Trusted Design

Firefox CVE-2015-4495 exploitation

概要

From source: This vulnerability allows attackers to bypass the same-origin policy and execute JavaScript remotely that will be interpreted in the local file context. This, in turn, allows attackers to read and write files on local machine as well as upload them to a remote server. The exploit for this vulnerability is being actively used in the wild

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Firefox exploit found in the wild (score: 0.74)
Mozilla Same origin violation and file stealing via PDF reader (score: 0.69)
Microsoft Security Bulletin MS15-093 - Internet Explorer RCE (score: 0.64)
Exploring CVE-2015-2545 and its users (score: 0.61)
Attackers Targeting Joomla! CVE-2015-8562 (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Gamaredon Group

Score: 6.77

Matched TTPs:

T1021.005 - VNC
T1027.015 - Compression

MITREへのリンク →

FIN7

Score: 12.65

Matched TTPs:

T1021.005 - VNC
T1059.007 - JavaScript
T1210 - Exploitation of Remote Services
T1021.001 - Remote Desktop Protocol
T1078.003 - Local Accounts

MITREへのリンク →

GCMAN

Score: 3.62

Matched TTPs:

T1021.005 - VNC

MITREへのリンク →

Fox Kitten

Score: 10.36

Matched TTPs:

T1021.005 - VNC
T1210 - Exploitation of Remote Services
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Turla

Score: 10.25

Matched TTPs:

T1059.007 - JavaScript
T1201 - Password Policy Discovery
T1189 - Drive-by Compromise
T1078.003 - Local Accounts

MITREへのリンク →

APT32

Score: 7.90

Matched TTPs:

T1059.007 - JavaScript
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1078.003 - Local Accounts

MITREへのリンク →

Saint Bear

Score: 5.52

Matched TTPs:

T1059.007 - JavaScript
T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

FIN6

Score: 5.96

Matched TTPs:

T1059.007 - JavaScript
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Sidewinder

Score: 3.47

Matched TTPs:

T1059.007 - JavaScript
T1203 - Exploitation for Client Execution

MITREへのリンク →

MoustachedBouncer

Score: 4.03

Matched TTPs:

T1059.007 - JavaScript
T1027.002 - Software Packing

MITREへのリンク →

MuddyWater

Score: 6.21

Matched TTPs:

T1059.007 - JavaScript
T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Earth Lusca

Score: 6.48

Matched TTPs:

T1059.007 - JavaScript
T1210 - Exploitation of Remote Services
T1189 - Drive-by Compromise

MITREへのリンク →

Winter Vivern

Score: 3.74

Matched TTPs:

T1059.007 - JavaScript
T1189 - Drive-by Compromise

MITREへのリンク →

Silence

Score: 7.06

Matched TTPs:

T1059.007 - JavaScript
T1218.001 - Compiled HTML File
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

TA505

Score: 4.03

Matched TTPs:

T1059.007 - JavaScript
T1027.002 - Software Packing

MITREへのリンク →

Cobalt Group

Score: 5.11

Matched TTPs:

T1059.007 - JavaScript
T1203 - Exploitation for Client Execution
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Higaisa

Score: 6.62

Matched TTPs:

T1059.007 - JavaScript
T1203 - Exploitation for Client Execution
T1027.015 - Compression

MITREへのリンク →

Kimsuky

Score: 17.01

Matched TTPs:

T1059.007 - JavaScript
T1176.001 - Browser Extensions
T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol
T1588.005 - Exploits
T1078.003 - Local Accounts

MITREへのリンク →

Indrik Spider

Score: 3.62

Matched TTPs:

T1059.007 - JavaScript
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Molerats

Score: 5.12

Matched TTPs:

T1059.007 - JavaScript
T1027.015 - Compression

MITREへのリンク →

Leafminer

Score: 3.74

Matched TTPs:

T1059.007 - JavaScript
T1189 - Drive-by Compromise

MITREへのリンク →

Mustang Panda

Score: 5.81

Matched TTPs:

T1059.007 - JavaScript
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Sandworm Team

Score: 7.68

Matched TTPs:

T1588.006 - Vulnerabilities
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Volt Typhoon

Score: 9.89

Matched TTPs:

T1588.006 - Vulnerabilities
T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Storm-0501

Score: 5.90

Matched TTPs:

T1588.006 - Vulnerabilities
T1027.002 - Software Packing

MITREへのリンク →

Ferocious Kitten

Score: 3.44

Matched TTPs:

T1036.002 - Right-to-Left Override

MITREへのリンク →

BlackTech

Score: 4.93

Matched TTPs:

T1036.002 - Right-to-Left Override
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ke3chang

Score: 5.78

Matched TTPs:

T1036.002 - Right-to-Left Override
T1003.003 - NTDS

MITREへのリンク →

Scarlet Mimic

Score: 3.44

Matched TTPs:

T1036.002 - Right-to-Left Override

MITREへのリンク →

BRONZE BUTLER

Score: 6.70

Matched TTPs:

