The article details UNC6692's use of social engineering to deploy a custom malware suite, but does not describe a specific software vulnerability with versioning data. The provided NVD data describes a critical, unrelated vulnerability (CVE-2025-12480, CVSS 9.1) in Gladinet Triofox, allowing unauthenticated remote access in versions prior to 16.7.10368.56560, which is fixed in that exact version.
2026-04-23 (Back to Inventory) Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite Author(s): Josh Kelley , JP Glab , Muhammad Umair , Tufail Ahmed Organization: Mandiant Open article directly Open article on Archive.org Related Articles 2026-02-09 ⋅ Mandiant ⋅ Adrian Hernandez , Ross Inman UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering SUGARLOADER WAVESHAPER 2025-11-10 ⋅ Mandiant ⋅ Bill Glynn , Kevin O'Flynn , Praveeth DSouza , Stallone D'Souza , Yash Gupta No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480 UNC6485 2025-10-16 ⋅ Mandiant ⋅ Blas Kojusner , Joseph Dobson , Robert Wallace DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains JADESNOW UNC5342