Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
December 26, 2022Rewterz Threat Advisory – Multiple IBM Security Verify Governance, Identity Manager Vulnerabilities
December 26, 2022Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
December 26, 2022Rewterz Threat Advisory – Multiple IBM Security Verify Governance, Identity Manager Vulnerabilities
December 26, 2022Severity
Medium
Analysis Summary
CVE-2022-43381 CVSS:6.2
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service.
CVE-2022-43380 CVSS:6.2
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX NFS kernel extension to cause a denial of service.
CVE-2022-43848 CVSS:6.2
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service.
CVE-2022-39165 CVSS:6.2
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service.
Impact
Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-43381
- CVE-2022-43380
- CVE-2022-43848
- CVE-2022-39165
Affected Vendors
IBM
Affected Products
- IBM AIX 7.1
- IBM AIX 7.3
- IBM AIX 7.2
- IBM VIOS 3.1
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.