Campaign · all campaigns
Operation MidnightEclipseC0048 unknown
aka Operation MidnightEclipse
Last updated: 2026-07-03
0attributed CVEs
25ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Operation MidnightEclipse](https://attack.mitre.org/campaigns/C0048) was a campaign conducted in March and April 2024 that involved initial exploit of zero-day vulnerability CVE-2024-3400, a critical command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS.(Citation: Volexity UPSTYLE 2024)(Citation: Palo Alto MidnightEclipse APR 2024)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 18 / 25 | 72% |
CM-6 | 16 / 25 | 64% |
AC-3 | 15 / 25 | 60% |
AC-2 | 14 / 25 | 56% |
AC-6 | 14 / 25 | 56% |
CM-2 | 14 / 25 | 56% |
CM-7 | 13 / 25 | 52% |
AC-5 | 12 / 25 | 48% |
CM-5 | 12 / 25 | 48% |
IA-2 | 12 / 25 | 48% |
SI-3 | 11 / 25 | 44% |
CA-7 | 10 / 25 | 40% |
AC-4 | 9 / 25 | 36% |
SC-7 | 9 / 25 | 36% |
RA-5 | 7 / 25 | 28% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Cutting Edge 0.26
- C0017 0.25
- Cinnamon Tempest 0.24
- Night Dragon 0.24
- FIN13 0.22