SysAid Zero-Day Vulnerability Exploited by Threat Actors
Tags
cmtmf-attack-pattern: Code Injection
attack-pattern: Data Code Injection - T1540 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Powershell - T1059.001 Software - T1592.002 Web Service - T1481 Powershell - T1086 Web Service - T1102
Show in Graph
Common Information
Type Value
UUID e3e8b9ea-811c-4035-af60-ca7a0895fd58
Fingerprint 85032fc7c326c6e9
Analysis status DONE
Considered CTI value 1
Text language
Published Nov. 10, 2023, 2:43 p.m.
Added to db Nov. 19, 2023, 10:12 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline SysAid Zero-Day Vulnerability Exploited by Threat Actors
Title SysAid Zero-Day Vulnerability Exploited by Threat Actors
Detected Hints/Tags/Attributes 42/2/6
Source URLs
Redirection Url
Details Source https://heimdalsecurity.com/blog/sysaid-zero-day-vulnerability/
URL Provider
Details Provider Source level domain
Details heimdalsecurity.com heimdalsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 132 Heimdal Security Blog https://heimdalsecurity.com/blog/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 31 
cve-2023-47246
Details File 1122 
svchost.exe
Details File 131 
spoolsv.exe
Details File 269 
msiexec.exe
Details File 11 
wrapper.exe
Details Threat Actor Identifier - FIN 127 
FIN11