LetsDefend Monitoring Alert

CVE-2024-49138 Exploitation Detected

Jan, 22, 2025, 02:37 AM

Event ID: 313

Event Time: Jan, 22, 2025, 02:37 AM

Rule Name: SOC335 - CVE-2024-49138 Exploitation Detected

Alert Type: Privilege Escalation

MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1110 - Credential Access - Brute Force,
T1055 - Privilege Escalation - Process Injection,
T1548 - Privilege Escalation - Abuse Elevation Control Mechanism,
T1068 - Privilege Escalation - Exploitation for Privilege Escalation,

Severity: Medium

Security Analyst

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166