CVE-2015-5119

Vulnerability updated 4 months ago (2024-05-04T18:19:14.366Z)

Download STIX

Preview STIX

CVE-2015-5119 is a software vulnerability, specifically a flaw in the design or implementation of Adobe Flash. This vulnerability was discovered as part of the Hacking Team data breach that took place in 2015. In this leak, internal data of the Italian cybersecurity firm Hacking Team was exposed, including the details of several undisclosed vulnerabilities. One of these was CVE-2015-5119, which was found to be a zero-day vulnerability, meaning it was unknown to those interested in its mitigation until it was discovered in the leak. Chinese Advanced Persistent Threat (APT) groups, notably APT17 also known as Tailgator Team or Deputy Dog, quickly capitalized on the leaked information. They are suspected of being backed by China and primarily target sectors such as the U.S. government, international law firms, and information technology companies. These groups conducted network intrusions against targeted organizations using the CVE-2015-5119 vulnerability. The speed with which they utilized this vulnerability demonstrates their agility and capability in exploiting newly discovered flaws for cyber espionage purposes. Another threat group, PLEAD, also exploited the CVE-2015-5119 vulnerability. They used it to create a fileless version of their malware, demonstrating a sophisticated approach to cyber-attacks. The rapid adoption of this zero-day vulnerability by multiple threat groups following the Hacking Team leak underscores the importance of swift vulnerability management and patching strategies in mitigating the risks posed by such security flaws.

Description last updated: 2024-05-04T17:46:32.227Z

What's your take? (Question 1 of 0)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
APT17	Targets	2	APT17, also known as Tailgator Team and Deputy Dog, is a threat actor suspected to be affiliated with the Chinese intelligence apparatus. This group has been associated with various aliases including Winnti, PassCV, Axiom, LEAD, BARIUM, Wicked Panda, and GREF. The primary targets of APT17 are the U.

Source Document References

Information about the CVE-2015-5119 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
MITRE	2 years ago	The Trail of BlackTech’s Cyber Espionage Campaigns
MITRE	2 years ago	APT Trends report Q2 2017
MITRE	2 years ago	BlackOasis APT and new targeted attacks leveraging zero-day exploit
MITRE	2 years ago	Advanced Persistent Threats (APTs) \| Threat Actors & Groups
MITRE	2 years ago	Demonstrating Hustle, Chinese APT Groups Quickly Use Zero-Day Vulnerability (CVE-2015-5119) Following Hacking Team Leak \| Mandiant