MAGIC HOUND

RANSOMWARE

Magic Hound is a ransomware group that primarily targets large enterprises and critical infrastructure sectors such as healthcare, manufacturing, and financial services. The initial access vector for Magic Hound often involves exploiting publicly exposed network services or vulnerabilities within third-party software to gain an initial foothold. Once inside the network, the group employs double extortion tactics, encrypting data while also threatening to leak sensitive information if ransom demands are not met. What sets Magic Hound apart from other ransomware actors is its extensive use of unconfirmed predicted CVEs to identify potential vulnerabilities before they are publicly disclosed, suggesting a high level of technical sophistication and proactive threat intelligence capabilities.

From a technical standpoint, Magic Hound predominantly focuses on exploiting critical and high-severity vulnerabilities across various categories such as remote code execution (RCE) and authentication bypass. The group's reliance on unconfirmed predicted CVEs indicates an advanced understanding of vulnerability management systems and potential zero-day exploits. Defenders should prioritize the continuous monitoring and patching of known vulnerabilities, particularly in widely used network services and third-party software components. Additionally, implementing robust threat intelligence sharing mechanisms can help organizations stay ahead of Magic Hound's evolving tactics and techniques.

Predicted CVEs (100) CORRELATION

How does prediction work?

Predicted CVEs are identified through automated correlation using multiple sources: vendor/product profiles historically targeted by the group (MITRE ATT&CK), attack chain patterns (KEV + TTPs), threat intelligence (MISP, STIX), and AI analysis. These CVEs have not been confirmed as exploited by this specific group, but have a high probability of being targets based on the actor's operational profile.

