| CVE-2020-3403 |
Cisco IOS XE Software |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3403 |
Cisco IOS XE Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3403 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3253 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3253 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3233 |
Cisco IOx |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3233 |
Cisco IOx |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3233 |
Cisco IOx |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3460 |
Cisco Data Center Network Manager |
primary_impact |
T1565.002 |
Transmitted Data Manipulation |
| CVE-2020-3460 |
Cisco Data Center Network Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-3137 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3137 |
Cisco Email Security Appliance (ESA) |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3137 |
Cisco Email Security Appliance (ESA) |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3312 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3312 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3379 |
Cisco SD-WAN Solution |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2020-3379 |
Cisco SD-WAN Solution |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3477 |
Cisco IOS |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3477 |
Cisco IOS |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3216 |
Cisco IOS XE SD-WAN Software |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3216 |
Cisco IOS XE SD-WAN Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3306 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2020-3306 |
Cisco Adaptive Security Appliance (ASA) Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3375 |
Cisco SD-WAN vManage |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3375 |
Cisco SD-WAN vManage |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3476 |
Cisco IOS XE Software |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3476 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3134 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1489 |
Service Stop |
| CVE-2020-3120 |
Cisco IOS XR Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2020-3133 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3133 |
Cisco Email Security Appliance (ESA) |
exploitation_technique |
T1566.001 |
Spearphishing Attachment |
| CVE-2020-3387 |
Cisco SD-WAN vManage |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3387 |
Cisco SD-WAN vManage |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3387 |
Cisco SD-WAN vManage |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-3440 |
Cisco Webex Meetings |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3440 |
Cisco Webex Meetings |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3440 |
Cisco Webex Meetings |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3121 |
Cisco 550X Series Stackable Managed Switches |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3121 |
Cisco 550X Series Stackable Managed Switches |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3121 |
Cisco 550X Series Stackable Managed Switches |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3407 |
Cisco IOS XE Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3407 |
Cisco IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3237 |
Cisco IOx |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3237 |
Cisco IOx |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-3416 |
Cisco IOS XE Software |
primary_impact |
T1542.004 |
ROMMONkit |
| CVE-2020-3416 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3126 |
Cisco Webex Meetings Multimedia Viewer |
primary_impact |
T1080 |
Taint Shared Content |
| CVE-2020-3126 |
Cisco Webex Meetings Multimedia Viewer |
primary_impact |
T1204.002 |
Malicious File |
| CVE-2020-3126 |
Cisco Webex Meetings Multimedia Viewer |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3356 |
Cisco Data Center Network Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3356 |
Cisco Data Center Network Manager |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3356 |
Cisco Data Center Network Manager |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3397 |
Cisco NX-OS Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3397 |
Cisco NX-OS Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3322 |
Cisco Webex Network Recording Player |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3322 |
Cisco Webex Network Recording Player |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3322 |
Cisco Webex Network Recording Player |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1091 |
Replication Through Removable Media |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-3177 |
Cisco Unified Communications Manager |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3177 |
Cisco Unified Communications Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3510 |
Cisco IOS XE Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3510 |
Cisco IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3513 |
Cisco IOS XE Software |
primary_impact |
T1542.004 |
ROMMONkit |
| CVE-2020-3513 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3409 |
Cisco IOS |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3409 |
Cisco IOS |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3349 |
Cisco Data Center Network Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3349 |
Cisco Data Center Network Manager |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3349 |
Cisco Data Center Network Manager |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3244 |
Cisco ASR 5000 Series Software |
primary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-3244 |
Cisco ASR 5000 Series Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3240 |
Cisco UCS Director |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3240 |
Cisco UCS Director |
primary_impact |
T1505.003 |
Web Shell |
| CVE-2020-3240 |
Cisco UCS Director |
secondary_impact |
T1003.008 |
/etc/passwd and /etc/shadow |
| CVE-2020-3240 |
Cisco UCS Director |
secondary_impact |
T1552.001 |
Credentials In Files |
| CVE-2020-3240 |
Cisco UCS Director |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3240 |
Cisco UCS Director |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-5364 |
Isilon OneFS |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-5364 |
Isilon OneFS |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-5374 |
OMIMSSC (OpenManage Integration for Microsoft System Center) |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-5345 |
Unisphere for PowerMax |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5345 |
Unisphere for PowerMax |
exploitation_technique |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-5336 |
RSA Archer |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5336 |
RSA Archer |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5336 |
RSA Archer |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5365 |
Isilon OneFS |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-5365 |
