@blamejs/exceptd-skills 0.13.1 → 0.13.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +73 -0
- package/bin/exceptd.js +140 -7
- package/data/_indexes/_meta.json +28 -28
- package/data/_indexes/activity-feed.json +3 -3
- package/data/_indexes/catalog-summaries.json +3 -3
- package/data/_indexes/chains.json +1897 -88
- package/data/_indexes/frequency.json +20 -0
- package/data/_indexes/section-offsets.json +574 -574
- package/data/_indexes/token-budget.json +97 -97
- package/data/atlas-ttps.json +2 -0
- package/data/attack-techniques.json +24 -3
- package/data/cve-catalog.json +96 -29
- package/data/cwe-catalog.json +20 -3
- package/data/framework-control-gaps.json +700 -1
- package/data/zeroday-lessons.json +889 -0
- package/lib/lint-skills.js +54 -1
- package/lib/source-advisories.js +26 -0
- package/manifest.json +62 -62
- package/orchestrator/index.js +155 -3
- package/package.json +1 -1
- package/sbom.cdx.json +50 -39
- package/scripts/check-test-count.js +146 -0
- package/scripts/predeploy.js +16 -0
- package/skills/age-gates-child-safety/skill.md +1 -0
- package/skills/ai-risk-management/skill.md +1 -0
- package/skills/api-security/skill.md +14 -4
- package/skills/cloud-iam-incident/skill.md +1 -1
- package/skills/defensive-countermeasure-mapping/skill.md +1 -0
- package/skills/email-security-anti-phishing/skill.md +15 -4
- package/skills/fuzz-testing-strategy/skill.md +1 -0
- package/skills/mlops-security/skill.md +1 -0
- package/skills/ot-ics-security/skill.md +1 -0
- package/skills/researcher/skill.md +1 -0
- package/skills/sector-energy/skill.md +1 -0
- package/skills/sector-federal-government/skill.md +1 -0
- package/skills/sector-telecom/skill.md +1 -0
- package/skills/skill-update-loop/skill.md +1 -0
- package/skills/threat-model-currency/skill.md +1 -0
- package/skills/threat-modeling-methodology/skill.md +1 -0
- package/skills/webapp-security/skill.md +1 -0
- package/skills/zeroday-gap-learn/skill.md +1 -0
|
@@ -2119,5 +2119,894 @@
|
|
|
2119
2119
|
"ai_discovered_zeroday": false,
|
|
2120
2120
|
"ai_discovery_source": "threat_actor_release",
|
|
2121
2121
|
"ai_assist_factor": "high"
|
|
2122
|
+
},
|
|
2123
|
+
"CVE-2024-3154": {
|
|
2124
|
+
"name": "CRI-O arbitrary kernel-module load",
|
|
2125
|
+
"lesson_date": "2026-05-17",
|
|
2126
|
+
"attack_vector": {
|
|
2127
|
+
"description": "Pod-spec attributes reach modprobe argument path in CRI-O without validation. An attacker with pod-create RBAC on a cluster using CRI-O can cause arbitrary kernel modules to load on the host node, achieving container-escape-equivalent capability.",
|
|
2128
|
+
"privileges_required": "pod-create RBAC inside the cluster (namespace-scoped is sufficient)",
|
|
2129
|
+
"complexity": "low",
|
|
2130
|
+
"ai_factor": "Not AI-discovered — reported by the OpenShift/CRI-O upstream security team. Conventional argument-injection class."
|
|
2131
|
+
},
|
|
2132
|
+
"defense_chain": {
|
|
2133
|
+
"prevention": {
|
|
2134
|
+
"what_would_have_worked": "Upgrade to CRI-O 1.27.10 / 1.28.7 / 1.29.4. Pre-patch, AppArmor or SELinux deny-module-load profiles on the node block the exploit primitive without runtime change.",
|
|
2135
|
+
"was_this_required": false,
|
|
2136
|
+
"framework_requiring_it": null,
|
|
2137
|
+
"adequacy": "Patch is definitive; AppArmor/SELinux deny-module-load is an effective live-patch for unpatched fleets."
|
|
2138
|
+
},
|
|
2139
|
+
"detection": {
|
|
2140
|
+
"what_would_have_worked": "auditd rules on init_module / finit_module syscalls correlated with container PIDs; alert on any module load originating from a containerd/CRI-O managed process namespace.",
|
|
2141
|
+
"was_this_required": false,
|
|
2142
|
+
"framework_requiring_it": null,
|
|
2143
|
+
"adequacy": "High-signal — module loads from container PIDs are essentially never legitimate."
|
|
2144
|
+
},
|
|
2145
|
+
"response": {
|
|
2146
|
+
"what_would_have_worked": "Cordon and drain nodes that loaded an unexpected module; rotate node-bound credentials; treat the node as compromised pending forensic review.",
|
|
2147
|
+
"was_this_required": false,
|
|
2148
|
+
"framework_requiring_it": null,
|
|
2149
|
+
"adequacy": "Effective post-exploitation; relies on the detection above firing in time."
|
|
2150
|
+
}
|
|
2151
|
+
},
|
|
2152
|
+
"framework_coverage": {
|
|
2153
|
+
"NIST-800-53-CM-7": {
|
|
2154
|
+
"covered": true,
|
|
2155
|
+
"adequate": false,
|
|
2156
|
+
"gap": "Least-functionality control presumes node-level kernel-module policy is authoritative; cluster runtimes that broker module loads invert the trust direction without framework guidance to revoke that broker capability."
|
|
2157
|
+
},
|
|
2158
|
+
"CIS-Kubernetes-Benchmark-4.2.13": {
|
|
2159
|
+
"covered": true,
|
|
2160
|
+
"adequate": false,
|
|
2161
|
+
"gap": "AppArmor profile guidance is generic and does not specifically require deny-module-load."
|
|
2162
|
+
},
|
|
2163
|
+
"NIS2-Art21-supply-chain": {
|
|
2164
|
+
"covered": true,
|
|
2165
|
+
"adequate": false,
|
|
2166
|
+
"gap": "Container-runtime supply chain not differentiated from application-runtime supply chain."
|
|
2167
|
+
}
|
|
2168
|
+
},
|
|
2169
|
+
"new_control_requirements": [],
|
|
2170
|
+
"compliance_exposure_score": {
|
|
2171
|
+
"percent_audit_passing_orgs_still_exposed": 55,
|
|
2172
|
+
"basis": "AppArmor/SELinux deny-module-load is rarely enforced on container hosts; CIS-K8s benchmark passes without it. Patch cadence on Kubernetes node runtimes typically lags behind application patches.",
|
|
2173
|
+
"theater_pattern": "least_functionality"
|
|
2174
|
+
},
|
|
2175
|
+
"ai_discovered_zeroday": false,
|
|
2176
|
+
"ai_discovery_source": "human_researcher",
|
|
2177
|
+
"ai_assist_factor": "low"
|
|
2178
|
+
},
|
|
2179
|
+
"CVE-2023-43472": {
|
|
2180
|
+
"name": "MLflow path-traversal arbitrary file read",
|
|
2181
|
+
"lesson_date": "2026-05-17",
|
|
2182
|
+
"attack_vector": {
|
|
2183
|
+
"description": "MLflow tracking-server artifact endpoint resolves user-controlled paths under the artifact root without normalization. An unauthenticated HTTP request with ../ traversal reads arbitrary files from the host filesystem.",
|
|
2184
|
+
"privileges_required": "none (unauth network reachability to MLflow tracking server)",
|
|
2185
|
+
"complexity": "low",
|
|
2186
|
+
"ai_factor": "Not AI-discovered — disclosed via the Protect AI Huntr bug-bounty program by a named human researcher (Joseph Beeton, Contrast Security)."
|
|
2187
|
+
},
|
|
2188
|
+
"defense_chain": {
|
|
2189
|
+
"prevention": {
|
|
2190
|
+
"what_would_have_worked": "Upgrade to MLflow 2.9.0+. Network-isolate tracking servers from untrusted networks until patched; MLflow shipped historically with no auth and operators routinely expose it on internal networks treating it as trusted.",
|
|
2191
|
+
"was_this_required": false,
|
|
2192
|
+
"framework_requiring_it": null,
|
|
2193
|
+
"adequacy": "Patch is the only definitive fix; network isolation is a viable compensating control."
|
|
2194
|
+
},
|
|
2195
|
+
"detection": {
|
|
2196
|
+
"what_would_have_worked": "WAF or reverse-proxy log review for ../ patterns in tracking-server artifact-fetch URLs; HTTP access-log alerts on traversal sequences.",
|
|
2197
|
+
"was_this_required": false,
|
|
2198
|
+
"framework_requiring_it": null,
|
|
2199
|
+
"adequacy": "Effective when an HTTP front-proxy is in place. Many MLflow deployments expose the Flask server directly with no front-proxy logging."
|
|
2200
|
+
},
|
|
2201
|
+
"response": {
|
|
2202
|
+
"what_would_have_worked": "Rotate any credentials, tokens or model-artifact contents the tracking server filesystem could have leaked; audit the MLflow artifact root for sensitive sibling files (.env, ~/.aws/credentials).",
|
|
2203
|
+
"was_this_required": false,
|
|
2204
|
+
"framework_requiring_it": null,
|
|
2205
|
+
"adequacy": "Reduces blast radius post-exploitation; necessary because MLflow processes typically run with broad filesystem read access."
