Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks
Essential information
- Published
- 06/08/2025 08:15
- Modified
- 06/08/2025 09:06
- Tags
- 2025-08-06 CVE-2025-49704 CVE-2025-49706 CVE-2025-53770 CVE-2025-53771 ak47 ransomware ak47c2 backdoor lockbit lockbit 3.0 project ak47 ransomware sharepoint toolshell warlock warlock client x2anylock
- Related entities
- 11 vulnerabilities (cve), 27 observables, 1 intrusion sets (apt), 19 techniques (mitre), 5 malware
Description
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Vulnerabilities (CVE) (11)
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing …
- Attack vector
- NETWORK
- Published
- 21/07/2025
- Modified
- 21/12/2025
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware …
- Attack vector
- Network
- Published
- 20/07/2025
- Modified
- 21/12/2025
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow …
- Attack vector
- Network
- Published
- 22/07/2025
- Modified
- 21/12/2025
Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could …
- Attack vector
- Network
- Published
- 22/07/2025
- Modified
- 21/12/2025
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries …
- Attack vector
- Network
- Published
- 29/04/2025
- Modified
- 21/12/2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by …
- Attack vector
- LOCAL
- Published
- 25/02/2025
- Modified
- 21/12/2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA …
- Attack vector
- LOCAL
- Published
- 09/01/2025
- Modified
- 21/12/2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA …
- Attack vector
- Network
- Published
- 08/01/2025
- Modified
- 21/12/2025
Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi …
- Attack vector
- LOCAL
- Complexity
- Low
- Published
- 29/11/2024
- Modified
- 08/04/2026
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric …
- Attack vector
- Local
- Published
- 23/10/2024
- Modified
- 09/01/2026
Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi …
- Attack vector
- LOCAL
- Complexity
- High
- Published
- 04/07/2024
- Modified
- 08/04/2026
Observables (27)
-
f01675f9ca00da067bdb1812bf829f09ccf5658b87d3326d6fddd773df352574 -
dbf5ee8d232ebce4cd25c0574d3a1ab3aa7c9caf9709047a6790e94d810377de -
d6da885c90a5d1fb88d0a3f0b5d9817a82d5772d5510a0773c80ca581ce2486d -
ceec1a2df81905f68c7ebe986e378fec0805aebdc13de09a4033be48ba66da8b -
c27b725ff66fdfb11dd6487a3815d1d1eba89d61b0e919e4d06ed3ac6a74fe94 -
b5a78616f709859a0d9f830d28ff2f9dbbb2387df1753739407917e96dadf6b0 -
abb0fa128d3a75e69b59fe0391c1158eb84a799ddb0abc55d2d6be3511ef0ea1 -
7c31d43b30bda3a891f0332ee5b1cf610cdc9ecf772cea9b073ac905d886990d -
55a246576af6f6212c26ef78be5dd8f83e78dd45aea97bb505d8cee1aeef6f17 -
3b013d5aec75bf8aab2423d0f56605c3860a8fbd4f343089a9a8813b15ecc550 -
257fed1516ae5fe1b63eae55389e8464f47172154297496e6f4ef13c19a26505 -
1eb914c09c873f0a7bcf81475ab0f6bdfaccc6b63bf7e5f2dbf19295106af192
Intrusion sets (APT) (1)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Techniques (MITRE) (19)
Malware (5)
-
Family
-
Family
-
Family
-
Family
-
Family