Winter Vivern Capitalizes on Zero-Day Flaw in Roundcube
Winter Vivern Capitalizes on Zero-Day Flaw in Roundcube
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
The Winter Vivern cyberespionage group has been actively exploiting a zero-day vulnerability in the Roundcube webmail. The identified vulnerability, CVE-2023-5631, permits stored cross-site scripting through HTML email messages, enabling remote attackers to execute arbitrary JavaScript code. This vulnerability is leveraged by the Threat Actors to harvest email messages from the accounts of the victims.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.