Security News > 2021 > July > Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S.
A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States.
Sygnia does not mention China in its report, but the company said it found some links to attacks that were previously attributed to the Chinese government.
The attacks involve CVE-2021-27852, a deserialization-related code execution vulnerability affecting Checkbox Survey, an ASP.NET tool designed for adding survey functionality to websites.
When it disclosed the vulnerability in May, the CERT Coordination Center at Carnegie Mellon University warned that it had been exploited in the wild, but it did not share any information about the attacks.
It's unclear if the CERT/CC advisory refers to the attacks detailed by Sygnia, but the company told SecurityWeek that it reported its findings to CERT/CC at around the same time the advisory was published.
Sygnia has found similarities between the malware used in the Australia attacks and the one involved in the attacks analyzed by its experts.
News URL
Related news
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- FortiManager critical vulnerability under active attack (source)
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2021-27852 | Deserialization of Untrusted Data vulnerability in Checkbox Survey Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. | 9.8 |