|
|
2206
|
+
}
|
|
2207
|
+
},
|
|
2208
|
+
"framework_coverage": {
|
|
2209
|
+
"NIST-AI-RMF-MEASURE-2.7": {
|
|
2210
|
+
"covered": true,
|
|
2211
|
+
"adequate": false,
|
|
2212
|
+
"gap": "ML-pipeline asset confidentiality is referenced but no specific control on tracking-server path normalization or web-surface review."
|
|
2213
|
+
},
|
|
2214
|
+
"OWASP-ML-Top-10-2023-ML06": {
|
|
2215
|
+
"covered": true,
|
|
2216
|
+
"adequate": false,
|
|
2217
|
+
"gap": "Insufficient supply-chain controls in ML — MLflow tracking servers routinely expose model + experiment IO without auth."
|
|
2218
|
+
},
|
|
2219
|
+
"ISO-27001-2022-A.8.28": {
|
|
2220
|
+
"covered": true,
|
|
2221
|
+
"adequate": false,
|
|
2222
|
+
"gap": "Secure coding control does not anchor on ML-runtime web-surface review; ML platforms are treated as out-of-scope of conventional secure-coding programs."
|
|
2223
|
+
}
|
|
2224
|
+
},
|
|
2225
|
+
"new_control_requirements": [],
|
|
2226
|
+
"compliance_exposure_score": {
|
|
2227
|
+
"percent_audit_passing_orgs_still_exposed": 70,
|
|
2228
|
+
"basis": "MLflow tracking servers are widely deployed without auth and without front-proxy logging; ML platforms typically fall outside the AppSec team's secure-coding-review remit.",
|
|
2229
|
+
"theater_pattern": "secure_coding"
|
|
2230
|
+
},
|
|
2231
|
+
"ai_discovered_zeroday": false,
|
|
2232
|
+
"ai_discovery_source": "human_researcher",
|
|
2233
|
+
"ai_assist_factor": "low"
|
|
2234
|
+
},
|
|
2235
|
+
"CVE-2020-10148": {
|
|
2236
|
+
"name": "SolarWinds Orion API authentication bypass (SUNBURST chain component)",
|
|
2237
|
+
"lesson_date": "2026-05-17",
|
|
2238
|
+
"attack_vector": {
|
|
2239
|
+
"description": "URI pattern matching against SkipI18nStrings inside Orion's HTTP routing triggers an authentication bypass — an unauthenticated request that matches the pattern reaches API write endpoints. Used by SUNBURST operators to exercise API write access against compromised Orion installations.",
|
|
2240
|
+
"privileges_required": "none (unauth network reachability to Orion)",
|
|
2241
|
+
"complexity": "low",
|
|
2242
|
+
"ai_factor": "Not AI-discovered — pre-AI-tooling era; surfaced during the SUNBURST incident-response investigation by Mandiant/FireEye and SolarWinds engineering."
|
|
2243
|
+
},
|
|
2244
|
+
"defense_chain": {
|
|
2245
|
+
"prevention": {
|
|
2246
|
+
"what_would_have_worked": "Upgrade to Orion 2020.2.1 HF2+ and apply the documented WAF rule blocking the SkipI18nStrings URI pattern. Network-restrict Orion management surface to operator subnets.",
|
|
2247
|
+
"was_this_required": false,
|
|
2248
|
+
"framework_requiring_it": null,
|
|
2249
|
+
"adequacy": "Patch + WAF rule together close the bypass; network restriction shrinks the unauth-reachable surface."
|
|
2250
|
+
},
|
|
2251
|
+
"detection": {
|
|
2252
|
+
"what_would_have_worked": "Web-server log alerts on requests matching the SkipI18nStrings pattern from non-operator source addresses; outbound DNS / connection-pattern detection for SUNBURST C2 (the chain consumer).",
|
|
2253
|
+
"was_this_required": false,
|
|
2254
|
+
"framework_requiring_it": null,
|
|
2255
|
+
"adequacy": "URI-pattern detection is high-signal post-disclosure; SUNBURST C2 detection was added to commercial EDR within weeks of the 2020-12 disclosure."
|
|
2256
|
+
},
|
|
2257
|
+
"response": {
|
|
2258
|
+
"what_would_have_worked": "Treat any Orion installation prior to HF2 as potentially compromised; isolate, snapshot, rotate every credential the SolarWinds service account could touch (it usually had broad domain access), rebuild from known-good media.",
|
|
2259
|
+
"was_this_required": true,
|
|
2260
|
+
"framework_requiring_it": "CISA ED 21-01",
|
|
2261
|
+
"adequacy": "CISA Emergency Directive 21-01 mandated the response posture for US federal civilian agencies; private-sector equivalents (incident-response playbooks) varied widely."
|
|
2262
|
+
}
|
|
2263
|
+
},
|
|
2264
|
+
"framework_coverage": {
|
|
2265
|
+
"NIST-800-53-IA-2": {
|
|
2266
|
+
"covered": true,
|
|
2267
|
+
"adequate": false,
|
|
2268
|
+
"gap": "Identification-and-Authentication control trusted the application's URI-matching layer; framework does not address pattern-bypass classes in vendor-supplied management software."
|
|
2269
|
+
},
|
|
2270
|
+
"ISO-27001-2022-A.5.15": {
|
|
2271
|
+
"covered": true,
|
|
2272
|
+
"adequate": false,
|
|
2273
|
+
"gap": "Access control reviewed at organizational level; URI-pattern auth bypass is a code-level failure under app-vendor responsibility that the organizational control cannot detect."
|
|
2274
|
+
},
|
|
2275
|
+
"NIST-800-53-SA-12": {
|
|
2276
|
+
"covered": true,
|
|
2277
|
+
"adequate": false,
|
|
2278
|
+
"gap": "Supply-chain protection control predates the SolarWinds incident; pre-2020 supply-chain controls did not contemplate a trusted vendor as the breach vector."
|
|
2279
|
+
}
|
|
2280
|
+
},
|
|
2281
|
+
"new_control_requirements": [],
|
|
2282
|
+
"compliance_exposure_score": {
|
|
2283
|
+
"percent_audit_passing_orgs_still_exposed": 40,
|
|
2284
|
+
"basis": "Direct exposure to this specific CVE is low five years post-disclosure (Orion installations are largely patched), but the lessons-class — trusted-vendor-as-pivot — remains under-addressed by most supply-chain controls.",
|
|
2285
|
+
"theater_pattern": "vendor_trust"
|
|
2286
|
+
},
|
|
2287
|
+
"ai_discovered_zeroday": false,
|
|
2288
|
+
"ai_discovery_source": "human_researcher",
|
|
2289
|
+
"ai_assist_factor": "low"
|
|
2290
|
+
},
|
|
2291
|
+
"CVE-2023-3519": {
|
|
2292
|
+
"name": "Citrix NetScaler ADC/Gateway unauth RCE (CitrixBleed precursor)",
|
|
2293
|
+
"lesson_date": "2026-05-17",
|
|
2294
|
+
"attack_vector": {
|
|
2295
|
+
"description": "Pre-auth stack buffer overflow in the NetScaler SAML processing path. An unauthenticated HTTP POST to /gwtest/formssso reaches the vulnerable nsppe parser; CISA AA23-201A documented in-wild exploitation by Chinese state-sponsored actors against US critical-infrastructure organizations within weeks of disclosure.",
|
|
2296
|
+
"privileges_required": "none (unauth network reachability to NetScaler appliance)",
|
|
2297
|
+
"complexity": "low",
|
|
2298
|
+
"ai_factor": "Not AI-discovered — independent security researchers via Citrix coordinated disclosure (CTX561482, 2023-07-18)."
|
|
2299
|
+
},
|
|
2300
|
+
"defense_chain": {
|
|
2301
|
+
"prevention": {
|
|
2302
|
+
"what_would_have_worked": "Upgrade to NetScaler 13.1-49.13 / 13.0-91.13 / 12.1-66.13. Treat any pre-patch appliance reachable from the public internet as already compromised once exploitation went public.",
|
|
2303
|
+
"was_this_required": true,
|
|
2304
|
+
"framework_requiring_it": "CISA BOD 22-01 (KEV remediation)",
|
|
2305
|
+
"adequacy": "Patch is definitive but many operators missed the CISA KEV 21-day deadline; the same population was breached again two months later via the CitrixBleed (CVE-2023-4966) session-token vulnerability."
|
|
2306
|
+
},
|
|
2307
|
+
"detection": {
|
|
2308
|
+
"what_would_have_worked": "Mandiant + CISA published IoCs including web-shell paths under /var/vpn/themes/imgs/ and unexpected nsppe core dumps. Webserver log alerts on POST to /gwtest/formssso from non-operator source addresses.",
|
|
2309
|
+
"was_this_required": false,
|
|
2310
|
+
"framework_requiring_it": null,
|
|
2311
|
+
"adequacy": "Post-exploitation IoC matching detected breached organizations weeks after compromise — many were already at session-token-theft + lateral-movement stage."
|
|
2312
|
+
},
|
|
2313
|
+
"response": {
|
|
2314
|
+
"what_would_have_worked": "Rebuild appliance from known-good firmware; rotate all credentials, AD machine-account passwords, and SAML signing keys the appliance held; assume web-shell persistence until forensic review confirms otherwise.",
|
|
2315
|
+
"was_this_required": true,
|
|
2316
|
+
"framework_requiring_it": "CISA AA23-201A",
|
|
2317
|
+
"adequacy": "CISA-recommended response posture; full credential rotation is operationally expensive and was inconsistently applied across the affected population."
