Cyber Resilience

Campaign · all campaigns

ShadowRayC0045 unknown

aka ShadowRay

Last updated: 2026-07-03

0attributed CVEs
16ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[ShadowRay](https://attack.mitre.org/campaigns/C0045) was a campaign that began in late 2023 targeting the education, cryptocurrency, biopharma, and other sectors through a vulnerability (CVE-2023-48022) in the Ray AI framework named ShadowRay. According to security researchers [ShadowRay](https://attack.mitre.org/campaigns/C0045) was the first known instance of AI workloads being activley exploited in the wild through vulnerabilities in AI infrastructure. CVE-2023-48022, which allows access to compute resources and sensitive data for exposed instances, remains unpatched and has been disputed by the vendor as they maintain that Ray is not intended for use outside of a strictly controlled network environment.(Citation: Oligo ShadowRay Campaign MAR 2024)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
CM-610 / 1662%
SI-310 / 1662%
CM-29 / 1656%
SI-49 / 1656%
AC-38 / 1650%
AC-68 / 1650%
SI-78 / 1650%
AC-27 / 1644%
CA-77 / 1644%
SI-27 / 1644%
CM-76 / 1638%
CM-55 / 1631%
AC-44 / 1625%
AC-54 / 1625%
IA-24 / 1625%

Co-occurring actors

None.

Similar actors

Similar TTPs