Vulnerabilities used by  Blackbasta

This information is provided by Ransomware-Vulnerability-Matrix


This is the list of vulnerabilities that have been observed during intrusions by  
Blackbasta

Vendor Product CVE Source
ConnectWise ScreenConnect  🔴  CVE-2024-1709 & CVE-2024-1709 cisa.gov
VMware ESXi  🟠  CVE-2024-37085 ("ESX Admins") microsoft.com
Windows Windows Error Reporting Service  🟠  CVE-2024-26169 www.security.com
Windows MSDT  🟠  CVE-2022-30190 ("Follina") sentinelone.com
Windows Active Directory  🟠  CVE-2021-42278 & CVE-2021-42287 ("NoPac") cisa.gov
Windows Print Spooler  🟠  CVE-2021-1675 & CVE-2021-34527 ("PrintNightmare") cisa.gov
Windows NetLogon  🌕  CVE-2020-1472 ("ZeroLogon") cisa.gov

CVE Severity Levels

Severity Score Range Description
⚪️ Low 0.1 - 3.9 Minor impact on the system; typically does not require immediate action.
🌕 Medium 4.0 - 6.9 Moderate impact; may require action but is generally not urgent.
🟠 High 7.0 - 8.9 Significant impact; needs attention soon to prevent potential exploitation.
🔴 Critical 9.0 - 10.0 Severe impact; requires immediate action due to the high risk of exploitation and potential for serious damage.

© 2024 Ransomware.live. All rights reserved.  |    Contact us  |    BlueSky  |    GitHub  |    LinkedIn

  Support Ransomare.live

Last Dataset update : 2024-11-21 06:17:36 UTC