CVE-2022-47986

Vulnerability updated a month ago (2024-11-29T14:27:08.433Z)
Download STIX
Preview STIX
CVE-2022-47986 is a critical software vulnerability, specifically a deserialization flaw, found in IBM's Aspera Faspex file-sharing application. This vulnerability has been exploited by threat actors to deploy ransomware, significantly compromising the security of systems using this software. The vulnerability was given a high severity rating with a Common Vulnerability Scoring System (CVSS) score of 9.8, indicating its potential for causing substantial harm. The exploitation of CVE-2022-47986 was first reported in February and has since been observed being used in several cyberattacks. For instance, the IceFire and Cl0p ransomware attacks took advantage of this vulnerability, targeting not only generic Linux system directories but also paths related to Oracle databases. The operators swiftly exploited other severe bugs, including those impacting PaperCut, demonstrating their agility in leveraging vulnerabilities for malicious purposes. In light of these events, it is crucial for organizations using IBM's Aspera Faspex application to apply patches or mitigations provided by IBM to address CVE-2022-47986. The rapid exploitation of this vulnerability underscores the need for timely patch management and proactive cybersecurity measures to protect against such threats.
Description last updated: 2024-05-04T17:26:08.572Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Ransomware
Linux
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The IceFire Malware is associated with CVE-2022-47986. IceFire is a malicious software (malware) that has been detected as part of the Linux ransomware family. It was initially known for attacking Windows systems, but recent developments have seen it expand its reach to both Linux and Windows systems. The shift by IceFire to target Linux systems worldwiUnspecified
3
Source Document References
Information about the CVE-2022-47986 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Checkpoint
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Canadian Centre for Cyber Security
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
DARKReading
2 years ago
Securityaffairs
2 years ago
CSO Online
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
DARKReading
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago