Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
trendmicroblogPeter GirnusTRENDMICROBLOG:753CFCE9E6E97F03319EA3E42B9FEBA1
HistoryJan 12, 2024 - 12:00 a.m.

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

2024-01-1200:00:00
Peter Girnus
www.trendmicro.com
12
phemedrone stealer
cve-2023-36025
defense evasion
malware payload
windows defender smartscreen bypass

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.0%

JSON

This blog delves into the Phemedrone Stealer campaignโ€™s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malwareโ€™s payload.

Related

thn 10
githubexploit 2
attackerkb 1
hivepro 2
prion 1
cve 1
mscve 1
cisa_kev 1
talosblog 1
malwarebytes 1
krebs 2
nessus 11
mskb 15
kaspersky 2
qualysblog 1
openvas 6
avleonov 1
rapid7blog 2
thn
thn
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
2024-02-05 03:45:00
Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer
2024-01-16 07:13:00
Mispadu Trojan Targets Europe, Thousands of Credentials Compromised
2024-04-03 09:32:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2023-12-28 23:29:04
Exploit for Vulnerability in Microsoft
2023-11-17 15:46:44
attackerkb
attackerkb
CVE-2023-36025
2023-11-14 00:00:00
hivepro
hivepro
Mispadu Leverages CVE-2023-36025 Vulnerability in Latest Attack
2024-02-08 14:06:16
Attacks, Vulnerabilities and Actors 5 to 11 February 2024
2024-02-13 11:12:58
prion
prion
Security feature bypass
2023-11-14 18:15:00
cve
cve
CVE-2023-36025
2023-11-14 18:15:31
mscve
mscve
Windows SmartScreen Security Feature Bypass Vulnerability
2023-11-14 08:00:00
cisa_kev
cisa_kev
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
2023-11-14 00:00:00
talosblog
talosblog
Microsoft discloses only three critical vulnerabilities in Novemberโ€™s Patch Tuesday update, three other zero-days
2023-11-14 19:46:02
malwarebytes
malwarebytes
Update now! Microsoft patches 3 actively exploited zero-days
2023-11-15 22:04:31
krebs
krebs
Microsoft Patch Tuesday, November 2023 Edition
2023-11-14 23:00:59
Fat Patch Tuesday, February 2024 Edition
2024-02-13 22:28:48
nessus
nessus
KB5032248: Windows Server 2008 Security Update (November 2023)
2023-11-14 00:00:00
KB5032250: Windows Server 2008 R2 Security Update (November 2023)
2023-11-14 00:00:00
KB5032249: Windows Server 2012 R2 Security Update (November 2023)
2023-11-14 00:00:00
mskb
mskb
November 14, 2023โ€”KB5032248 (Security-only update)
2023-11-14 08:00:00
November 14, 2023โ€”KB5032254 (Monthly Rollup)
2023-11-14 08:00:00
November 14, 2023โ€”KB5032250 (Security-only update)
2023-11-14 08:00:00
kaspersky
kaspersky
KLA61980 Multiple vulnerabilities in Microsoft Products (ESU)
2023-11-14 00:00:00
KLA61975 Multiple vulnerabilities in Microsoft Windows
2023-11-14 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
2023-11-14 20:29:03
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5032199)
2023-11-16 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5032197)
2023-11-16 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5032189)
2023-11-16 00:00:00
avleonov
avleonov
November 2023 โ€“ January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review
2024-02-01 17:07:20
rapid7blog
rapid7blog
Patch Tuesday - February 2024
2024-02-13 21:26:21
Patch Tuesday - November 2023
2023-11-14 21:27:09

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.0%

JSON
Related for TRENDMICROBLOG:753CFCE9E6E97F03319EA3E42B9FEBA1
thn10githubexploit2attackerkb1hivepro2prion1cve1mscve1cisa_kev1talosblog1malwarebytes1krebs2nessus11mskb15kaspersky2qualysblog1openvas6avleonov1rapid7blog2