Isilon OneFS |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2020-5326 |
Dell Client Consumer and Commercial Platforms |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5326 |
Dell Client Consumer and Commercial Platforms |
secondary_impact |
T1542.001 |
System Firmware |
| CVE-2020-5339 |
RSA Authentication Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5339 |
RSA Authentication Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5339 |
RSA Authentication Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-5386 |
Elastic Cloud Storage |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5340 |
RSA Authentication Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5340 |
RSA Authentication Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5340 |
RSA Authentication Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-5358 |
Dell Encryption Enterprise |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5371 |
Isilon OneFS |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5371 |
Isilon OneFS |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-5378 |
CPG BIOS |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2020-5376 |
CPG BIOS |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2020-5331 |
RSA Archer |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5362 |
Dell Client Consumer and Commercial platforms |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5362 |
Dell Client Consumer and Commercial platforms |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2020-5379 |
CPG BIOS |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2020-5369 |
Isilon OneFS |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5366 |
Integrated Dell Remote Access Controller (iDRAC) |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5366 |
Integrated Dell Remote Access Controller (iDRAC) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5373 |
OMIMSSC (OpenManage Integration for Microsoft System Center) |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5373 |
OMIMSSC (OpenManage Integration for Microsoft System Center) |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-5328 |
Isilon OneFS |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5350 |
Integrated Data Protection Appliance |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5350 |
Integrated Data Protection Appliance |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2020-5332 |
RSA Archer |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15105 |
django-two-factor-auth |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2020-15105 |
django-two-factor-auth |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2020-15188 |
soycms |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15188 |
soycms |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-5250 |
PrestaShop |
primary_impact |
T1036 |
Masquerading |
| CVE-2020-5250 |
PrestaShop |
secondary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2020-15147 |
Red-DiscordBot |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15147 |
Red-DiscordBot |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-15118 |
wagtail |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15118 |
wagtail |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5210 |
NetHack |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-5210 |
NetHack |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11055 |
BookStack |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-11055 |
BookStack |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5283 |
viewvc |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5283 |
viewvc |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-15211 |
tensorflow |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-15211 |
tensorflow |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5220 |
SyliusResourceBundle |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5220 |
SyliusResourceBundle |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11021 |
http-client |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11021 |
http-client |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5269 |
PrestaShop |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5269 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5269 |
PrestaShop |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-11030 |
WordPress |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11030 |
WordPress |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-11030 |
WordPress |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-11036 |
GLPI |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11036 |
GLPI |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-11036 |
GLPI |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-15100 |
freewvs |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-15100 |
freewvs |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-15100 |
freewvs |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-15094 |
symfony |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15094 |
symfony |
exploitation_technique |
T1040 |
Network Sniffing |
| CVE-2020-15140 |
Red-DiscordBot |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15140 |
Red-DiscordBot |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-11087 |
FreeRDP |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11087 |
FreeRDP |
secondary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-11023 |
jQuery |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11023 |
jQuery |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-11023 |
jQuery |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5290 |
rctf |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2020-5290 |
rctf |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-11090 |
Indy Node |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1036 |
Masquerading |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-5270 |
PrestaShop |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2020-5254 |
NetHack |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-5254 |
NetHack |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15096 |
electron |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15096 |
electron |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11013 |
Helm |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15095 |
cli |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2020-15233 |
fosite |
secondary_impact |
T1036 |
Masquerading |
| CVE-2020-15233 |
fosite |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2020-5252 |
safety |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11019 |
FreeRDP |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11019 |
FreeRDP |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11019 |
FreeRDP |
secondary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-15182 |
soycms |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-15182 |
soycms |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5264 |
PrestaShop |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5264 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5264 |