|
|
2318
|
+
}
|
|
2319
|
+
},
|
|
2320
|
+
"framework_coverage": {
|
|
2321
|
+
"NIST-800-53-SI-2": {
|
|
2322
|
+
"covered": true,
|
|
2323
|
+
"adequate": false,
|
|
2324
|
+
"gap": "30-day patch SLA is insufficient for unauth RCE on public-facing appliances. CISA BOD 22-01 KEV deadlines (21 days) override but apply only to US federal civilian agencies."
|
|
2325
|
+
},
|
|
2326
|
+
"PCI-DSS-4.0-6.3.3": {
|
|
2327
|
+
"covered": true,
|
|
2328
|
+
"adequate": false,
|
|
2329
|
+
"gap": "1-month critical-patch window is a permission slip; mass exploitation began within 14 days of public PoC."
|
|
2330
|
+
},
|
|
2331
|
+
"NIS2-Art21-vulnerability-management": {
|
|
2332
|
+
"covered": true,
|
|
2333
|
+
"adequate": false,
|
|
2334
|
+
"gap": "EU NIS2 generic vulnerability-management requirement without unauth-RCE-specific SLA."
|
|
2335
|
+
}
|
|
2336
|
+
},
|
|
2337
|
+
"new_control_requirements": [],
|
|
2338
|
+
"compliance_exposure_score": {
|
|
2339
|
+
"percent_audit_passing_orgs_still_exposed": 60,
|
|
2340
|
+
"basis": "PCI-DSS / NIS2 / SI-2 patch SLAs are wider than the actual exploitation window. Many organizations passing those audits remained exposed during the active mass-exploitation phase.",
|
|
2341
|
+
"theater_pattern": "patch_management"
|
|
2342
|
+
},
|
|
2343
|
+
"ai_discovered_zeroday": false,
|
|
2344
|
+
"ai_discovery_source": "human_researcher",
|
|
2345
|
+
"ai_assist_factor": "low"
|
|
2346
|
+
},
|
|
2347
|
+
"CVE-2024-1709": {
|
|
2348
|
+
"name": "ConnectWise ScreenConnect auth-bypass",
|
|
2349
|
+
"lesson_date": "2026-05-17",
|
|
2350
|
+
"attack_vector": {
|
|
2351
|
+
"description": "Path-traversal in the auth filter — appending /SetupWizard.aspx/anything to a request URL bypasses authentication and reaches the admin setup endpoint. Attacker creates a new admin account via the setup endpoint and gains full ScreenConnect control, including the ability to push remote-control payloads to every endpoint the affected MSP manages.",
|
|
2352
|
+
"privileges_required": "none (unauth network reachability to ScreenConnect web surface)",
|
|
2353
|
+
"complexity": "low — single-request exploitation, no preconditions",
|
|
2354
|
+
"ai_factor": "Not AI-discovered — vendor-internal discovery; externally observed via Huntress and GreyNoise telemetry within 24 hours of the 2024-02 Patch Tuesday."
|
|
2355
|
+
},
|
|
2356
|
+
"defense_chain": {
|
|
2357
|
+
"prevention": {
|
|
2358
|
+
"what_would_have_worked": "Upgrade to ScreenConnect 23.9.8+. Pre-patch, take the ScreenConnect web surface offline or front it with a WAF blocking the /SetupWizard.aspx/* pattern from unauthenticated sources.",
|
|
2359
|
+
"was_this_required": true,
|
|
2360
|
+
"framework_requiring_it": "CISA BOD 22-01 (KEV remediation — added 2024-02-22 with 24h deadline)",
|
|
2361
|
+
"adequacy": "Patch is definitive; CISA's compressed deadline reflected the live mass-exploitation observed within hours of disclosure."
|
|
2362
|
+
},
|
|
2363
|
+
"detection": {
|
|
2364
|
+
"what_would_have_worked": "Webserver log alerts on /SetupWizard.aspx/* URI patterns; admin-user-creation audit alerts on any new privileged account; outbound connection alerts on managed endpoints to non-operator C2 destinations.",
|
|
2365
|
+
"was_this_required": false,
|
|
2366
|
+
"framework_requiring_it": null,
|
|
2367
|
+
"adequacy": "High-signal — the URI pattern is essentially never legitimate post-installation. Most affected MSPs had no log review at this layer."
|
|
2368
|
+
},
|
|
2369
|
+
"response": {
|
|
2370
|
+
"what_would_have_worked": "Treat the ScreenConnect server and every managed endpoint as compromised pending forensic review; rotate every managed-endpoint credential; rebuild ScreenConnect from a known-good install rather than patching in place.",
|
|
2371
|
+
"was_this_required": false,
|
|
2372
|
+
"framework_requiring_it": null,
|
|
2373
|
+
"adequacy": "Operationally expensive — many MSPs patched in place without forensic review, leaving residual attacker persistence on managed endpoints."
|
|
2374
|
+
}
|
|
2375
|
+
},
|
|
2376
|
+
"framework_coverage": {
|
|
2377
|
+
"NIST-800-53-AC-3": {
|
|
2378
|
+
"covered": true,
|
|
2379
|
+
"adequate": false,
|
|
2380
|
+
"gap": "Access enforcement assumed at the application layer; bypass occurred at the routing layer before AC-3 had any opportunity to evaluate."
|
|
2381
|
+
},
|
|
2382
|
+
"NIST-800-53-IA-2": {
|
|
2383
|
+
"covered": true,
|
|
2384
|
+
"adequate": false,
|
|
2385
|
+
"gap": "MFA on admin accounts would not have prevented the breach — the bypass creates a new admin account that satisfies whatever MFA policy applies to fresh enrolment."
|
|
2386
|
+
},
|
|
2387
|
+
"CIS-Controls-v8-Control6": {
|
|
2388
|
+
"covered": true,
|
|
2389
|
+
"adequate": false,
|
|
2390
|
+
"gap": "Access-control management does not require setup-endpoint hardening on production deployments; the ScreenConnect setup wizard was reachable post-install by design."
|
|
2391
|
+
}
|
|
2392
|
+
},
|
|
2393
|
+
"new_control_requirements": [],
|
|
2394
|
+
"compliance_exposure_score": {
|
|
2395
|
+
"percent_audit_passing_orgs_still_exposed": 75,
|
|
2396
|
+
"basis": "MSP fleets passing SOC 2 / ISO 27001 audits routinely deploy remote-management tooling with default routing exposed; setup-endpoint hardening is not a benchmark requirement.",
|
|
2397
|
+
"theater_pattern": "access_control"
|
|
2398
|
+
},
|
|
2399
|
+
"ai_discovered_zeroday": false,
|
|
2400
|
+
"ai_discovery_source": "human_researcher",
|
|
2401
|
+
"ai_assist_factor": "low"
|
|
2402
|
+
},
|
|
2403
|
+
"CVE-2026-20182": {
|
|
2404
|
+
"name": "Cisco SD-WAN authentication bypass to admin",
|
|
2405
|
+
"lesson_date": "2026-05-17",
|
|
2406
|
+
"attack_vector": {
|
|
2407
|
+
"description": "Authentication bypass in the Cisco SD-WAN controller management plane (vManage / vEdge). An unauthenticated attacker reaches admin-equivalent state on the controller, giving control over the SD-WAN fabric's policy plane.",
|
|
2408
|
+
"privileges_required": "none (unauth network reachability to SD-WAN controller management surface)",
|
|
2409
|
+
"complexity": "low",
|
|
2410
|
+
"ai_factor": "Not AI-discovered — discovered by Rapid7 researchers Stephen Fewer and Jonah Burgess while researching the related CVE-2026-20127 vdaemon authentication-bypass."
|
|
2411
|
+
},
|
|
2412
|
+
"defense_chain": {
|
|
2413
|
+
"prevention": {
|
|
2414
|
+
"what_would_have_worked": "Apply the Cisco per-train fixed build per cisco-sa-sdwan-authbypass; network-restrict the SD-WAN controller management surface to operator subnets only — controllers should never be reachable from the data plane the fabric carries.",
|
|
2415
|
+
"was_this_required": true,
|
|
2416
|
+
"framework_requiring_it": "CISA BOD 22-01 (KEV remediation — KEV-added 2026-05-14)",
|
|
2417
|
+
"adequacy": "Patch requires controller reboot; network restriction is the appropriate compensating control during the maintenance window."
|
|
2418
|
+
},
|
|
2419
|
+
"detection": {
|
|
2420
|
+
"what_would_have_worked": "Authentication-attempt logs from the controller plane; alerts on any successful admin authentication from non-operator source addresses; configuration-change audit on SD-WAN policy.",
|
|
2421
|
+
"was_this_required": false,
|
|
2422
|
+
"framework_requiring_it": null,
|
|
2423
|
+
"adequacy": "Effective once enabled; SD-WAN controller log forwarding to SIEM is inconsistently configured across operators."
|
|
2424
|
+
},
|
|
2425
|
+
"response": {
|
|
2426
|
+
"what_would_have_worked": "Treat fabric policy as potentially altered; review all policy changes against a known-good baseline; rotate controller-plane credentials and certificates; force re-onboarding of any edge device whose trust anchors the controller could have rewritten.",
|
|
2427
|
+
"was_this_required": false,
|
|
2428
|
+
"framework_requiring_it": null,
|
|
2429
|
+
"adequacy": "Operationally expensive; necessary if the detection above did not have full coverage of the exposure window."
