部门 Energy

Timeframe: -28 days

Default Categories (67): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chip Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

时间轴

供应商

Linux160
Apple82
Microsoft62
Foxit38
Not Defined34

产品

Linux Kernel160
Apple macOS72
Microsoft Windows50
Foxit PDF Reader38
Google Chrome24

修正

Official Fix528
Temporary Fix0
Workaround2
Unavailable0
Not Defined120

易受攻击性

High0
Functional0
Proof-of-Concept20
Unproven54
Not Defined576

访问向量

Not Defined0
Physical4
Local146
Adjacent212
Network288

身份验证

Not Defined0
High38
Low372
None240

用户交互

Not Defined0
Required168
None482

C3BM Index

CVSSv3 Base

≤10
≤20
≤318
≤470
≤592
≤6224
≤7130
≤880
≤934
≤102

CVSSv3 Temp

≤10
≤20
≤324
≤468
≤598
≤6294
≤792
≤858
≤914
≤102

VulDB

≤10
≤24
≤322
≤484
≤5102
≤6206
≤7118
≤882
≤930
≤102

NVD

≤1650
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1506
≤20
≤30
≤42
≤514
≤628
≤724
≤852
≤916
≤108

供应商

≤1596
≤20
≤30
≤40
≤50
≤68
≤76
≤824
≤916
≤100

零日攻击

<1k34
<2k176
<5k62
<10k204
<25k100
<50k54
<100k20
≥100k0

本日攻击

<1k246
<2k168
<5k126
<10k56
<25k54
<50k0
<100k0
≥100k0

攻击市场容量

IOB - Indicator of Behavior (1000)

时间轴

语言

en928
fr26
de24
ja12
zh10

国家/地区

us464
de42
cn36
gb34
hu34

演员

Gafgyt_tor1
Dealply1
WhiteSnake Stealer1
Viper RAT1
Sandworm1

活动

利益

时间轴

类型

Chip Software34
Document Reader Software20
Operating System20
Router Operating System18
Web Browser8

供应商

MediaTek20
Foxit20
Cisco18
Linux14
Qualcomm14

产品

Foxit PDF Reader20
MediaTek MT878118
MediaTek MT816816
MediaTek MT819516
MediaTek MT876516

漏洞

#漏洞BaseTemp0day今天修正CTIEPSSCVE
1Qualcomm Snapdragon File Name 内存损坏9.89.6$5k-$25k$0-$5kNot DefinedOfficial Fix1.140.00000CVE-2024-21473
2Cisco IOS XE OSPFv2 拒绝服务6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix1.020.00000CVE-2024-20313
3Cisco Aironet Access Point IPv4 Packet 拒绝服务6.96.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.990.00043CVE-2024-20271
4Cisco Aironet Access Point Secure Boot Local Privilege Escalation6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.990.00043CVE-2024-20265
5Cisco IOS XE UTD Configuration CLI Local Privilege Escalation5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.990.00043CVE-2024-20306
6Cisco IOS/IOS XE IS-IS Protocol 拒绝服务6.96.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.960.00043CVE-2024-20312
7Cisco IOS XE SD-Access Fabric Edge Node 拒绝服务8.07.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.930.00043CVE-2024-20314
8Cisco IOS XE CLI 权限升级4.44.3$5k-$25k$0-$5kNot DefinedOfficial Fix1.010.00043CVE-2024-20324
9Cisco IOS XE Data Model Interface Services 未知漏洞5.55.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.970.00043CVE-2024-20316
10Qualcomm Snapdragon Message Decoder 拒绝服务7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.880.00000CVE-2024-21453
11Qualcomm Snapdragon Automotive Telematics 拒绝服务7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.900.00000CVE-2024-21454
12Cisco IOS/IOS XE IKEv1 Fragmentation 拒绝服务8.07.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.700.00043CVE-2024-20308
13Linux Kernel ljca auxiliary_device_add 内存损坏5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix1.41-0.00000CVE-2024-26653
14Linux Kernel ALSA del_timer 拒绝服务5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix1.20-0.00000CVE-2024-26654
15Cisco IOS/IOS XE IKEv1 Fragmentation 内存损坏6.96.7$5k-$25k$5k-$25kNot DefinedOfficial Fix0.630.00043CVE-2024-20307
16Cisco IOS XE AUX 拒绝服务5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.810.00043CVE-2024-20309
17Cisco IOS/IOS XE LISP 拒绝服务8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.810.00043CVE-2024-20311
18Cisco IOS XE NETCONF 权限升级5.65.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.590.00043CVE-2024-20278
19Bitdefender Total Security seccenter.exe Local Privilege Escalation7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.76-0.00000CVE-2023-6154
20Cisco IOS XE mDNS Gateway 拒绝服务6.96.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.510.00043CVE-2024-20303