PrestaShop |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-11078 |
httplib2 |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11050 |
Java-WebSocket |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15170 |
apollo |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15170 |
apollo |
primary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2020-5295 |
october |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5295 |
october |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-15189 |
soycms |
primary_impact |
T1505.003 |
Web Shell |
| CVE-2020-15189 |
soycms |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15189 |
soycms |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-15137 |
HoRNDIS |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-15137 |
HoRNDIS |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-15137 |
HoRNDIS |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11035 |
GLPI |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2020-11035 |
GLPI |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-11035 |
GLPI |
primary_impact |
T1040 |
Network Sniffing |
| CVE-2020-11035 |
GLPI |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2020-5217 |
secure_headers |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5217 |
secure_headers |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5261 |
Saml2 |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5261 |
Saml2 |
exploitation_technique |
T1040 |
Network Sniffing |
| CVE-2020-11054 |
qutebrowser |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11054 |
qutebrowser |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-4068 |
APNSwift |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-4068 |
APNSwift |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-4068 |
APNSwift |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-4068 |
APNSwift |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-4068 |
APNSwift |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-4068 |
APNSwift |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-4068 |
APNSwift |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-4068 |
APNSwift |
exploitation_technique |
T1091 |
Replication Through Removable Media |
| CVE-2020-15109 |
solidus |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15109 |
solidus |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-15109 |
solidus |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-11082 |
Kaminari |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11082 |
Kaminari |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-11082 |
Kaminari |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-15093 |
tough |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2020-15093 |
tough |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-15093 |
tough |
primary_impact |
T1040 |
Network Sniffing |
| CVE-2020-15093 |
tough |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2020-5225 |
SimpleSAMLphp |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5225 |
SimpleSAMLphp |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-5225 |
SimpleSAMLphp |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-5266 |
ps_linklist |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5266 |
ps_linklist |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5266 |
ps_linklist |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-15208 |
tensorflow |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-15208 |
tensorflow |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11010 |
tortoise-orm |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-11010 |
tortoise-orm |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-11010 |
tortoise-orm |
secondary_impact |
T1505.003 |
Web Shell |
| CVE-2020-11010 |
tortoise-orm |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-11010 |
tortoise-orm |
secondary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11010 |
tortoise-orm |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-11010 |
tortoise-orm |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-15143 |
SyliusResourceBundle |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15143 |
SyliusResourceBundle |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-11039 |
FreeRDP |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-11039 |
FreeRDP |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11039 |
FreeRDP |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-15199 |
tensorflow |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-15199 |
tensorflow |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-15179 |
wiki-scratchsig |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15179 |
wiki-scratchsig |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5271 |
PrestaShop |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5271 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5271 |
PrestaShop |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5231 |
opencast |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-5231 |
opencast |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-5279 |
PrestaShop |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11059 |
AEgir |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-15183 |
soycms |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15183 |
soycms |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-11044 |
FreeRDP |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-5284 |
next.js |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-15162 |
PrestaShop |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15162 |
PrestaShop |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-11073 |
zsh-autoswitch-virtualenv |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-11073 |
zsh-autoswitch-virtualenv |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-5267 |
actionview |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5267 |
actionview |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-11068 |
LoRaMac-node |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-11068 |
LoRaMac-node |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-5297 |
october |
primary_impact |
T1505.003 |
Web Shell |
| CVE-2020-5297 |
october |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5241 |
matestack-ui-core |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5241 |
matestack-ui-core |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5253 |
NetHack |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-5253 |
NetHack |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-5253 |
NetHack |
exploitation_technique |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2020-15132 |
sulu |
primary_impact |
T1589 |
Gather Victim Identity Information |
| CVE-2020-11045 |
FreeRDP |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11083 |
October |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5281 |
perun |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-6986 |
Omron PLC CJ Series |
primary_impact |
T0814 |
Denial of Service |
| CVE-2020-6986 |