|
|
2430
|
+
}
|
|
2431
|
+
},
|
|
2432
|
+
"framework_coverage": {
|
|
2433
|
+
"NIST-800-53-IA-2": {
|
|
2434
|
+
"covered": true,
|
|
2435
|
+
"adequate": false,
|
|
2436
|
+
"gap": "Network-fabric controller authentication depended on the bypassed surface; IA-2 was satisfied on paper while the implementation was bypassable."
|
|
2437
|
+
},
|
|
2438
|
+
"NIS2-Art21-network-security": {
|
|
2439
|
+
"covered": true,
|
|
2440
|
+
"adequate": false,
|
|
2441
|
+
"gap": "EU NIS2 critical-infrastructure rules treat SD-WAN controllers as essential service infrastructure but lack a CISA-KEV-style compressed remediation SLA."
|
|
2442
|
+
},
|
|
2443
|
+
"DORA-Art-9": {
|
|
2444
|
+
"covered": true,
|
|
2445
|
+
"adequate": false,
|
|
2446
|
+
"gap": "ICT third-party risk — SD-WAN vendor risk concentrated in a single advisory cadence; DORA does not require dual-vendor fabric topology."
|
|
2447
|
+
}
|
|
2448
|
+
},
|
|
2449
|
+
"new_control_requirements": [],
|
|
2450
|
+
"compliance_exposure_score": {
|
|
2451
|
+
"percent_audit_passing_orgs_still_exposed": 65,
|
|
2452
|
+
"basis": "SD-WAN controller management surfaces are frequently reachable beyond operator subnets in real-world deployments; NIS2 / DORA controls do not enforce management-plane isolation as a specific requirement.",
|
|
2453
|
+
"theater_pattern": "patch_management"
|
|
2454
|
+
},
|
|
2455
|
+
"ai_discovered_zeroday": false,
|
|
2456
|
+
"ai_discovery_source": "human_researcher",
|
|
2457
|
+
"ai_assist_factor": "low"
|
|
2458
|
+
},
|
|
2459
|
+
"CVE-2024-40635": {
|
|
2460
|
+
"name": "containerd integer overflow IP mask leak",
|
|
2461
|
+
"lesson_date": "2026-05-17",
|
|
2462
|
+
"attack_vector": {
|
|
2463
|
+
"description": "Integer overflow in the containerd CNI IP-allocation path. A crafted CIDR specification overflows the uint32 mask conversion, causing the container to receive a spurious mask that allows traffic to leak across network namespaces.",
|
|
2464
|
+
"privileges_required": "ability to influence a container's CNI configuration (typically requires pod-create RBAC or compromise of an in-cluster component that provisions pods)",
|
|
2465
|
+
"complexity": "moderate",
|
|
2466
|
+
"ai_factor": "Not AI-discovered — reported via the containerd security team and Snyk Labs; conventional integer-overflow class."
|
|
2467
|
+
},
|
|
2468
|
+
"defense_chain": {
|
|
2469
|
+
"prevention": {
|
|
2470
|
+
"what_would_have_worked": "Upgrade to containerd 1.6.34+ or 1.7.21+. Restrict who can create pods with custom CNI configuration via Kubernetes admission policy.",
|
|
2471
|
+
"was_this_required": false,
|
|
2472
|
+
"framework_requiring_it": null,
|
|
2473
|
+
"adequacy": "Patch is definitive; admission policy reduces the exposed attack surface in the interim."
|
|
2474
|
+
},
|
|
2475
|
+
"detection": {
|
|
2476
|
+
"what_would_have_worked": "Network-policy violation alerts on cross-namespace traffic; periodic audit of running pods' actual IP/mask versus their declared CNI configuration.",
|
|
2477
|
+
"was_this_required": false,
|
|
2478
|
+
"framework_requiring_it": null,
|
|
2479
|
+
"adequacy": "Cross-namespace leakage is detectable when egress between namespaces is otherwise denied by NetworkPolicy."
|
|
2480
|
+
},
|
|
2481
|
+
"response": {
|
|
2482
|
+
"what_would_have_worked": "Roll affected pods; assume any data the affected container could reach via the spurious mask was potentially exfiltrated to the wrong network namespace.",
|
|
2483
|
+
"was_this_required": false,
|
|
2484
|
+
"framework_requiring_it": null,
|
|
2485
|
+
"adequacy": "Routine for clusters with strong network segmentation; rare in clusters that rely on namespace isolation as the only boundary."
|
|
2486
|
+
}
|
|
2487
|
+
},
|
|
2488
|
+
"framework_coverage": {
|
|
2489
|
+
"NIST-800-53-SC-7": {
|
|
2490
|
+
"covered": true,
|
|
2491
|
+
"adequate": false,
|
|
2492
|
+
"gap": "Boundary protection presumes network-namespace integrity; integer overflow in IPAM defeats it at a layer the boundary-protection control cannot observe."
|
|
2493
|
+
},
|
|
2494
|
+
"CIS-Kubernetes-Benchmark-5.3": {
|
|
2495
|
+
"covered": true,
|
|
2496
|
+
"adequate": false,
|
|
2497
|
+
"gap": "Network policies don't address container-runtime IPAM correctness — NetworkPolicy assumes the IPAM layer is trusted."
|
|
2498
|
+
},
|
|
2499
|
+
"ISO-27001-2022-A.8.20": {
|
|
2500
|
+
"covered": true,
|
|
2501
|
+
"adequate": false,
|
|
2502
|
+
"gap": "Networks security control covers segmentation policy at organizational level but does not extend to container-runtime IPAM verification."
|
|
2503
|
+
}
|
|
2504
|
+
},
|
|
2505
|
+
"new_control_requirements": [],
|
|
2506
|
+
"compliance_exposure_score": {
|
|
2507
|
+
"percent_audit_passing_orgs_still_exposed": 50,
|
|
2508
|
+
"basis": "Most clusters do not pair NetworkPolicy with IPAM-correctness audit. CIS-K8s benchmark passes without it.",
|
|
2509
|
+
"theater_pattern": "network_segmentation"
|
|
2510
|
+
},
|
|
2511
|
+
"ai_discovered_zeroday": false,
|
|
2512
|
+
"ai_discovery_source": "human_researcher",
|
|
2513
|
+
"ai_assist_factor": "low"
|
|
2514
|
+
},
|
|
2515
|
+
"CVE-2026-30623": {
|
|
2516
|
+
"name": "Anthropic MCP SDK stdio command-injection",
|
|
2517
|
+
"lesson_date": "2026-05-17",
|
|
2518
|
+
"attack_vector": {
|
|
2519
|
+
"description": "Operator-supplied MCP server-spawn command string reaches subprocess exec without argv-array discipline. A maliciously-crafted MCP server config (delivered via supply-chain, social engineering, or a co-tenant tool) causes arbitrary command execution in the MCP client process context.",
|
|
2520
|
+
"privileges_required": "ability to influence the MCP server configuration the client loads",
|
|
2521
|
+
"complexity": "low",
|
|
2522
|
+
"ai_factor": "Not AI-discovered — disclosed by OX Security researchers Moshe Siman Tov Bustan, Mustafa Naamnih, and Nir Zadok as part of an April 2026 four-exploitation-family MCP advisory. Notable that the target is an AI SDK but the discovery methodology was conventional code review."
|
|
2523
|
+
},
|
|
2524
|
+
"defense_chain": {
|
|
2525
|
+
"prevention": {
|
|
2526
|
+
"what_would_have_worked": "Upgrade to the post-April-2026 Anthropic MCP SDK release. Pre-patch, pin MCP server commands to immutable absolute paths in operator-owned config and refuse user-supplied server configs.",
|
|
2527
|
+
"was_this_required": false,
|
|
2528
|
+
"framework_requiring_it": null,
|
|
2529
|
+
"adequacy": "Patch fixes the argv handling; operator-side allowlisting is the appropriate compensating control and matches the broader MCP-trust posture the mcp playbook recommends."
|
|
2530
|
+
},
|
|
2531
|
+
"detection": {
|
|
2532
|
+
"what_would_have_worked": "Process-execution telemetry on the MCP-client host correlating spawned subprocess command lines with the configured allowlist; alert on any subprocess whose argv contains shell-metacharacter sequences from operator-config fields.",
|
|
2533
|
+
"was_this_required": false,
|
|
2534
|
+
"framework_requiring_it": null,
|
|
2535
|
+
"adequacy": "Effective when EDR is deployed on developer endpoints — coverage gap is the largest constraint."
|
|
2536
|
+
},
|
|
2537
|
+
"response": {
|
|
2538
|
+
"what_would_have_worked": "Treat the MCP-client host as potentially compromised; rotate any credentials accessible in that user context (cloud CLI tokens, SSH keys, browser-stored credentials); audit MCP server configurations for unexpected entries.",
|
|
2539
|
+
"was_this_required": false,
|
|
2540
|
+
"framework_requiring_it": null,
|
|
2541
|
+
"adequacy": "Necessary because the MCP client typically runs in developer-laptop context with broad credential access."
|
|
2542
|
+
}
|
|
2543
|
+
},
|
|
2544
|
+
"framework_coverage": {
|
|
2545
|
+
"OWASP-LLM-Top-10-2025-LLM05": {
|
|
2546
|
+
"covered": true,
|
|
2547
|
+
"adequate": false,
|
|
2548
|
+
"gap": "LLM05 addresses improper output handling; this is the symmetric upstream bug — improper INPUT handling on the transport side — which OWASP LLM Top-10 does not call out separately."
