Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The recent incident is related to TA570, wherein the attackers exploited the Follina vulnerability (CVE-2022-30190) to compromise the Domain Controller and eventually gain access to confidential files.

talosblog 1

thn 20

cisa 1

msrc 4

malwarebytes 7

trellix 10

hackerone 1

githubexploit 47

mscve 2

rapid7blog 6

nessus 11

cisa_kev 1

hivepro 4

prion 1

schneier 1

packetstorm 2

qualysblog 9

metasploit 1

threatpost 4

cve 1

kaspersky 2

checkpoint_advisories 1

zdt 1

krebs 1

attackerkb 1

pentestpartners 1

securelist 4

avleonov 2

googleprojectzero 1

mskb 12

ics 1

talosblog

Threat Advisory: Zero-day vulnerability in Microsoft diagnostic tool MSDT could lead to code execution

2022-06-02 14:53:52

thn

New Woody RAT Malware Being Used to Target Russian Organizations

2022-08-04 12:55:00

Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability

2022-06-01 06:02:00

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

2023-05-23 15:30:00

cisa

Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability

2022-05-31 00:00:00

msrc

CVE-2022-30190 マイクロソフトサポート診断ツールの脆弱性に関するガイダンス

2022-05-30 07:00:00

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

2022-05-30 07:00:00

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

2022-05-30 07:00:00

malwarebytes

Woody RAT: A new feature-rich malware spotted in the wild

2022-08-03 21:00:00

Woody RAT: A new feature-rich malware spotted in the wild

2022-08-03 21:25:52

FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day

2022-06-01 16:36:44

trellix

Trellix Global Defenders: Follina — Microsoft Office Zero-Day (CVE-2022-30190)

2022-06-03 00:00:00

Beyond File Search: A Novel Method

2023-07-26 00:00:00

Beyond File Search: A Novel Method

2023-07-26 00:00:00

hackerone

Reddit: Unrestricted File Upload on reddit.secure.force.com

2022-06-20 09:10:53

githubexploit

Exploit for Vulnerability in Microsoft

2022-10-23 15:24:43

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft

2022-06-25 16:27:59

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft

2022-06-13 04:20:02

mscve

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

2022-05-30 07:00:00

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

2022-08-09 07:00:00

rapid7blog

CVE-2022-30190: "Follina" Microsoft Support Diagnostic Tool Vulnerability

2022-05-31 15:15:16

Metasploit Weekly Wrap-Up

2022-06-10 18:07:05

Metasploit Weekly Wrap-Up

2022-09-02 19:39:21

nessus

The Microsoft Windows Support Diagnostic Tool (MSDT) RCE Workaround Detection (CVE-2022-30190)

2022-05-31 00:00:00

KB5014743: Windows Server 2008 Security Update (June 2022)

2022-06-14 00:00:00

KB5014742: Windows 7 and Windows Server 2008 R2 Security Update (June 2022)

2022-06-14 00:00:00

cisa_kev

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

2022-06-14 00:00:00

hivepro

Follina: A zero-day vulnerability in Microsoft Office

2022-06-15 10:13:53

Woody RAT leverages Follina to target Russia

2022-08-05 18:22:17

Actors, Threats and Vulnerabilities 22 to 28 May 2023

2023-05-30 07:42:00

prion

Remote code execution

2022-06-01 20:15:00

schneier

Clever — and Exploitable — Windows Zero-Day

2022-06-01 18:25:36

packetstorm

Microsoft Office Word MSDTJS Code Execution

2022-06-07 00:00:00

Microsoft Office MSDT Follina Proof Of Concept

2022-05-31 00:00:00

qualysblog

Detect the Follina MSDT Vulnerability (CVE-2022-30190) with Qualys Multi-Vector EDR & Context XDR

2022-06-14 20:52:25

Launching Qualys Cloud Threat Database

2023-02-08 13:50:00

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk

2022-10-10 14:32:29

metasploit

Microsoft Office Word MSDTJS

2022-05-30 17:23:18

threatpost

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

2022-06-23 12:21:33

Follina Exploited by State-Sponsored Hackers

2022-06-07 12:45:00

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

2022-06-01 10:38:37

cve

CVE-2022-30190

2022-06-01 20:15:00

kaspersky

KLA12549 RCE vulnerability in Microsoft Windows

2022-05-30 00:00:00

KLA12550 RCE vulnerability in Microsoft Products (ESU)

2022-05-30 00:00:00

checkpoint_advisories

Microsoft Support Diagnostic Tool Remote Code Execution (CVE-2022-30190)

2022-06-01 00:00:00

zdt

Microsoft Office Word MSDTJS Code Execution Exploit

2022-06-07 00:00:00

krebs

Microsoft Patch Tuesday, June 2022 Edition

2022-06-15 04:52:30

attackerkb

CVE-2022-30190

2022-06-01 00:00:00

pentestpartners

Follina 0day exploit. Malicious code execution in Office docs

2022-06-01 05:38:30

securelist

IT threat evolution Q2 2022

2022-08-15 12:00:34

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

2022-06-06 08:00:02

IT threat evolution in Q2 2022. Non-mobile statistics

2022-08-15 12:00:43

avleonov

Microsoft Patch Tuesday June 2022: Follina RCE, NFSV4.1 RCE, LDAP RCEs and bad patches

2022-06-25 12:32:07

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

2022-08-23 00:00:26

googleprojectzero

2022 0-day In-the-Wild Exploitation…so far

2022-06-30 00:00:00

mskb

June 14, 2022—KB5014748 (Monthly Rollup)

2022-06-14 07:00:00

June 14, 2022—KB5014742 (Security-only update)

2022-06-14 07:00:00

June 14, 2022—KB5014710 (OS Build 10240.19325) - EXPIRED

2022-06-14 07:00:00

ics

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Related for HIVEPRO:04FABAE2F2B647B3488AA0025301D637