Cyber Threat Report: 'Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021'
| Report Author | Mandiant |
|---|---|
| Publication Date | 2024-01-19 |
| Original Reporting | Source |
| Attributed to Nation | China |
| Related Intrusion Sets | UNC3886 |
| Identified CVEs | CVE-2023-34048 |
This short post from Mandiant researchers details how UNC3886 were observed exploiting a zero-day vulnerability in VMWare tools for approximately 2 years before the vulnerability (CVE-2023-34048) was publicly reported and patched. Mandiant observed vCenter crashes which likely indicated exploitation of the CVE across multiple UNC3886 intrusions between late 2021 and early 2022.
Cyber Threat Graph Context
Explore how this report relates to the wider threat graph