|
|
2549
|
+
},
|
|
2550
|
+
"NIST-AI-RMF-MEASURE-2.7": {
|
|
2551
|
+
"covered": true,
|
|
2552
|
+
"adequate": false,
|
|
2553
|
+
"gap": "MCP transport trust boundary not specifically addressed; MEASURE 2.7 treats the AI subsystem as a single trust unit."
|
|
2554
|
+
},
|
|
2555
|
+
"ISO-27001-2022-A.8.28": {
|
|
2556
|
+
"covered": true,
|
|
2557
|
+
"adequate": false,
|
|
2558
|
+
"gap": "Secure coding control assumed in third-party SDKs without tooling to attest."
|
|
2559
|
+
}
|
|
2560
|
+
},
|
|
2561
|
+
"new_control_requirements": [
|
|
2562
|
+
{
|
|
2563
|
+
"id": "NEW-CTRL-053",
|
|
2564
|
+
"name": "MCP-SERVER-CONFIG-ALLOWLIST",
|
|
2565
|
+
"description": "MCP clients must pin server-spawn commands to immutable absolute paths in operator-owned config. User-supplied or per-project MCP server configs must be disallowed by default; any opt-in must go through operator review.",
|
|
2566
|
+
"evidence": "CVE-2026-30623 — operator-config-as-input was treated as platform-trusted by the MCP client and reached subprocess exec without argv-array discipline.",
|
|
2567
|
+
"gap_closes": [
|
|
2568
|
+
"NIST-AI-RMF-MEASURE-2.7",
|
|
2569
|
+
"OWASP-LLM-Top-10-2025-LLM05"
|
|
2570
|
+
]
|
|
2571
|
+
}
|
|
2572
|
+
],
|
|
2573
|
+
"compliance_exposure_score": {
|
|
2574
|
+
"percent_audit_passing_orgs_still_exposed": 85,
|
|
2575
|
+
"basis": "MCP adoption is widespread across developer endpoints; operator-side allowlisting of MCP server commands is rare. Existing AI-governance audits (NIST AI RMF, ISO 42001) do not enforce MCP transport trust posture as a specific requirement.",
|
|
2576
|
+
"theater_pattern": "vendor_management_ai"
|
|
2577
|
+
},
|
|
2578
|
+
"ai_discovered_zeroday": false,
|
|
2579
|
+
"ai_discovery_source": "human_researcher",
|
|
2580
|
+
"ai_assist_factor": "low"
|
|
2581
|
+
},
|
|
2582
|
+
"CVE-2025-12686": {
|
|
2583
|
+
"name": "Synology BeeStation unauth RCE (Pwn2Own Ireland 2025)",
|
|
2584
|
+
"lesson_date": "2026-05-17",
|
|
2585
|
+
"attack_vector": {
|
|
2586
|
+
"description": "Pre-auth RCE chain on the Synology BeeStation Manager web management surface. Demonstrated as a full chain on consumer NAS hardware at Pwn2Own Ireland 2025.",
|
|
2587
|
+
"privileges_required": "none (unauth network reachability to BeeStation web surface)",
|
|
2588
|
+
"complexity": "low (post-disclosure)",
|
|
2589
|
+
"ai_factor": "Not AI-discovered — Synacktiv offensive-security researchers @Tek_7987 and @_Anyfun via attack-surface enumeration and manual code auditing per the published Pwn2Own writeup."
|
|
2590
|
+
},
|
|
2591
|
+
"defense_chain": {
|
|
2592
|
+
"prevention": {
|
|
2593
|
+
"what_would_have_worked": "Upgrade to BeeStation Manager 1.4.0-65374+. Do not expose consumer NAS web management to the public internet; restrict to LAN with VPN access for remote operators.",
|
|
2594
|
+
"was_this_required": false,
|
|
2595
|
+
"framework_requiring_it": null,
|
|
2596
|
+
"adequacy": "Patch is definitive; network restriction is appropriate for consumer-IoT deployments that may delay the patch window."
|
|
2597
|
+
},
|
|
2598
|
+
"detection": {
|
|
2599
|
+
"what_would_have_worked": "Webserver log alerts on the unauth attack patterns published in the Synacktiv writeup; outbound connection alerts from the NAS to non-vendor C2 destinations.",
|
|
2600
|
+
"was_this_required": false,
|
|
2601
|
+
"framework_requiring_it": null,
|
|
2602
|
+
"adequacy": "Consumer-NAS log forwarding is rarely deployed; detection-in-place coverage is low."
|
|
2603
|
+
},
|
|
2604
|
+
"response": {
|
|
2605
|
+
"what_would_have_worked": "Rebuild appliance from known-good firmware; rotate any cloud-sync credentials and recovery codes the appliance held; treat data on the appliance as potentially read by the attacker.",
|
|
2606
|
+
"was_this_required": false,
|
|
2607
|
+
"framework_requiring_it": null,
|
|
2608
|
+
"adequacy": "Operationally expensive for consumer deployments; many operators skip the rebuild step."
|
|
2609
|
+
}
|
|
2610
|
+
},
|
|
2611
|
+
"framework_coverage": {
|
|
2612
|
+
"NIST-800-53-SI-2": {
|
|
2613
|
+
"covered": true,
|
|
2614
|
+
"adequate": false,
|
|
2615
|
+
"gap": "Consumer-NAS patch SLA undefined; the SI-2 baseline targets enterprise systems."
|
|
2616
|
+
},
|
|
2617
|
+
"EU-CRA-Art13": {
|
|
2618
|
+
"covered": true,
|
|
2619
|
+
"adequate": false,
|
|
2620
|
+
"gap": "EU Cyber Resilience Act applies to consumer-IoT in scope but enforcement begins 2027; pre-enforcement compliance is voluntary."
|
|
2621
|
+
},
|
|
2622
|
+
"ISO-27001-2022-A.8.9": {
|
|
2623
|
+
"covered": true,
|
|
2624
|
+
"adequate": false,
|
|
2625
|
+
"gap": "Configuration-management control covers organizational assets; consumer NAS appliances at remote sites are commonly out of scope of the enterprise CMDB."
|
|
2626
|
+
}
|
|
2627
|
+
},
|
|
2628
|
+
"new_control_requirements": [],
|
|
2629
|
+
"compliance_exposure_score": {
|
|
2630
|
+
"percent_audit_passing_orgs_still_exposed": 60,
|
|
2631
|
+
"basis": "Consumer-NAS appliances are pervasive at branch / SMB / remote-worker sites and routinely fall outside enterprise patch and asset-management programs.",
|
|
2632
|
+
"theater_pattern": "patch_management"
|
|
2633
|
+
},
|
|
2634
|
+
"ai_discovered_zeroday": false,
|
|
2635
|
+
"ai_discovery_source": "human_researcher",
|
|
2636
|
+
"ai_assist_factor": "low"
|
|
2637
|
+
},
|
|
2638
|
+
"CVE-2025-62847": {
|
|
2639
|
+
"name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 1/3)",
|
|
2640
|
+
"lesson_date": "2026-05-17",
|
|
2641
|
+
"attack_vector": {
|
|
2642
|
+
"description": "Component 1/3 of the DEVCORE Research Team chain on the QNAP TS-453E appliance at Pwn2Own Ireland 2025. Chained injection + format-string bug demonstrated as part of the three-CVE chain that earned $40,000 + 4 Master of Pwn points.",
|
|
2643
|
+
"privileges_required": "none (unauth network reachability to QTS / QuTS hero web management)",
|
|
2644
|
+
"complexity": "moderate",
|
|
2645
|
+
"ai_factor": "Not AI-discovered — DEVCORE Research Team via ZDI Pwn2Own attribution; conventional offensive-security research methodology."
|
|
2646
|
+
},
|
|
2647
|
+
"defense_chain": {
|
|
2648
|
+
"prevention": {
|
|
2649
|
+
"what_would_have_worked": "Upgrade to QTS 5.2.4.2950+ / QuTS hero h5.2.4.2950+. Pre-patch, do not expose QNAP web management to the public internet; restrict to LAN and require VPN for remote access.",
|
|
2650
|
+
"was_this_required": false,
|
|
2651
|
+
"framework_requiring_it": null,
|
|
2652
|
+
"adequacy": "Patch is definitive but requires a reboot; network restriction is the appropriate compensating control during the maintenance window."
|
|
2653
|
+
},
|
|
2654
|
+
"detection": {
|
|
2655
|
+
"what_would_have_worked": "Webserver log alerts on the published attack indicators; QNAP Malware Remover sweep; outbound connection alerts from the NAS.",
|
|
2656
|
+
"was_this_required": false,
|
|
2657
|
+
"framework_requiring_it": null,
|
|
2658
|
+
"adequacy": "QNAP appliance log forwarding to SIEM is inconsistently deployed; appliance-local Malware Remover is itself a CVE target (see CVE-2025-11837)."
|
|
2659
|
+
},
|
|
2660
|
+
"response": {
|
|
2661
|
+
"what_would_have_worked": "Rebuild appliance from known-good firmware; rotate any credentials and cloud-sync tokens the appliance held; treat appliance data as potentially read.",
|
|
2662
|
+
"was_this_required": false,
|
|
2663
|
+
"framework_requiring_it": null,
|
|
2664
|
+
"adequacy": "Operationally expensive; necessary given the chain's full-RCE outcome."
|
|
2665
|
+
}
|
|
2666
|
+
},
|
|
2667
|
+
"framework_coverage": {
|
|
2668
|
+
"NIST-800-53-SI-2": {
|
|
2669
|
+
"covered": true,
|
|
2670
|
+
"adequate": false,
|
|
2671
|
+
"gap": "NAS-appliance patch SLA undefined; SI-2 baseline targets enterprise systems and does not address appliance reboot windows."
