Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: Port 5986 (tcp/udp) Attack Activity Port 5986 (tcp/udp) Attack Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
[get complete service list]
Port Information
Protocol Service Name
tcp wsmans WBEM
tcp OMI Open Management Infrastructure
Top IPs Scanning
TodayYesterday
89.248.174.193 (151)192.241.205.143 (1850)
192.241.210.35 (143)45.146.165.16 (175)
192.241.210.200 (129)192.241.204.232 (138)
192.241.199.15 (63)192.241.206.156 (63)
45.146.165.16 (49)107.189.12.143 (63)
192.241.202.181 (44)192.241.207.196 (55)
107.189.12.143 (36)23.148.145.29 (42)
45.146.165.208 (13)23.148.145.7 (39)
128.14.133.50 (9)209.141.51.126 (29)
128.14.209.146 (9)45.146.165.208 (18)
Port diary mentions
URL
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports.
User Comments
Submitted By Date
Comment
2021-09-21 00:21:14
Used by Open Management Infrastructure (OMI) framework. Actively Exploited. https://msrc-blog.microsoft.com/2021/09/16/additional-guidance-regarding-omi-vulnerabilities-within-azure-vm-management-extensions/ Also see port 5985/TCP, 5986/TCP, 1270/TCP
Add a comment
CVE Links
CVE # Description