HiveForce LabsHIVEPRO:CDD33FA940829C6CB648ABD43FFE25E9

HistoryNov 07, 2023 - 8:23 a.m.

Vulners
/
Hivepro
/
Kinsing Exploits Looney Tunables Vulnerability to Breach Cloud Environments

Kinsing Exploits Looney Tunables Vulnerability to Breach Cloud Environments

2023-11-0708:23:12

HiveForce Labs

www.hivepro.com

kinsing

looney tunables

vulnerability

breach

cloud environments

operations

cloud service providers

threat

advisory

linux

privilege escalation

7.2 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The threat actor Kinsing has recently been observed exploiting the Linux privilege escalation vulnerability known as "Looney Tunables (CVE-2023-4911)" as part of a new campaign aimed at breaching cloud environments. This represents an expansion of their operations, as they are now attempting to collect credentials from Cloud Service Providers (CSPs). This development suggests a potential broadening of their operational scope and an increased threat to cloud-native environments. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

osv 6

redhatcve 1

mageia 1

nessus 31

cbl_mariner 1

oraclelinux 8

broadcom 1

rosalinux 2

nvd 1

redhat 69

zdt 2

githubexploit 16

cisa_kev 1

attackerkb 1

openvas 10

wolfi 1

ubuntucve 1

prion 1

cgr 1

ibm 8

packetstorm 2

debiancve 1

hivepro 1

f5 1

cvelist 1

kitploit 1

cve 1

qualysblog 1

metasploit 1

github 1

ubuntu 1

cloudfoundry 1

thn 3

debian 1

fedora 3

rocky 1

gentoo 1

almalinux 2

rapid7blog 1

photon 1

avleonov 1

oracle 2

ics 1

osv

glibc - security update

2023-10-03 00:00:00

CVE-2023-4911

2023-10-03 18:15:10

glibc vulnerabilities

2023-10-03 18:04:23

redhatcve

CVE-2023-4911

2023-10-03 17:24:53

mageia

Updated glibc packages fix a security vulnerability

2023-10-12 00:04:02

nessus

CBL Mariner 2.0 Security Update: glibc (CVE-2023-4911)

2023-10-13 00:00:00

RHEL 9 : glibc (RHSA-2023:5454)

2023-10-05 00:00:00

Oracle Linux 8 : glibc (ELSA-2023-12853)

2023-10-09 00:00:00

cbl_mariner

CVE-2023-4911 affecting package glibc for versions less than 2.35-5

2023-10-11 01:41:59

oraclelinux

glibc security update

2023-10-05 00:00:00

glibc security update

2023-10-09 00:00:00

glibc security update

2023-10-05 00:00:00

broadcom

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so

2024-01-17 00:00:00

rosalinux

Advisory ROSA-SA-2024-2331

2024-01-30 08:06:33

Advisory ROSA-SA-2024-2332

2024-01-30 08:26:13

nvd

CVE-2023-4911

2023-10-03 18:15:10

redhat

(RHSA-2023:5454) Important: glibc security update

2023-10-05 10:06:44

(RHSA-2023:5476) Important: glibc security update

2023-10-05 13:52:32

(RHSA-2024:0033) Moderate: Red Hat Virtualization Host 4.4.z SP 1 security update

2024-01-03 14:02:59

zdt

Glibc Tunables Privilege Escalation Exploit

2023-12-21 00:00:00

glibc ld.so Local Privilege Escalation Vulnerability

2023-10-08 00:00:00

githubexploit

Exploit for Out-of-bounds Write in Gnu Glibc

2023-10-25 11:59:34

Exploit for Out-of-bounds Write in Gnu Glibc

2023-10-04 14:12:16

Exploit for Out-of-bounds Write in Gnu Glibc

2023-10-28 20:05:30

cisa_kev

GNU C Library Buffer Overflow Vulnerability

2023-11-21 00:00:00

attackerkb

CVE-2023-4911

2023-10-03 00:00:00

openvas

Mageia: Security Advisory (MGASA-2023-0286)