|
|
2672
|
+
},
|
|
2673
|
+
"EU-CRA-Art13": {
|
|
2674
|
+
"covered": true,
|
|
2675
|
+
"adequate": false,
|
|
2676
|
+
"gap": "Consumer-NAS coverage begins 2027 under the CRA enforcement timeline."
|
|
2677
|
+
},
|
|
2678
|
+
"ISO-27001-2022-A.8.9": {
|
|
2679
|
+
"covered": true,
|
|
2680
|
+
"adequate": false,
|
|
2681
|
+
"gap": "Configuration-management control covers organizational assets; SMB / branch NAS appliances are commonly out of CMDB scope."
|
|
2682
|
+
}
|
|
2683
|
+
},
|
|
2684
|
+
"new_control_requirements": [],
|
|
2685
|
+
"compliance_exposure_score": {
|
|
2686
|
+
"percent_audit_passing_orgs_still_exposed": 60,
|
|
2687
|
+
"basis": "QNAP appliances are pervasive at SMB / prosumer scale and fall outside enterprise patch programs.",
|
|
2688
|
+
"theater_pattern": "patch_management"
|
|
2689
|
+
},
|
|
2690
|
+
"ai_discovered_zeroday": false,
|
|
2691
|
+
"ai_discovery_source": "human_researcher",
|
|
2692
|
+
"ai_assist_factor": "low"
|
|
2693
|
+
},
|
|
2694
|
+
"CVE-2025-62848": {
|
|
2695
|
+
"name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 2/3)",
|
|
2696
|
+
"lesson_date": "2026-05-17",
|
|
2697
|
+
"attack_vector": {
|
|
2698
|
+
"description": "Component 2/3 of the DEVCORE Research Team chain on the QNAP TS-453E appliance at Pwn2Own Ireland 2025. Code-injection (CWE-94) chained with CVE-2025-62847 and CVE-2025-62849.",
|
|
2699
|
+
"privileges_required": "none (unauth as part of the chain) — standalone exploitation requires the chain pre-condition",
|
|
2700
|
+
"complexity": "moderate",
|
|
2701
|
+
"ai_factor": "Not AI-discovered — same DEVCORE Research Team attribution as CVE-2025-62847; ZDI live-blog credit."
|
|
2702
|
+
},
|
|
2703
|
+
"defense_chain": {
|
|
2704
|
+
"prevention": {
|
|
2705
|
+
"what_would_have_worked": "Upgrade to QTS 5.2.4.2950+ / QuTS hero h5.2.4.2950+. Same network-restriction posture as CVE-2025-62847.",
|
|
2706
|
+
"was_this_required": false,
|
|
2707
|
+
"framework_requiring_it": null,
|
|
2708
|
+
"adequacy": "Patch is definitive; same maintenance-window considerations as the sibling chain components."
|
|
2709
|
+
},
|
|
2710
|
+
"detection": {
|
|
2711
|
+
"what_would_have_worked": "Same indicator set as CVE-2025-62847; chain components are typically exploited together so any one of the chain's indicators firing implies the full chain has been attempted.",
|
|
2712
|
+
"was_this_required": false,
|
|
2713
|
+
"framework_requiring_it": null,
|
|
2714
|
+
"adequacy": "Same detection-coverage gap as CVE-2025-62847."
|
|
2715
|
+
},
|
|
2716
|
+
"response": {
|
|
2717
|
+
"what_would_have_worked": "Same posture as CVE-2025-62847 — chain components share a single response posture because exploitation typically involves all three.",
|
|
2718
|
+
"was_this_required": false,
|
|
2719
|
+
"framework_requiring_it": null,
|
|
2720
|
+
"adequacy": "Operationally identical to CVE-2025-62847 response."
|
|
2721
|
+
}
|
|
2722
|
+
},
|
|
2723
|
+
"framework_coverage": {
|
|
2724
|
+
"NIST-800-53-SI-2": {
|
|
2725
|
+
"covered": true,
|
|
2726
|
+
"adequate": false,
|
|
2727
|
+
"gap": "NAS-appliance patch SLA undefined; chain-component CVEs share the patch window so partial patching is not a viable mitigation."
|
|
2728
|
+
},
|
|
2729
|
+
"EU-CRA-Art13": {
|
|
2730
|
+
"covered": true,
|
|
2731
|
+
"adequate": false,
|
|
2732
|
+
"gap": "Consumer-NAS coverage begins 2027."
|
|
2733
|
+
},
|
|
2734
|
+
"ISO-27001-2022-A.8.28": {
|
|
2735
|
+
"covered": true,
|
|
2736
|
+
"adequate": false,
|
|
2737
|
+
"gap": "Secure-coding control assumed in vendor firmware; appliance vendors are out-of-band of the operator's secure-coding program."
|
|
2738
|
+
}
|
|
2739
|
+
},
|
|
2740
|
+
"new_control_requirements": [],
|
|
2741
|
+
"compliance_exposure_score": {
|
|
2742
|
+
"percent_audit_passing_orgs_still_exposed": 60,
|
|
2743
|
+
"basis": "Same population and coverage gap as CVE-2025-62847; chain components track together.",
|
|
2744
|
+
"theater_pattern": "patch_management"
|
|
2745
|
+
},
|
|
2746
|
+
"ai_discovered_zeroday": false,
|
|
2747
|
+
"ai_discovery_source": "human_researcher",
|
|
2748
|
+
"ai_assist_factor": "low"
|
|
2749
|
+
},
|
|
2750
|
+
"CVE-2025-62849": {
|
|
2751
|
+
"name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 3/3)",
|
|
2752
|
+
"lesson_date": "2026-05-17",
|
|
2753
|
+
"attack_vector": {
|
|
2754
|
+
"description": "Component 3/3 of the DEVCORE Research Team chain on the QNAP TS-453E appliance at Pwn2Own Ireland 2025 — post-auth elevation (CWE-269, T1068). Used by the chain to convert the unauth RCE foothold from CVE-2025-62847/62848 into appliance-level privileged execution.",
|
|
2755
|
+
"privileges_required": "post-auth (achieved by the chain via CVE-2025-62847 / CVE-2025-62848)",
|
|
2756
|
+
"complexity": "moderate",
|
|
2757
|
+
"ai_factor": "Not AI-discovered — same DEVCORE Research Team attribution as the sibling chain components."
|
|
2758
|
+
},
|
|
2759
|
+
"defense_chain": {
|
|
2760
|
+
"prevention": {
|
|
2761
|
+
"what_would_have_worked": "Upgrade to QTS 5.2.4.2950+ / QuTS hero h5.2.4.2950+. Same network-restriction posture as the chain siblings.",
|
|
2762
|
+
"was_this_required": false,
|
|
2763
|
+
"framework_requiring_it": null,
|
|
2764
|
+
"adequacy": "Patch is definitive; chain components must be patched together to close the full exploitation path."
|
|
2765
|
+
},
|
|
2766
|
+
"detection": {
|
|
2767
|
+
"what_would_have_worked": "Privilege-elevation event telemetry on the appliance (if available via the QTS audit log); outbound C2 detection downstream of the elevation.",
|
|
2768
|
+
"was_this_required": false,
|
|
2769
|
+
"framework_requiring_it": null,
|
|
2770
|
+
"adequacy": "QTS audit-log forwarding is inconsistently configured."
|
|
2771
|
+
},
|
|
2772
|
+
"response": {
|
|
2773
|
+
"what_would_have_worked": "Same posture as CVE-2025-62847 — chain treated as a single incident scope.",
|
|
2774
|
+
"was_this_required": false,
|
|
2775
|
+
"framework_requiring_it": null,
|
|
2776
|
+
"adequacy": "Identical to the sibling chain components."
|
|
2777
|
+
}
|
|
2778
|
+
},
|
|
2779
|
+
"framework_coverage": {
|
|
2780
|
+
"NIST-800-53-AC-6": {
|
|
2781
|
+
"covered": true,
|
|
2782
|
+
"adequate": false,
|
|
2783
|
+
"gap": "Least-privilege control assumes the privilege boundary is enforced; CWE-269 exploits the boundary directly inside the appliance firmware."
|
|
2784
|
+
},
|
|
2785
|
+
"NIST-800-53-SI-2": {
|
|
2786
|
+
"covered": true,
|
|
2787
|
+
"adequate": false,
|
|
2788
|
+
"gap": "Same patch-SLA gap as the chain siblings."
|
|
2789
|
+
},
|
|
2790
|
+
"EU-CRA-Art13": {
|
|
2791
|
+
"covered": true,
|
|
2792
|
+
"adequate": false,
|
|
2793
|
+
"gap": "Consumer-NAS coverage begins 2027."
