Among the vulnerabilities talked about within the logs are outdated, however widespread, such because the CVE-2022-30190 distant code execution flaw in Microsoft Workplace distant template characteristic, also referred to as the Follina flaw, that has been extensively exploited through malicious Phrase attachments. Different well-known flaws embrace Log4Shell (CVE-2021-44228), Spring4Shell (CVE-2022-22965), and ProxyNotShell (CVE-2022-41028, CVE-2022-41040).
Nonetheless, based on the communication logs, Black Basta can also be usually fast to debate newly launched vulnerabilities, a number of of which the group appears to have had entry to earlier than official publication: Fortinet FortiOS (CVE-2024-23113), Bricks Builder WordPress Theme (CVE-2024-25600), and Exim E mail (CVE-2023-42115).
“Inside days of recent safety advisories being issued, members mentioned vulnerabilities associated to merchandise comparable to Citrix NetScaler, Test Level Quantum Safety Gateways, ConnectWise ScreenConnect, Microsoft Workplace Outlook, Fortinet FortiSIEM, Palo Alto Networks PAN-OS, Atlassian Confluence Server and Information Middle, Cisco IOS XE Internet UI, Microsoft Home windows, GitLab CE/EE, and Fortinet FortiOS,” the VulnCheck researchers discovered.
