4	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	Dynamiccontenttags.php	predictive	Hög
2	File	internal/advanced_comment_system/admin.php	predictive	Hög
3	File	member/member_order.php	predictive	Hög
4	File	xxx-xxxxx.xxx	predictive	Hög
5	Library	xxx/xxx/xxxx.xxxxx.xxx	predictive	Hög
6	Argument	xxxxxxx[]	predictive	Medium
7	Argument	xxxxx/xxxxxx	predictive	Medium
8	Argument	xx	predictive	Låg
9	Argument	xxxx	predictive	Låg
10	Argument	xxxxxx	predictive	Låg
11	Argument	xxxxxxxxx	predictive	Medium
12	Argument	xxxx/x_xxxxx	predictive	Medium

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!