CVE-2022-42948 - Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability

Vulnerability Name

Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability

Description

Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-2/

https://nvd.nist.gov/vuln/detail/CVE-2022-42948