ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·3/30/2023
CVE-2022-39197 added to CISA KEV: Fortra Cobalt Strike
Status: ✅ Confirmed exploited in the wild
Date added: 2023-03-30
Required action: Apply updates per vendor instructions.
Due date: 2023-04-20
Why this matters
Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.