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP range参与者类型可信度
145.134.225.0/24Miraipredictive
254.213.123.0/24Dealplypredictive
3XX.XX.XXX.X/XXXxxxxxx Xxxxxxpredictive
4XX.XX.XX.X/XXXxxxxxpredictive
5XX.XXX.XX.X/XXXxxxxxxxpredictive
6XXX.XXX.XXX.X/XXXxxxxxxxpredictive
7XXX.XX.XX.X/XXXxxxxxx Xxxxx Xxxxxpredictive
8XXX.XXX.XX.X/XXXxxxxxxxpredictive
9XXX.XX.XXX.X/XXXxxxxxxxpredictive
10XXX.XX.XX.X/XXXxxxx Xxxpredictive
11XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
12XXX.XXX.XX.X/XXXxxxxxxxpredictive
13XXX.XX.XX.X/XXXxxxxx_xxxpredictive
14XXX.XX.XX.X/XXXxxxxxxxxx Xxxxxxxpredictive
15XXX.XX.XX.X/XXXxxxpredictive
16XXX.XXX.XX.X/XXXxxxxxpredictive

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22, CWE-23Path Traversalpredictive
2T1040CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CWE-94Argument Injectionpredictive
5T1059.007CWE-79Cross Site Scriptingpredictive
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
7TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictive
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
10TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictive
11TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
12TXXXXCWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
14TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictive
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
19TXXXX.XXXCWE-XXXXxxxxxxxpredictive
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
21TXXXXCWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
22TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
23TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (80)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/admin/index.phppredictive
2File/cart.phppredictive
3File/cgi-bin/gui.cgipredictive
4File/description.phppredictive
5File/Employer/DeleteJob.php?JobId=1predictive
6File/index.phppredictive
7File/login.phppredictive
8File/member/chat.phppredictive
9File/member/member_edit.phppredictive
10File/member/view.phppredictive
11File/xxxxxxx.xxxpredictive
12File/xxxxxx_xxxxx.xxxpredictive
13File/xxxxx.xxxpredictive
14Filexxxxxxxxxxxxxxxxxxx.xxxpredictive
15Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictive
16Filexxxxxxx.xxxpredictive
17Filexxxxxxx/xxxx/xxxx_xxxxxx.xpredictive
18Filexx/xxxxx/xxxxxxxxxxx.xpredictive
19Filexx/xxxxx/xxxx-xxx.xpredictive
20Filexx/xxxx/xxxxxxx_xxxxxx.xpredictive
21Filexx/xxx/xxx_xxxx.xpredictive
22Filexx/xxx/xxx_xxxxx.xpredictive
23Filexx/xxx/xxx_xxxx.xpredictive
24Filexxx_xxx_xxxx.xpredictive
25Filexxxxxxx/xxxxx/xxxx.xpredictive
26Filexxxxxx/xxx/xxxxxxx.xpredictive
27Filexxxxxx.xpredictive
28Filexxxxx.xxxpredictive
29Filexxxxx.xxxpredictive
30Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictive
31Filexx/xxxx_xxxxx.xpredictive
32Filexxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxx.xpredictive
33Filexxx/xxxx/xxx.xpredictive
34Filexxx/xxxx/xxxxxx.xpredictive
35Filexxx/xxxx/xxxxx.xpredictive
36Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictive
37Filexxx/xxxxxxxxxxx/xxxx.xpredictive
38Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
39Filexxxxxxxxx.xxxpredictive
40Filexxx/xxx/xxx_xxx/xxxxxx/xxx_xxxxx_xxxxxxxx_xxxx_xxxxxxx.xpredictive
41Filexxx.xxxxxxpredictive
42Filexxxxxx-xxxxx.xxxpredictive
43Filexxxxxx-xxxxxxxx.xxxpredictive
44Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
45Library/xxxxx/xxxx/xxxx/xxxx/xxx/xxx/xxxxxxxxx.xpredictive
46Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictive
47Libraryxxxxxxx/xxxxx/xxx.xpredictive
48Libraryxxxxxxx/xxxxx/xxxx.xpredictive
49Libraryxxxxxxx/xxx/xxxx_xxx.xpredictive
50Libraryxxx/xxx_xxxx.xpredictive
51Libraryxxx/xxxx_xxxxx.xpredictive
52Libraryxxx/xxxxxxxx.xpredictive
53Libraryxxx/xxxpredictive
54Libraryxxx/xxxxxxxx.xpredictive
55Libraryxxxxx.xxxpredictive
56Argumentxxxxx_xxpredictive
57Argumentxxxxxxxxpredictive
58Argumentxxxxpredictive
59Argumentxxxxxpredictive
60Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictive
61Argumentxxxxxx_xxxxpredictive
62Argumentx_xxxxpredictive
63Argumentxxpredictive
64Argumentxxpredictive
65Argumentxxxxxxxpredictive
66Argumentxxxpredictive
67Argumentxxxxpredictive
68Argumentxxxx_xxxxpredictive
69Argumentxxxxxxpredictive
70Argumentxxx_xxxxxxpredictive
71Argumentxx_xxxxx_xxxxxxxpredictive
72Argumentxxxx_xxxxxx_xxxxxpredictive
73Argumentxxxxxxxpredictive
74Argumentxxxxxxxx/xxxxxxpredictive
75Argumentxxxxxxpredictive
76Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictive
77Argumentxxxxxxxxxpredictive
78Argumentxxxxxxxxpredictive
79Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictive
80Argumentxxxxxpredictive
上一步一览下一步

Do you know our Splunk app?

Download it now for free!