growth
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:48
- Modified
- 21/12/2025 07:45
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 6 attack patterns (mitre), 1 intrusion sets (apt), 1 sectors, 1 indicators, 52 vulnerabilities (cve), 1 reports
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (6)
Intrusion sets (APT) (1)
-
The MITRE Corporation Confidence 100
[APT38](https://attack.mitre.org/groups/G0082) is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau.(Citation: CISA AA20-239A BeagleBoyz August 2020)…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (1)
-
Finance targets
Indicators (1)
Vulnerabilities (CVE) (52)
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to …
- Attack vector
- Network
- Published
- 24/04/2024
- Modified
- 28/02/2026
Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with …
- Attack vector
- Local
- Published
- 23/04/2024
- Modified
- 21/12/2025
Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.
- Attack vector
- Network
- Published
- 15/02/2024
- Modified
- 21/12/2025
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.
- Attack vector
- Network
- Published
- 23/09/2022
- Modified
- 27/05/2026
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be …
- Attack vector
- NETWORK
- Published
- 16/10/2024
- Modified
- 21/12/2025
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user …
- Attack vector
- NETWORK
- Published
- 05/04/2024
- Modified
- 21/12/2025
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager …
- Attack vector
- Network
- Published
- 23/10/2024
- Modified
- 21/12/2025
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in …
- Attack vector
- Network
- Published
- 09/09/2024
- Modified
- 21/12/2025
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow …
- Attack vector
- NETWORK
- Published
- 14/02/2024
- Modified
- 21/12/2025
OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability due to unsafely evaluating property names as XPath …
- Attack vector
- Network
- Published
- 15/07/2024
- Modified
- 21/12/2025
Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts …
- Attack vector
- Network
- Published
- 05/10/2023
- Modified
- 21/12/2025
In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization …
- Attack vector
- NETWORK
- Published
- 24/07/2024
- Modified
- 21/12/2025
Reports (1)
-
6 MITREs 2 Malwares 1 APT