Omron PLC CJ Series |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2020-12029 |
FactoryTalk View SE |
primary_impact |
T1505.003 |
Web Shell |
| CVE-2020-12029 |
FactoryTalk View SE |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-12029 |
FactoryTalk View SE |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-6960 |
Honeywell Maxpro VMS & NVR |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-12014 |
Advantech WebAccess Node |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-12038 |
EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-12038 |
EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-12008 |
Baxter ExactaMix EM 2400 & EM 1200 |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2020-12008 |
Baxter ExactaMix EM 2400 & EM 1200 |
secondary_impact |
T0859 |
Valid Accounts |
| CVE-2020-12008 |
Baxter ExactaMix EM 2400 & EM 1200 |
exploitation_technique |
T0842 |
Network Sniffing |
| CVE-2020-16200 |
Philips Clinical Collaboration Platform |
primary_impact |
T1496 |
Resource Hijacking |
| CVE-2020-16200 |
Philips Clinical Collaboration Platform |
secondary_impact |
T0826 |
Loss of Availability |
| CVE-2020-6964 |
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-6964 |
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-6964 |
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-6993 |
Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-6993 |
Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-14510 |
GateManager |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-14510 |
GateManager |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-14510 |
GateManager |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-14508 |
GateManager |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-14508 |
GateManager |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2020-14508 |
GateManager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-7004 |
VBASE Editor |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-10603 |
WebAccess/NMS |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-10603 |
WebAccess/NMS |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-12024 |
Baxter ExactaMix EM 2400 & EM 1200 |
primary_impact |
T1091 |
Replication Through Removable Media |
| CVE-2020-12000 |
Ignition 8 Gateway |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-12000 |
Ignition 8 Gateway |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-16211 |
Advantech WebAccess HMI Designer |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-16211 |
Advantech WebAccess HMI Designer |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-16198 |
Philips Clinical Collaboration Platform |
primary_impact |
T1036 |
Masquerading |
| CVE-2020-10602 |
OSIsoft PI System multiple products and versions |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-0884 |
Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8) |
primary_impact |
T1528 |
Steal Application Access Token |
| CVE-2020-0884 |
Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8) |
exploitation_technique |
T1040 |
Network Sniffing |
| CVE-2020-1025 |
Skype for Business Server 2019 CU2 |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-1111 |
Windows |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-1111 |
Windows |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-1111 |
Windows |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-1111 |
Windows |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-1111 |
Windows |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-0671 |
Windows |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-0671 |
Windows |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-0671 |
Windows |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-0671 |
Windows |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-0671 |
Windows |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-0671 |
Windows |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-0898 |
Windows |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-0898 |
Windows |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-1456 |
Microsoft SharePoint Enterprise Server |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-1456 |
Microsoft SharePoint Enterprise Server |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-1456 |
Microsoft SharePoint Enterprise Server |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-1456 |
Microsoft SharePoint Enterprise Server |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-1456 |
Microsoft SharePoint Enterprise Server |
secondary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2020-1456 |
Microsoft SharePoint Enterprise Server |
secondary_impact |
T1036 |
Masquerading |
| CVE-2020-1109 |
Windows |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-1109 |
Windows |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-1109 |
Windows |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-1109 |
Windows |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-1109 |
Windows |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-1109 |
Windows |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-1347 |
Windows 10 Version 2004 for 32-bit Systems |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-1163 |
Microsoft Forefront Endpoint Protection |
primary_impact |
T1485 |
Data Destruction |
| CVE-2020-1068 |
Windows |
primary_impact |
T1565 |
Data Manipulation |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-1495 |
Microsoft SharePoint Server 2010 Service Pack 2 |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-1425 |
Windows 10 Version 2004 for x64-based Systems |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-1425 |
Windows 10 Version 2004 for x64-based Systems |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-0758 |
Team Foundation Server 2018 |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-0758 |
Team Foundation Server 2018 |
exploitation_technique |
T1098 |
Account Manipulation |
| CVE-2020-1141 |
Windows |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-1141 |
Windows |
secondary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-1569 |
Microsoft Edge (EdgeHTML-based) |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
secondary_impact |
T1136 |
Create Account |
| CVE-2020-16874 |
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-1190 |
Windows |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-0955 |
Windows |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-0981 |
Windows 10 Version 1909 for 32-bit Systems |
primary_impact |
T1134 |
Access Token Manipulation |
| CVE-2020-0981 |
Windows 10 Version 1909 for 32-bit Systems |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-0981 |
Windows 10 Version 1909 for 32-bit Systems |
secondary_impact |
T1497 |
Virtualization/Sandbox Evasion |
| CVE-2020-1471 |
Windows 10 Version 1803 |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-0636 |
Windows 10 Version 1903 for 32-bit Systems |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-11652 |
n/a |
uncategorized |
T1005 |
Data from Local System |
| CVE-2020-11652 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-6808 |
