TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Sensor Intel Series: Top CVEs in March 2023

2023-04-25 · Read original ↗

ATT&CK techniques detected

4 predictions
T1190Exploit Public-Facing Application
76%
"between january and february, cve - 2020 - 25078 declined back to a more baseline amount of traffic. conclusions on the one hand, it is interesting to note the prominence of these microsoft exchange rces and speculate that perhaps the headline - grabbing cve - 2023 - 23397, which…"
T1190Exploit Public-Facing Application
75%
"exploit attempts of the next most frequent vulnerability, cve - 2022 - 22947. we ’ ll also explore the dramatic decline in traffic targeting cve - 2020 - 25078, as well as a preponderance of microsoft cves in the top ten for march. let ’ s jump into the data. march vulnerabilitie…"
T1190Exploit Public-Facing Application
50%
"because they are difficult to differentiate with data from passive sensors. they target the same request uri, and have similar http parameters, but one requires prior authentication and and one does not. in any case, even though none of these exchange cves is dominating the lands…"
T1588.006Vulnerabilities
41%
"and how much our traffic changes from month to month. figure 2. evolution of vulnerability targeting in the last twelve months. note the decline in cve - 2020 - 25078, dropping it from second rank in february to tenth in march. long term trends figure 3 shows traffic volume over …"

Summary

Some IoT vulnerabilities, some Microsoft Exchange vulnerabilities, but not too much going on in March.