2023-10-12 00:00:00

Ubuntu: Security Advisory (USN-6409-1)

2023-10-04 00:00:00

Debian: Security Advisory (DSA-5514-1)

2023-10-04 00:00:00

wolfi

CVE-2023-4911 vulnerabilities

2024-07-03 03:08:38

ubuntucve

CVE-2023-4911

2023-10-03 00:00:00

prion

Buffer overflow

2023-10-03 18:15:00

cgr

CVE-2023-4911 vulnerabilities

2024-05-19 03:07:16

ibm

Security Bulletin: glibc vulnerability affects IBM Elastic Storage System (CVE-2023-4911)

2023-12-04 10:46:37

Security Bulletin: Vulnerability with GNU glibc & libcURL affect IBM Cloud Object Storage Systems (Nov2023v1)

2023-11-14 21:53:56

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from libcurl, glibc-minimal-langpack, glibc-common, ncurses-libs and Kubernetes

2023-11-16 16:21:31

packetstorm

Glibc Tunables Privilege Escalation

2023-12-21 00:00:00

glibc ld.so Local Privilege Escalation

2023-10-06 00:00:00

debiancve

CVE-2023-4911

2023-10-03 18:15:10

hivepro

‘Looney Tunables’ Flaw Enables Local Privilege Escalation in Glibc

2023-10-05 10:18:37

K000137187 : GlibC vulnerability CVE-2023-4911

2023-10-09 00:00:00

cvelist

CVE-2023-4911 Glibc: buffer overflow in ld.so leading to privilege escalation

2023-10-03 17:25:08

kitploit

LooneyPwner - Exploit Tool For CVE-2023-4911, Targeting The 'Looney Tunables' Glibc Vulnerability In Various Linux Distributions

2023-10-27 11:30:00

cve

CVE-2023-4911

2023-10-03 18:15:10

qualysblog

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

2023-10-03 17:21:22

metasploit

Glibc Tunables Privilege Escalation CVE-2023-4911 (aka Looney Tunables)

2023-12-14 23:28:43

github

Cueing up a calculator: an introduction to exploit development on Linux

2023-12-06 17:30:42

ubuntu

GNU C Library vulnerabilities

2023-10-03 00:00:00

cloudfoundry

USN-6409-1: GNU C Library vulnerabilities | Cloud Foundry

2024-03-18 00:00:00

thn

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

2023-11-03 13:12:00

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

2024-01-31 05:44:00

Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions

2023-10-04 07:21:00

debian

[SECURITY] [DSA 5514-1] glibc security update

2023-10-03 17:26:13

fedora

[SECURITY] Fedora 37 Update: glibc-2.36-14.fc37

2023-10-04 15:49:21

[SECURITY] Fedora 38 Update: glibc-2.37-10.fc38

2023-10-04 15:52:08

[SECURITY] Fedora 39 Update: glibc-2.38-6.fc39

2023-10-04 17:16:19

rocky

glibc security update

2023-10-06 22:57:06

gentoo

glibc: Multiple vulnerabilities

2023-10-04 00:00:00

almalinux

Important: glibc security update

2023-10-05 00:00:00

Important: glibc security update

2023-10-05 00:00:00

rapid7blog

Metasploit Weekly Wrap-Up

2023-12-22 16:32:56

photon

Critical Photon OS Security Update - PHSA-2023-5.0-0110

2023-10-06 00:00:00

avleonov

October 2023: back to Positive Technologies, Vulristics updates, Linux Patch Wednesday, Microsoft Patch Tuesday, PhysTech VM lecture

2023-11-05 18:39:59

oracle

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Oracle Critical Patch Update Advisory - April 2024

2024-04-16 00:00:00

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.2 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for HIVEPRO:CDD33FA940829C6CB648ABD43FFE25E9