CVE-2016-4117

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2016-4117 is a critical vulnerability that was discovered in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. It represents a flaw in software design or implementation, which can potentially be exploited by malicious actors to take control of an affected system. Adobe issued a warning about this vulnerability on May 10, 2016, urging users to update their software to the latest version to mitigate the risk. The Middle Eastern hacker group, codenamed "BlackOasis," exploited this zero-day vulnerability as part of its operations. The group utilized Operation Erebus, which leveraged the CVE-2016-4117 exploit through watering hole attacks, a strategy involving the infection of websites frequented by targeted users. Kaspersky's findings, published in a blog post, revealed that BlackOasis was using the exploit to remotely deliver the latest version of the "FinSpy" malware, further highlighting the severity and potential misuse of the vulnerability. In response to these threats, Adobe released a security update addressing the issue. However, the exploitation of CVE-2016-4117 by groups like BlackOasis underscores the importance of timely software updates and robust cybersecurity measures. It serves as a reminder that vulnerabilities, especially those associated with widely used software like Adobe Flash Player, can have far-reaching implications if not promptly addressed.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Adobe
Windows
Vulnerability
Linux
Chrome
Malware
Kaspersky
Exploit
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
FinspyUnspecified
1
FinSpy is a sophisticated malware developed by Gamma Group, also known as FinFisher or Lench IT Solutions. This malicious software has the ability to record audio, turn on the device's camera, and exfiltrate data from smartphones without the owner's awareness. It is typically delivered through explo
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
BlackOasisUnspecified
1
BlackOasis is a prominent threat actor known for its execution of actions with malicious intent, primarily through the use of zero-day exploits. The cybersecurity industry first became aware of BlackOasis' activities in May 2016 while investigating an Adobe Flash zero day. Notably, this group has re
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2016-4117 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Operation Daybreak
MITRE
a year ago
HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | CISA
MITRE
a year ago
Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe - Microsoft Security Blog
MITRE
a year ago
APT Trends report Q2 2017
MITRE
a year ago
Middle Eastern hacking group is using FinFisher malware to conduct international espionage
MITRE
a year ago
BlackOasis APT and new targeted attacks leveraging zero-day exploit
MITRE
a year ago
Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions | Proofpoint US
MITRE
a year ago
RATANKBA: Delving into Large-scale Watering Holes