1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Out-of-Bounds (Read and Write) Capability Group

Known Exploited Vulnerabilities Out-of-Bounds (Read and Write) Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability primary_impact T1203 Exploitation for Client Execution
Comments
This vulnerability is exploited through a user opening a malicious PDF file.
References
  1. https://www.rapid7.com/db/vulnerabilities/adobe-acrobat-cve-2023-26369/
  2. https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2023/CVE-2023-26369.html
CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability exploitation_technique T1204.002 Malicious File
Comments
This vulnerability is exploited through a user opening a malicious PDF file.
References
  1. https://www.rapid7.com/db/vulnerabilities/adobe-acrobat-cve-2023-26369/
  2. https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2023/CVE-2023-26369.html
CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability exploitation_technique T1574 Hijack Execution Flow
Comments
This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write.
References
  1. https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability
  2. https://github.com/h4x0r-dz/CVE-2024-21762
CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write.
References
  1. https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability
  2. https://github.com/h4x0r-dz/CVE-2024-21762
CVE-2021-4034 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability exploitation_technique T1068 Exploitation for Privilege Escalation
Comments
The Polkit/Pwnkit vulnerability (CVE-2021-4034) is a critical vulnerability impacting every major Linux distribution. Its attack vector allows privilege escalation and can even give the attacker root access.
References
  1. https://www.crowdstrike.com/en-us/blog/hunting-pwnkit-local-privilege-escalation-in-linux/
  2. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a
CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability primary_impact T1499 Endpoint Denial of Service
Comments
This vulnerability is exploited by an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability has been identified as being exploited in the wild by Chinese adversary groups.
References
  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-getvpn-rce-g8qR68sx
  2. https://www.darkreading.com/vulnerabilities-threats/new-cisco-ios-zero-day-delivers-a-double-punch
CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
This vulnerability is exploited by an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability has been identified as being exploited in the wild by Chinese adversary groups.
References
  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-getvpn-rce-g8qR68sx
  2. https://www.darkreading.com/vulnerabilities-threats/new-cisco-ios-zero-day-delivers-a-double-punch
CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability exploitation_technique T1078 Valid Accounts
Comments
This vulnerability is exploited by an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability has been identified as being exploited in the wild by Chinese adversary groups.
References
  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-getvpn-rce-g8qR68sx
  2. https://www.darkreading.com/vulnerabilities-threats/new-cisco-ios-zero-day-delivers-a-double-punch
CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability secondary_impact T1588.001 Malware
Comments
This vulnerability is exploited by an adversary who has already gained network access to the vCenter Server. The adversary sends a crafted payload to the server that has a vulnerable DCERPC protocol and causes an out-of-bounds write on the jmp rax instruction. Adversary group UNC3886 has been attributed to leveraging this vulnerability in the wild to establish a backdoor in victim vCenter servers.
References
  1. https://www.vicarius.io/vsociety/posts/understanding-cve-2023-34048-a-zero-day-out-of-bound-write-in-vcenter-server
  2. https://cloud.google.com/blog/topics/threat-intelligence/chinese-vmware-exploitation-since-2021/
CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability primary_impact T1203 Exploitation for Client Execution
Comments
This vulnerability is exploited by an adversary who has already gained network access to the vCenter Server. The adversary sends a crafted payload to the server that has a vulnerable DCERPC protocol and causes an out-of-bounds write on the jmp rax instruction. Adversary group UNC3886 has been attributed to leveraging this vulnerability in the wild to establish a backdoor in victim vCenter servers.
References
  1. https://www.vicarius.io/vsociety/posts/understanding-cve-2023-34048-a-zero-day-out-of-bound-write-in-vcenter-server
  2. https://cloud.google.com/blog/topics/threat-intelligence/chinese-vmware-exploitation-since-2021/
CVE-2024-4761 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability exploitation_technique T1059 Command and Scripting Interpreter
Comments
CVE-2024-4761 is an out of bounds write vulnerability that allows a remote attacker to perform an out of bounds memory write via a crafted HTML page.
References
  1. https://thehackernews.com/2024/05/new-chrome-zero-day-vulnerability-cve.html

Capabilities

Capability ID Capability Name Number of Mappings
CVE-2024-4761 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability 1
CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability 3
CVE-2021-4034 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability 1
CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability 2
CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability 2
CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability 2