# Pioneer Kitten's Exploited Vulnerabilities
> [!NOTE]
> This is the list of vulnerabilities that have been observed during intrusions by Pioneer Kitten (aka Br0k3r, xplfinder, Fox Kitten, UNC757, Parisite, RUBIDIUM, and Lemon Sandstorm), the initial access broker (IAB) that has helped ransomware deployment, such as NoEscape, RansomHouse, and BlackCat as well as Pay2Key

### `Citrix`
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| NetScaler ADC & Gateway | CVE-2023-3519 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a) |
| NetScaler ADC & Gateway & SD-WAN | CVE-2019-19781 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-259a) |

### `Pulse Secure / Ivanti`
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| Pulse Connect Secure | CVE-2024-21887 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a) |
| Pulse Connect Secure & Pulse Policy Secure | CVE-2019-11539 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-259a) |
| Pulse Connect Secure | CVE-2019-11510 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-259a) |

### `F5`
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| BIG-IP | CVE-2022-1388 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a) |

### `Palo Alto Networks`
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| PAN-OS Firewall | CVE-2024-3400 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a) |

### `Check Point`
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| Security Gateway | CVE-2024-24919 | Pioneer Kitten+ | [cisa.gov](https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a) |

---

#### Sources
| Date Published | Report |
|---|---|
| 28 Aug 2024 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a |
| 15 Sep 2020 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-259a |