PT-2025-10596 · Undefined · Undefined

Publicado

2025-03-10

·

Atualizado

2025-03-10

·

CVE-2021-44288

Nenhuma

Não há classificações de severidade ou métricas disponíveis. Quando houver, atualizaremos as informações correspondentes na página.
#ParsedReport #CompletenessLow 10-03-2025
GreyNoise Detects Active Exploitation of Silk Typhoon-Linked CVEs
https://www.greynoise.io/blog/active-exploitation-silk-typhoon-linked-cves
Report completeness: Low
Actors/Campaigns: Hafnium (motivation: cyber espionage)
Threats: Proxylogon exploit Log4shell vuln Supply chain technique
Industry: Financial
Geo: Singapore, Iran, India, Germany, France, Chinese
CVEs: CVE-2021-44228 [Vulners] CVSS V3.1: 10.0, Vulners: Exploitation: True X-Force: Risk: Unknown X-Force: Patch: Unknown Soft:
  • apache log4j (<2.3.1, <2.12.2, <2.15.0, 2.0)
CVE-2024-3400 [Vulners] CVSS V3.1: 10.0, Vulners: Exploitation: True X-Force: Risk: Unknown X-Force: Patch: Unknown Soft:
  • paloaltonetworks pan-os (10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4)
CVE-2021-44288 [Vulners] CVSS V3.1: Unknown, Vulners: Exploitation: Unknown X-Force: Risk: Unknown X-Force: Patch: Unknown
CVE-2021-26855 [Vulners] CVSS V3.1: 9.1, Vulners: Exploitation: True X-Force: Risk: Unknown X-Force: Patch: Unknown Soft:
  • microsoft exchange server (2013, 2016, 2019)
ChatGPT TTPs: do not use without manual check T1190
Soft: PAN-OS, Apache Log4j, Slack
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2021-44288

Produtos afetados

Undefined