|
|
2794
|
+
}
|
|
2795
|
+
},
|
|
2796
|
+
"new_control_requirements": [],
|
|
2797
|
+
"compliance_exposure_score": {
|
|
2798
|
+
"percent_audit_passing_orgs_still_exposed": 60,
|
|
2799
|
+
"basis": "Same population as the chain siblings.",
|
|
2800
|
+
"theater_pattern": "least_privilege"
|
|
2801
|
+
},
|
|
2802
|
+
"ai_discovered_zeroday": false,
|
|
2803
|
+
"ai_discovery_source": "human_researcher",
|
|
2804
|
+
"ai_assist_factor": "low"
|
|
2805
|
+
},
|
|
2806
|
+
"CVE-2025-59389": {
|
|
2807
|
+
"name": "QNAP Hyper Data Protector critical RCE (Pwn2Own Ireland 2025)",
|
|
2808
|
+
"lesson_date": "2026-05-17",
|
|
2809
|
+
"attack_vector": {
|
|
2810
|
+
"description": "Pre-auth RCE on QNAP Hyper Data Protector backup-orchestration appliance. Summoning Team researcher Sina Kheirkhah chained a hardcoded-credential issue with an injection flaw to achieve unauth RCE on the backup tier — turning the operator's recovery path into an attacker pivot.",
|
|
2811
|
+
"privileges_required": "none (unauth network reachability to Hyper Data Protector management surface)",
|
|
2812
|
+
"complexity": "low",
|
|
2813
|
+
"ai_factor": "Not AI-discovered — Summoning Team via ZDI Pwn2Own credit; conventional offensive-security research."
|
|
2814
|
+
},
|
|
2815
|
+
"defense_chain": {
|
|
2816
|
+
"prevention": {
|
|
2817
|
+
"what_would_have_worked": "Upgrade to Hyper Data Protector 2.1.4.0420+. Network-restrict backup-appliance management to backup-operator subnets only; backup appliances should never be reachable from the data-plane networks they protect.",
|
|
2818
|
+
"was_this_required": false,
|
|
2819
|
+
"framework_requiring_it": null,
|
|
2820
|
+
"adequacy": "Patch is definitive; backup-tier network isolation is the appropriate compensating control and a long-standing backup-security best practice."
|
|
2821
|
+
},
|
|
2822
|
+
"detection": {
|
|
2823
|
+
"what_would_have_worked": "Webserver log alerts on the unauth attack indicators; backup-job audit-log review for unauthorized job-creation or destination changes.",
|
|
2824
|
+
"was_this_required": false,
|
|
2825
|
+
"framework_requiring_it": null,
|
|
2826
|
+
"adequacy": "Backup audit-log review is rare in practice; jobs that move backup data to attacker-controlled destinations often go undetected until recovery is attempted."
|
|
2827
|
+
},
|
|
2828
|
+
"response": {
|
|
2829
|
+
"what_would_have_worked": "Treat backup appliance and all backup data it touched as potentially compromised; rebuild appliance; validate backup integrity from offline / immutable copies; rotate any production credentials the backup agent could have read from protected systems.",
|
|
2830
|
+
"was_this_required": false,
|
|
2831
|
+
"framework_requiring_it": null,
|
|
2832
|
+
"adequacy": "Critical — a compromised backup appliance inverts the recovery assumption; ransomware operators routinely target backup tiers first to deny recovery."
|
|
2833
|
+
}
|
|
2834
|
+
},
|
|
2835
|
+
"framework_coverage": {
|
|
2836
|
+
"NIST-800-53-SI-2": {
|
|
2837
|
+
"covered": true,
|
|
2838
|
+
"adequate": false,
|
|
2839
|
+
"gap": "Backup-appliance patch SLA undefined; backup-tier compromise is a recovery-control failure that SI-2 doesn't differentiate from other systems."
|
|
2840
|
+
},
|
|
2841
|
+
"ISO-27001-2022-A.8.13": {
|
|
2842
|
+
"covered": true,
|
|
2843
|
+
"adequate": false,
|
|
2844
|
+
"gap": "Backup integrity assumed — a vulnerable backup appliance becomes the attacker's pivot rather than the operator's recovery path. A.8.13 doesn't require backup-tier isolation."
|
|
2845
|
+
},
|
|
2846
|
+
"NIS2-Art21-business-continuity": {
|
|
2847
|
+
"covered": true,
|
|
2848
|
+
"adequate": false,
|
|
2849
|
+
"gap": "Backup-side resilience presumed; backup appliance compromise inverts recovery assumptions."
|
|
2850
|
+
}
|
|
2851
|
+
},
|
|
2852
|
+
"new_control_requirements": [
|
|
2853
|
+
{
|
|
2854
|
+
"id": "NEW-CTRL-054",
|
|
2855
|
+
"name": "BACKUP-TIER-NETWORK-ISOLATION",
|
|
2856
|
+
"description": "Backup-orchestration appliances and backup-data destinations must be network-isolated from the data-plane networks they protect. Management surfaces must be reachable only from operator subnets; backup-data paths must use unidirectional or pull-only patterns from the backup tier to the protected systems where possible.",
|
|
2857
|
+
"evidence": "CVE-2025-59389 — pre-auth RCE on Hyper Data Protector demonstrates that backup-tier compromise via the management surface is a single-step path to recovery denial.",
|
|
2858
|
+
"gap_closes": [
|
|
2859
|
+
"ISO-27001-2022-A.8.13",
|
|
2860
|
+
"NIS2-Art21-business-continuity"
|
|
2861
|
+
]
|
|
2862
|
+
}
|
|
2863
|
+
],
|
|
2864
|
+
"compliance_exposure_score": {
|
|
2865
|
+
"percent_audit_passing_orgs_still_exposed": 70,
|
|
2866
|
+
"basis": "Backup appliances commonly share the data-plane network they protect; ISO 27001 backup controls pass without enforcing network isolation of the backup tier.",
|
|
2867
|
+
"theater_pattern": "business_continuity"
|
|
2868
|
+
},
|
|
2869
|
+
"ai_discovered_zeroday": false,
|
|
2870
|
+
"ai_discovery_source": "human_researcher",
|
|
2871
|
+
"ai_assist_factor": "low"
|
|
2872
|
+
},
|
|
2873
|
+
"CVE-2025-11837": {
|
|
2874
|
+
"name": "QNAP Malware Remover code-injection",
|
|
2875
|
+
"lesson_date": "2026-05-17",
|
|
2876
|
+
"attack_vector": {
|
|
2877
|
+
"description": "Code-injection in QNAP Malware Remover's malware-definition-handling path. An attacker who can deliver a crafted definition update or hijack the definition-fetch channel gains code execution as the security tool itself — a trust-anchor inversion where the AV/AM tool becomes the attack vector.",
|
|
2878
|
+
"privileges_required": "ability to deliver a crafted definition file (supply-chain compromise, MITM on the definition-fetch channel, or local low-priv access)",
|
|
2879
|
+
"complexity": "low",
|
|
2880
|
+
"ai_factor": "Not AI-discovered — Chumy Tsai of CyCraft Technology via Pwn2Own Ireland 2025 ZDI credit."
|
|
2881
|
+
},
|
|
2882
|
+
"defense_chain": {
|
|
2883
|
+
"prevention": {
|
|
2884
|
+
"what_would_have_worked": "Upgrade QNAP Malware Remover to 6.6.8.20251023+. Verify that definition-fetch uses TLS with strict certificate validation against the vendor's published pin.",
|
|
2885
|
+
"was_this_required": false,
|
|
2886
|
+
"framework_requiring_it": null,
|
|
2887
|
+
"adequacy": "Patch is definitive; transport hardening reduces the MITM surface for future definition-update flaws."
|
|
2888
|
+
},
|
|
2889
|
+
"detection": {
|
|
2890
|
+
"what_would_have_worked": "Behavioral telemetry on the Malware Remover process — alert on subprocess spawns or outbound connections outside the documented update pattern. Sandbox-execute the AV with a crafted definition file and confirm rejection (the compliance-theater test for the trust-anchor-inversion class).",
|
|
2891
|
+
"was_this_required": false,
|
|
2892
|
+
"framework_requiring_it": null,
|
|
2893
|
+
"adequacy": "Effective once instrumented; the AV-on-AV detection inversion is uncomfortable to operationalize and rarely deployed."
|
|
2894
|
+
},
|
|
2895
|
+
"response": {
|
|
2896
|
+
"what_would_have_worked": "Treat the appliance running the affected AV as compromised; rebuild from known-good firmware; rotate any credentials the AV process context could touch.",
|
|
2897
|
+
"was_this_required": false,
|
|
2898
|
+
"framework_requiring_it": null,
|
|
2899
|
+
"adequacy": "Necessary because the compromised process typically runs with broad filesystem and network access."
|
|
2900
|
+
}
|
|
2901
|
+
},
|
|
2902
|
+
"framework_coverage": {
|
|
2903
|
+
"NIST-800-53-SI-3": {
|
|
2904
|
+
"covered": true,
|
|
2905
|
+
"adequate": false,
|
|
2906
|
+
"gap": "Malicious-code-protection control assumes the AV/AM tool is itself uncompromised. The compliance-theater test that distinguishes paper compliance from real security: run the AV with a crafted definition file in a sandbox and confirm rejection."
|
|
2907
|
+
},
|
|
2908
|
+
"ISO-27001-2022-A.8.7": {
|
|
2909
|
+
"covered": true,
|
|
2910
|
+
"adequate": false,
|
|
2911
|
+
"gap": "Anti-malware controls treated as trust anchors; CVE-2025-11837 demonstrates the trust-anchor-inversion class directly."
|
|
2912
|
+
},
|
|
2913
|
+
"PCI-DSS-4.0-5.1": {
|
|
2914
|
+
"covered": true,
|
|
2915
|
+
"adequate": false,
|
|
2916
|
+
"gap": "Anti-malware deployment requirement satisfied on paper; deployed tool itself is the vulnerability."
