HiveForce LabsHIVEPRO:2B031BDA0D1C7C4FD24AAC1725C19B2EAttacks, Vulnerabilities and Actors 25 December to 31 December 2023
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.545 Medium
EPSS
Percentile
97.3%
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, four instances of adversary activity, and five exploited vulnerability, highlighting the ever-present danger of cyberattacks. Furthermore, HiveForce Labs uncovered Operation RusticWeb, targeting India to deploying Rust-based malware. Meanwhile, a high severity zero-day vulnerability (CVE-2023-51467), in Apache OFBiz that could result in bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) or enable arbitrary code execution. These observed attacks have been on the rise, posing a significant threat worldwide. Subscribe to receive our weekly threat digests and newsletters directly in your inbox.
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.545 Medium
EPSS
Percentile
97.3%