T1036.002 - Right-to-Left Override
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Scattered Spider

Score: 8.12

Matched TTPs:

T1204 - User Execution
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

LAPSUS$

Score: 6.47

Matched TTPs:

T1204 - User Execution
T1003.003 - NTDS

MITREへのリンク →

Wizard Spider

Score: 6.73

Matched TTPs:

T1210 - Exploitation of Remote Services
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Ember Bear

Score: 8.37

Matched TTPs:

T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

APT28

Score: 8.35

Matched TTPs:

T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1003.003 - NTDS

MITREへのリンク →

Tonto Team

Score: 4.24

Matched TTPs:

T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

menuPass

Score: 6.73

Matched TTPs:

T1210 - Exploitation of Remote Services
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Dragonfly

Score: 9.99

Matched TTPs:

T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Threat Group-3390

Score: 11.21

Matched TTPs:

T1210 - Exploitation of Remote Services
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

OilRig

Score: 10.43

Matched TTPs:

T1218.001 - Compiled HTML File
T1201 - Password Policy Discovery
T1203 - Exploitation for Client Execution
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Dark Caracal

Score: 7.26

Matched TTPs:

T1218.001 - Compiled HTML File
T1189 - Drive-by Compromise
T1027.002 - Software Packing

MITREへのリンク →

APT41

Score: 10.97

Matched TTPs:

T1218.001 - Compiled HTML File
T1203 - Exploitation for Client Execution
T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

APT38

Score: 11.80

Matched TTPs:

T1218.001 - Compiled HTML File
T1189 - Drive-by Compromise
T1027.002 - Software Packing
T1036.006 - Space after Filename

MITREへのリンク →

Chimera

Score: 7.83

Matched TTPs:

T1201 - Password Policy Discovery
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

Andariel

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

The White Company

Score: 3.55

Matched TTPs:

T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

Lazarus Group

Score: 4.91

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT29

Score: 15.29

Matched TTPs:

T1203 - Exploitation for Client Execution
T1027.006 - HTML Smuggling
T1651 - Cloud Administration Command
T1027.002 - Software Packing
T1078.003 - Local Accounts

MITREへのリンク →

Patchwork

Score: 6.96

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Axiom

Score: 9.44

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol
T1001.002 - Steganography

MITREへのリンク →

Leviathan

Score: 8.06

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol
T1027.015 - Compression

MITREへのリンク →

APT37

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

APT3

Score: 5.19

Matched TTPs:

T1203 - Exploitation for Client Execution
T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Sea Turtle

Score: 4.16

Matched TTPs:

T1203 - Exploitation for Client Execution
T1078.003 - Local Accounts

MITREへのリンク →

Transparent Tribe

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Tropic Trooper

Score: 4.16

Matched TTPs:

T1203 - Exploitation for Client Execution
T1078.003 - Local Accounts

MITREへのリンク →

Aoqin Dragon

Score: 3.55

Matched TTPs:

T1203 - Exploitation for Client Execution
T1027.002 - Software Packing

MITREへのリンク →

Elderwood

Score: 5.31

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1027.002 - Software Packing

MITREへのリンク →

Darkhotel

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

PROMETHIUM

Score: 4.43

Matched TTPs:

T1189 - Drive-by Compromise
T1078.003 - Local Accounts

MITREへのリンク →

Magic Hound

Score: 3.41

Matched TTPs:

T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

TA2541

Score: 5.20

Matched TTPs:

T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

APT39

Score: 3.70

Matched TTPs:

T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Medusa Group

Score: 10.58

Matched TTPs:

T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS
T1218.014 - MMC

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

FIN10

Score: 4.31

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1078.003 - Local Accounts

MITREへのリンク →

FIN13

Score: 3.99

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1003.003 - NTDS

MITREへのリンク →

HAFNIUM

Score: 5.01

Matched TTPs:

T1003.003 - NTDS
T1078.003 - Local Accounts

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.74

Matched TTPs:

T1078.003 - Local Accounts
T1588.005 - Exploits
T1059.007 - JavaScript
T1027.002 - Software Packing
T1021.001 - Remote Desktop Protocol
T1176.001 - Browser Extensions

MITREへのリンク →

APT29

Score: 0.71

Matched TTPs:

T1078.003 - Local Accounts
T1027.006 - HTML Smuggling
T1651 - Cloud Administration Command
T1027.002 - Software Packing
T1203 - Exploitation for Client Execution

MITREへのリンク →

FIN7

Score: 0.62

Matched TTPs:

T1210 - Exploitation of Remote Services
T1078.003 - Local Accounts
T1021.005 - VNC
T1021.001 - Remote Desktop Protocol
T1059.007 - JavaScript

MITREへのリンク →

APT38

Score: 0.55

Matched TTPs:

T1036.006 - Space after Filename
T1027.002 - Software Packing
T1189 - Drive-by Compromise
T1218.001 - Compiled HTML File

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る