| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2022-42948 | Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
This vulnerability is exploited by a remote, unauthenticated attacker. The vulnerability is caused by improper escaping of HTML tags in Swing components. This flaw allows the attacker to inject crafted HTML code, enabling them to execute code within the Cobalt Strike UI. Exploitation can occur through a graphical file explorer menu, allowing attackers to perform unauthorized operations on the administrative interface.
References
|
| CVE-2022-42948 | Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This vulnerability is exploited by a remote, unauthenticated attacker. The vulnerability is caused by improper escaping of HTML tags in Swing components. This flaw allows the attacker to inject crafted HTML code, enabling them to execute code within the Cobalt Strike UI. Exploitation can occur through a graphical file explorer menu, allowing attackers to perform unauthorized operations on the administrative interface.
References
|