Firefox |
uncategorized |
T1036.005 |
Match Legitimate Name or Location |
| CVE-2020-6820 |
Thunderbird |
uncategorized |
T1055 |
Process Injection |
| CVE-2020-6820 |
Thunderbird |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-8835 |
Linux kernel |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-8467 |
Trend Micro OfficeScan, Trend Micro Apex One |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-12659 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-10751 |
kernel |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-1027 |
Windows |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5539 |
GRANDIT |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5539 |
GRANDIT |
uncategorized |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-5539 |
GRANDIT |
uncategorized |
T1005 |
Data from Local System |
| CVE-2020-10817 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-10817 |
n/a |
uncategorized |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-8649 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-8649 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-12652 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-12652 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-7456 |
FreeBSD |
uncategorized |
T1091 |
Replication Through Removable Media |
| CVE-2020-7456 |
FreeBSD |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-12464 |
n/a |
uncategorized |
T1091 |
Replication Through Removable Media |
| CVE-2020-12464 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-15393 |
n/a |
uncategorized |
T1091 |
Replication Through Removable Media |
| CVE-2020-15393 |
n/a |
uncategorized |
T1499.001 |
OS Exhaustion Flood |
| CVE-2020-9804 |
macOS |
uncategorized |
T1091 |
Replication Through Removable Media |
| CVE-2020-9804 |
macOS |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11957 |
n/a |
uncategorized |
T1110 |
Brute Force |
| CVE-2020-9819 |
iOS |
uncategorized |
T1114.001 |
Local Email Collection |
| CVE-2020-9819 |
iOS |
uncategorized |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-9819 |
iOS |
uncategorized |
T1485 |
Data Destruction |
| CVE-2020-6418 |
Chrome |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-6418 |
Chrome |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-5902 |
BIG-IP |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-5902 |
BIG-IP |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-11901 |
n/a |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-11901 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-11901 |
n/a |
uncategorized |
T1059.007 |
JavaScript |
| CVE-2020-13125 |
n/a |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-13125 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-13125 |
n/a |
uncategorized |
T1204.002 |
Malicious File |
| CVE-2020-13125 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-6974 |
Honeywell Notifier Web Server (NWS) |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-6974 |
Honeywell Notifier Web Server (NWS) |
uncategorized |
T1005 |
Data from Local System |
| CVE-2020-6974 |
Honeywell Notifier Web Server (NWS) |
uncategorized |
T1565 |
Data Manipulation |
| CVE-2020-11738 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11738 |
n/a |
uncategorized |
T1055 |
Process Injection |
| CVE-2020-9380 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-9380 |
n/a |
uncategorized |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-10189 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-10189 |
n/a |
uncategorized |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-9459 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-9459 |
n/a |
uncategorized |
T1059.007 |
JavaScript |
| CVE-2020-9459 |
n/a |
uncategorized |
T1539 |
Steal Web Session Cookie |
| CVE-2020-9459 |
n/a |
uncategorized |
T1565 |
Data Manipulation |
| CVE-2020-9459 |
n/a |
uncategorized |
T1491 |
Defacement |
| CVE-2020-13126 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-13126 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-11897 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11897 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-11897 |
n/a |
uncategorized |
T1499 |
Endpoint Denial of Service |
| CVE-2020-11896 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11896 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-11896 |
n/a |
uncategorized |
T1499 |
Endpoint Denial of Service |
| CVE-2020-9818 |
iOS |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-1631 |
Junos OS |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-1350 |
Windows Server |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-0938 |
Windows |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-6819 |
Thunderbird |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-6819 |
Thunderbird |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-10257 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-10257 |
n/a |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2020-2883 |
WebLogic Server |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-2883 |
WebLogic Server |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-0601 |
Windows |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-0601 |
Windows |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-1206 |
Windows 10 Version 1909 for 32-bit Systems |
uncategorized |
T1210 |
Exploitation of Remote Services |
| CVE-2020-8468 |
Trend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS) |
uncategorized |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-8648 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-14059 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-12888 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-12655 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11884 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11668 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-12653 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-12653 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-11608 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11608 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-12769 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11651 |
n/a |
uncategorized |
T1528 |
Steal Application Access Token |
| CVE-2020-11651 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-11651 |
n/a |
uncategorized |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5300 |
hydra |
uncategorized |
T1528 |
Steal Application Access Token |
| CVE-2020-5300 |
hydra |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-4408 |
Qradar Advisor |
uncategorized |
T1552 |
Unsecured Credentials |
| CVE-2020-1020 |
Windows |
uncategorized |
T1566 |
Phishing |
| CVE-2020-1020 |
Windows |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2020-4100 |
"HCL Verse for Android" |
uncategorized |
T1574 |
Hijack Execution Flow |
| CVE-2020-0688 |
Microsoft Exchange Server 2013 |
uncategorized |
T1574 |
Hijack Execution Flow |
| CVE-2020-0688 |
Microsoft Exchange Server 2013 |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
