CVE-2021-40444

Vulnerability updated 4 months ago (2024-05-04T20:07:16.321Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2021-40444 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Malware

Vulnerability

Cobalt Strike

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
TrickBot	Unspecified	2	TrickBot is a notorious malware that has been used extensively by cybercriminals to exploit and damage computer systems. It operates as a crimeware-as-a-service platform, infecting systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can stea
Lokibot	Unspecified	2	LokiBot is a malicious software, or malware, that was first reported on October 24, 2020. It is designed to exploit and damage computer systems by infiltrating them through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, LokiBot steals personal information

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
APT28	Unspecified	2	APT28, also known as Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM, is a threat actor linked to Russia that has been active since at least 2007. The group has targeted governments, militaries, and security organizations worldwide, including the German Social Democratic Party

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

ID	Type	Votes	Profile Description
Follina	Unspecified	2	Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou

Source Document References

Information about the CVE-2021-40444 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	17 days ago	Analyzing the vulnerability landscape in Q2 2024
Securityaffairs	2 months ago	Void Banshee exploits CVE-2024-38112 zero-day to spread malware
Checkpoint	2 months ago	Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112) - Check Point Research
Securityaffairs	2 months ago	Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION
Fortinet	2 months ago	MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems \| FortiGuard Labs
CERT-EU	8 months ago	Breaking Cyber News From Cyberint - Cyberint
CERT-EU	9 months ago	Russian Threat Actors Exploit Outlook Flaw to Hijack Exchange Accounts
CERT-EU	9 months ago	Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397) - Help Net Security
Securityaffairs	9 months ago	Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts
InfoSecurity-magazine	9 months ago	Russian APT28 Exploits Outlook Bug to Access Exchange
CERT-EU	9 months ago	Russian hackers exploiting Outlook bug to hijack Exchange accounts
Unit42	10 months ago	In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584
CERT-EU	a year ago	The Hidden Dangers of Remote Code Execution (RCE) Exploits in Word Documents
CERT-EU	a year ago	LokiBot Information Stealer Packs Fresh Infection Strategies
Securityaffairs	a year ago	In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues
Fortinet	a year ago	LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros \| FortiGuard Labs
BankInfoSecurity	a year ago	Latest LokiBot Campaign Exploits Malicious MS Documents
InfoSecurity-magazine	a year ago	LokiBot Malware Targets Windows Users in Office Document Attacks
CERT-EU	a year ago	New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs
MITRE	2 years ago	Exposing initial access broker with ties to Conti