TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Research relevant vulnerabilities/CVEs
Research relevant vulnerabilities/CVEs
Common Vulnerability Enumeration (CVE) is a dictionary of publicly known information about security vulnerabilities and exposures. An adversary can use this information to target specific software that may be vulnerable. [1] [2]
ID: T1291
Sub-techniques:
No sub-techniques
Tactic:
Technical Weakness Identification
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Public source external to the defender's organization.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Using standard headers/fingerprints from normal traffic, it is often trivial to identify the SW or HW the target is running, which can be correlated against known CVEs and exploit packages.
References
- Jack Smith IV. (2015, January 22). Pentagon Chief Weapons Tester: Almost All Military Programs Vulnerable to Cyber-Attacks. Retrieved March 5, 2017.
- Kaspersky Lab's Global Research & Analysis Team. (2015, February). CARBANAK APT THE GREAT BANK ROBBERY. Retrieved March 27, 2017.
×