TA0040: TA0040

Search IOCs, vulnerabilities, APT…

216.73.217.22

← Back to attack patterns

View on MITRE ATT&CK AlienVault · Published 20/12/2025 23:19 · Modified 27/05/2026 15:52

Essential information

MITRE technique ID: TA0040
Confidence: 100/100
Revoked: No
Published: 20/12/2025 23:19
Modified: 27/05/2026 15:52
Author / Source: AlienVault

Description

No description.

Marking (TLP)

TLP:CLEAR

External references

mitre-attack (TA0040)

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.

Intrusion sets (APT) (3)

DPRK uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·
Volt Typhoon uses BRONZE SILHOUETTEVanguard Panda

The MITRE Corporation Confidence 100

[Volt Typhoon](https://attack.mitre.org/groups/G1017) is a People's Republic of China (PRC) state-sponsored actor that has been active since at least 2021 primarily targeting critical infrastructure organizations in the US and…

First seen 01/01/1970 · Last seen 16/11/5138 ·
RomCom uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·

Malware (7)

LockBit uses

Family
Mirai uses

Family
Maui uses
DPRK uses
Parrot TDS uses
H0lyGh0st uses
Ryuk uses

Reports (1)

Leaked Environment Variables Allow Large-Scale Extortion Operation of … related

2 CVEs 6 MITREs 37 Observables

Vulnerabilities (CVE) (5)

CVE-2021-20038 KEV targets

SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.

Published: 28/01/2022
Modified: 20/12/2025

CVE-2024-3094 targets

10.0 Critical

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma …

Attack vector: NETWORK
Published: 29/03/2024
Modified: 21/12/2025

CVE-2024-6387 targets

8.1 High

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by …

Published: 01/07/2024
Modified: 01/07/2024

Awaiting Analysis

CVE-2022-24990 KEV targets

7.5 High

TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.

Attack vector: Network
Published: 10/02/2023
Modified: 20/12/2025

CVE-2021-44228 KEV targets

10.0 Critical

Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.

Attack vector: Network
Published: 10/12/2021
Modified: 27/05/2026

Contact About Legal notice Privacy policy Terms of use