|
|
2917
|
+
}
|
|
2918
|
+
},
|
|
2919
|
+
"new_control_requirements": [
|
|
2920
|
+
{
|
|
2921
|
+
"id": "NEW-CTRL-055",
|
|
2922
|
+
"name": "SECURITY-TOOL-INTEGRITY-VERIFICATION",
|
|
2923
|
+
"description": "Security tools (AV/AM, EDR, vulnerability scanners) must be treated as in-scope of vulnerability management with the same SLAs as other privileged software. Definition-update channels must use TLS with certificate pinning. Compliance audits must include a trust-anchor-inversion test: deliver a crafted input to the security tool in a sandbox and confirm rejection.",
|
|
2924
|
+
"evidence": "CVE-2025-11837 — QNAP Malware Remover code-injection demonstrates that the security tool itself can be the attack vector when its input-handling is unsafe.",
|
|
2925
|
+
"gap_closes": [
|
|
2926
|
+
"NIST-800-53-SI-3",
|
|
2927
|
+
"ISO-27001-2022-A.8.7",
|
|
2928
|
+
"PCI-DSS-4.0-5.1"
|
|
2929
|
+
]
|
|
2930
|
+
}
|
|
2931
|
+
],
|
|
2932
|
+
"compliance_exposure_score": {
|
|
2933
|
+
"percent_audit_passing_orgs_still_exposed": 85,
|
|
2934
|
+
"basis": "Trust-anchor-inversion testing is essentially never part of compliance audits for SI-3 / A.8.7 / PCI 5.1. Operators pass these controls by deploying the tool, not by verifying the tool's input-handling.",
|
|
2935
|
+
"theater_pattern": "antimalware_trust"
|
|
2936
|
+
},
|
|
2937
|
+
"ai_discovered_zeroday": false,
|
|
2938
|
+
"ai_discovery_source": "human_researcher",
|
|
2939
|
+
"ai_assist_factor": "low"
|
|
2940
|
+
},
|
|
2941
|
+
"CVE-2024-21762": {
|
|
2942
|
+
"name": "Fortinet FortiOS / FortiProxy SSL-VPN out-of-bounds write (sslvpnd preauth RCE)",
|
|
2943
|
+
"lesson_date": "2026-05-17",
|
|
2944
|
+
"attack_vector": {
|
|
2945
|
+
"description": "Out-of-bounds write in the sslvpnd daemon's HTTP request handling on FortiOS and FortiProxy. An unauthenticated attacker sends a specially crafted HTTP request to the SSL-VPN web surface and executes code on the appliance. Mass-scanning began within hours of the 2024-02-08 vendor disclosure; CISA KEV-listed the next day with a 7-day federal remediation deadline. Fortinet's 2025-04-11 follow-up advisory documented a post-exploitation technique where attackers who compromised the device before patching leave behind read-only symlinks in the SSL-VPN language-file directory that grant persistent filesystem read access on fully patched firmware — patch alone is insufficient.",
|
|
2946
|
+
"privileges_required": "none (unauth network reach to the SSL-VPN web surface; SSL-VPN must be enabled on the FortiGate)",
|
|
2947
|
+
"complexity": "low — single-request preauth RCE; public PoCs available within days",
|
|
2948
|
+
"ai_factor": "Not AI-discovered — vendor-internal discovery by Fortinet PSIRT. No AI involvement on either the discovery or weaponization side."
|
|
2949
|
+
},
|
|
2950
|
+
"defense_chain": {
|
|
2951
|
+
"prevention": {
|
|
2952
|
+
"what_would_have_worked": "Upgrade to FortiOS 7.6.2 / 7.4.7 / 7.2.11 / 7.0.17 / 6.4.16 or FortiProxy 7.4.3 / 7.2.9 / 7.0.15 / 2.0.14. Pre-patch interim mitigation: disable SSL-VPN entirely (Fortinet's stated workaround). Front the SSL-VPN web surface with network ACLs restricting access to known operator IP ranges where the SSL-VPN tenancy model permits it.",
|
|
2953
|
+
"was_this_required": true,
|
|
2954
|
+
"framework_requiring_it": "CISA BOD 22-01 (KEV remediation — added 2024-02-09 with 7-day deadline)",
|
|
2955
|
+
"adequacy": "Patch is definitive for the OOB-write itself but does not remediate post-exploitation persistence (symlink-based filesystem read access seeded before the patch). Operators who patched after compromise must additionally apply the FortiGuard 2025-04 cleanup steps to remove attacker-installed symlinks."
|
|
2956
|
+
},
|
|
2957
|
+
"detection": {
|
|
2958
|
+
"what_would_have_worked": "Alerting on sslvpnd process crashes (OOB-write often triggers segfaults during exploit development); webserver log alerts on unusual HTTP request patterns to /remote/* SSL-VPN endpoints; outbound connection alerts from FortiGate appliances to non-management destinations; filesystem-state baselining on the SSL-VPN language-file directory to detect symlink-persistence artifacts.",
|
|
2959
|
+
"was_this_required": false,
|
|
2960
|
+
"framework_requiring_it": null,
|
|
2961
|
+
"adequacy": "Detection without prevention; in the case of a confirmed-in-wild preauth RCE with a 7-day KEV deadline, patching is the operative control. Filesystem-state detection is necessary to catch the post-exploitation symlink persistence on devices patched after compromise."
|
|
2962
|
+
},
|
|
2963
|
+
"response": {
|
|
2964
|
+
"what_would_have_worked": "Treat any internet-facing FortiGate with SSL-VPN enabled before 2024-02-08 as potentially compromised; capture device configuration and audit logs for forensic review; rotate every credential reachable from the device (admin credentials, VPN-user credentials, RADIUS shared secrets, LDAP bind credentials); reimage or factory-reset rather than upgrade-in-place where the compromise window is uncertain; apply the FortiGuard 2025-04 cleanup steps to remove attacker-installed symlinks even on devices that appear to be on current firmware.",
|
|
2965
|
+
"was_this_required": false,
|
|
2966
|
+
"framework_requiring_it": null,
|
|
2967
|
+
"adequacy": "Operationally expensive but necessary for any device with uncertain compromise status; many operators upgraded in place and missed the post-exploitation persistence."
|
|
2968
|
+
}
|
|
2969
|
+
},
|
|
2970
|
+
"framework_coverage": {
|
|
2971
|
+
"NIST-800-53-SI-2": {
|
|
2972
|
+
"covered": true,
|
|
2973
|
+
"adequate": false,
|
|
2974
|
+
"gap": "30-day patch SLA is multiple orders of magnitude longer than the observed exploitation window (hours from disclosure to mass-scanning). Reboot-required nature breaks the standard maintenance-window assumption; many operators delayed patching until the next scheduled window, extending exposure."
|
|
2975
|
+
},
|
|
2976
|
+
"ISO-27001-2022-A.8.8": {
|
|
2977
|
+
"covered": true,
|
|
2978
|
+
"adequate": false,
|
|
2979
|
+
"gap": "Appropriate timescales undefined; standard 30-day interpretation is unsafe for an unauthenticated preauth RCE on an internet-facing security appliance with public PoCs and confirmed in-wild exploitation."
|
|
2980
|
+
},
|
|
2981
|
+
"NIS2-Art21-network-security": {
|
|
2982
|
+
"covered": true,
|
|
2983
|
+
"adequate": false,
|
|
2984
|
+
"gap": "EU NIS2 treats VPN concentrators as essential-function infrastructure but lacks a CISA-KEV-style compressed remediation SLA. Operators in NIS2 sectors typically discovered the vulnerability via vendor advisory, not via the regulatory channel."
|
|
2985
|
+
},
|
|
2986
|
+
"DORA-Art-9": {
|
|
2987
|
+
"covered": true,
|
|
2988
|
+
"adequate": false,
|
|
2989
|
+
"gap": "ICT incident management presumes vendor-patch cadence; the appliance-reboot requirement breaks the standard SLA assumption for financial-entity SSL-VPN concentrators."
|
|
2990
|
+
},
|
|
2991
|
+
"UK-CAF-B4": {
|
|
2992
|
+
"covered": true,
|
|
2993
|
+
"adequate": false,
|
|
2994
|
+
"gap": "System security principle is silent on the operational reality that fully patched FortiGates can carry attacker persistence (symlink-based filesystem read access) seeded before the patch was applied. Patch alone is insufficient; cleanup verification is required."
|
|
2995
|
+
},
|
|
2996
|
+
"AU-ISM-1546": {
|
|
2997
|
+
"covered": true,
|
|
2998
|
+
"adequate": "closest",
|
|
2999
|
+
"gap": "Essential 8 patch-applications ML3 (48h) is closer to the operational reality than NIST SI-2 but still misses the mass-scanning window."
|
|
3000
|
+
}
|
|
3001
|
+
},
|
|
3002
|
+
"new_control_requirements": [],
|
|
3003
|
+
"compliance_exposure_score": {
|
|
3004
|
+
"percent_audit_passing_orgs_still_exposed": 60,
|
|
3005
|
+
"basis": "Internet-facing SSL-VPN concentrators are routinely deployed by SOC 2 / ISO 27001 / PCI-audited organisations without a documented compressed-SLA patching procedure for the appliance class; the standard 30-day patch SLA was active exposure for this CVE. Post-exploitation symlink cleanup is essentially never tested in compliance audits — operators who patched in place after compromise frequently retained attacker persistence.",
|
|
3006
|
+
"theater_pattern": "patch_management"
|
|
3007
|
+
},
|
|
3008
|
+
"ai_discovered_zeroday": false,
|
|
3009
|
+
"ai_discovery_source": "vendor_research",
|
|
3010
|
+
"ai_assist_factor": "low"
|
|
2122
3011
|
}
|
|
2123
3012
|
}
|