ET EXPLOIT Broadcom Altiris IRM Unauthenticated Remote Code Execution (CVE-2025-5333)

SID: 2063464Rev: 118 views

Sourceet/open

CreatedJuly 15, 2025

UpdatedJuly 15, 2025

Classificationattempted-user

alert tcp any any -> $HOME_NET 4011 (msg:"ET EXPLOIT Broadcom Altiris IRM Unauthenticated Remote Code Execution (CVE-2025-5333)"; flow:established,to_server; content:"|2e|NET"; startswith; content:"tcp|3a 2f 2f|"; content:"|3a|4011/IRM/HostedService"; fast_pattern; distance:0; reference:url,www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/; reference:cve,2025-5333; classtype:attempted-user; sid:2063464; rev:1; metadata:attack_target Networking_Equipment, created_at 2025_07_15, cve CVE_2025_5333, deployment Perimeter, confidence High, signature_severity Major, updated_at 2025_07_15, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)

References

url	www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/
cve	2025-5333

Metadata

attack targetNetworking_Equipment

created at2025_07_15

cveCVE-2025-5333

deploymentPerimeter

confidenceHigh

signature severityMajor

updated at2025_07_15

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1190

mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!