TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Sensor Intel Series: Top CVEs in December 2022

2023-01-23 · Read original ↗

ATT&CK techniques detected

5 predictions
T1190Exploit Public-Facing Application
91%
"##umeration versions < = 1. 3. 9. while the plugin prevents rest api get requests to endpoints containing ‘ / users / ’, the api will accept post requests requesting user enumeration. however, we noted that all of the connections on our sensors were get requests to an endpoint co…"
T1588.006Vulnerabilities
69%
"activity looking for several vulnerabilities or known vulnerable systems that do not have cve numbers associated with them. these include three exploits against an oracle fatwire vulnerability which does not appear to be exploitable in the wild, a docker enumeration tool, siemens…"
T1190Exploit Public-Facing Application
47%
"##ct users to arbitrary sites and / or conduct phishing attacks. roughly half of the exploit attempts against this vulnerability were benign testing and therefore probably researchers. the other half attempted to download a web shell. nvd cve - 2015 - 3897 a directory traversal v…"
T1190Exploit Public-Facing Application
46%
"plot represents an order of magnitude growth. this provides yet another view into the decline in traffic targeting cve - 2020 - 25078 ( 2nd row, 3rd column ). figure 3. traffic targeting all 55 tracked cves over time. note log10 scale on y axes, as well as a number of novel addit…"
T1588.006Vulnerabilities
44%
", which dropped from roughly 3, 000 connections in november to 18 in december. figure 2 also reiterates the growth in cve - 2020 - 8958, which had already increased from october to november. note that this same vulnerability experienced our previous record for targeting traffic i…"

Summary

See which vulnerabilities caught attackers’ eyes in December 2022.