CVE-2020-0796 CRITICAL Microsoft Windows 10 Version 1903 for 32-bit Systems predicted 10.0 CVE-2020-0796 CRITICAL Microsoft Windows 10 Version 1903 for 32-bit Systems predicted 10.0 CVE-2021-44228 CRITICAL Apache Software Foundation Apache Log4j2 predicted 10.0 CVE-2021-44228 CRITICAL Apache Software Foundation Apache Log4j2 medium 10.0 CVE-2020-1350 CRITICAL Microsoft Windows Server predicted 10.0 CVE-2023-23397 CRITICAL Microsoft Office LTSC 2021 predicted 9.8 CVE-2024-43468 CRITICAL Microsoft Configuration Manager predicted 9.8 CVE-2021-31166 CRITICAL Microsoft Windows 10 Version 2004 predicted 9.8 CVE-2025-53770 CRITICAL Microsoft SharePoint Enterprise Server 2016 predicted 9.8 CVE-2023-29357 CRITICAL Microsoft SharePoint Server 2019 predicted 9.8 CVE-2024-49035 CRITICAL Microsoft Partner Center predicted 9.8 CVE-2021-38647 CRITICAL Microsoft Open Management Infrastructure predicted 9.8 CVE-2020-0646 CRITICAL Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 predicted 9.8 CVE-2025-53770 CRITICAL Microsoft SharePoint Enterprise Server 2016 predicted 9.8 CVE-2024-21410 CRITICAL Microsoft Exchange Server 2016 Cumulative Update 23 predicted 9.8 CVE-2021-38647 CRITICAL Microsoft Open Management Infrastructure predicted 9.8 CVE-2023-29357 CRITICAL Microsoft SharePoint Server 2019 predicted 9.8 CVE-2024-21413 CRITICAL Microsoft Office 2019 predicted 9.8 CVE-2026-41089 CRITICAL Microsoft Windows Server 2012 predicted 9.8 CVE-2026-20963 CRITICAL Microsoft SharePoint Enterprise Server 2016 predicted 9.8 CVE-2025-59287 CRITICAL Microsoft Windows Server 2012 predicted 9.8 CVE-2025-24989 CRITICAL Microsoft Power Pages predicted 9.8 CVE-2021-34473 CRITICAL Microsoft Exchange Server 2013 Cumulative Update 23 predicted 9.1 CVE-2021-34473 CRITICAL Microsoft Exchange Server 2013 Cumulative Update 23 medium 9.1 CVE-2021-26855 CRITICAL Microsoft Exchange Server 2016 Cumulative Update 19 medium 9.1 CVE-2021-26855 CRITICAL Microsoft Exchange Server 2016 Cumulative Update 19 predicted 9.1 CVE-2020-1040 CRITICAL Microsoft Windows Server predicted 9.0 CVE-2021-45046 CRITICAL Apache Software Foundation Apache Log4j predicted 9.0 CVE-2026-45659 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 8.8 CVE-2021-42321 HIGH Microsoft Exchange Server 2016 Cumulative Update 21 predicted 8.8 CVE-2021-27085 HIGH Microsoft Internet Explorer 11 predicted 8.8 CVE-2022-26923 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2022-41080 HIGH Microsoft Exchange Server 2016 Cumulative Update 23 predicted 8.8 CVE-2022-41128 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2023-32049 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2023-21529 HIGH Microsoft Exchange Server 2019 Cumulative Update 12 predicted 8.8 CVE-2023-35311 HIGH Microsoft 365 Apps for Enterprise predicted 8.8 CVE-2023-36025 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2024-38189 HIGH Microsoft Office 2019 predicted 8.8 CVE-2024-29988 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2024-43461 HIGH Microsoft Windows 11 Version 24H2 predicted 8.8 CVE-2024-30040 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2025-49704 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 8.8 CVE-2025-33053 HIGH Microsoft Windows 10 Version 1507 predicted 8.8 CVE-2025-33073 HIGH Microsoft Windows 10 Version 1507 predicted 8.8 CVE-2026-21513 HIGH Microsoft Windows 10 Version 1607 predicted 8.8 CVE-2026-21510 HIGH Microsoft Windows 10 Version 1607 predicted 8.8 CVE-2020-1020 HIGH Microsoft Windows predicted 8.8 CVE-2020-0618 HIGH Microsoft SQL Server predicted 8.8 CVE-2021-42321 HIGH Microsoft Exchange Server 2016 Cumulative Update 21 predicted 8.8 CVE-2025-49704 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 8.8 CVE-2022-41040 HIGH Microsoft Exchange Server 2013 Cumulative Update 23 predicted 8.8 CVE-2020-0688 HIGH Microsoft Exchange Server 2013 predicted 8.8 CVE-2022-41080 HIGH Microsoft Exchange Server 2016 Cumulative Update 23 predicted 8.8 CVE-2021-34527 HIGH Microsoft Windows 10 Version 1809 predicted 8.8 CVE-2023-21529 HIGH Microsoft Exchange Server 2019 Cumulative Update 12 predicted 8.8 CVE-2020-17144 HIGH Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31 predicted 8.4 CVE-2020-0601 HIGH Microsoft Windows predicted 8.1 CVE-2024-43573 HIGH Microsoft Windows 10 Version 22H2 predicted 8.1 CVE-2024-21412 HIGH Microsoft Windows 11 version 21H2 predicted 8.1 CVE-2024-21412 HIGH Microsoft Windows 11 version 21H2 predicted 8.1 CVE-2022-41082 HIGH Microsoft Exchange Server 2013 Cumulative Update 23 predicted 8.0 CVE-2022-41082 HIGH Microsoft Exchange Server 2013 Cumulative Update 23 predicted 8.0 CVE-2024-26169 HIGH Microsoft Windows 10 Version 1809 predicted 7.8 CVE-2022-30190 HIGH Microsoft Windows 10 Version 1809 predicted 7.8 CVE-2020-0787 HIGH Microsoft Windows predicted 7.8 CVE-2021-1675 HIGH Microsoft Windows 10 Version 1809 predicted 7.8 CVE-2023-28252 HIGH Microsoft Windows 10 Version 1809 predicted 7.8 CVE-2024-21351 HIGH Microsoft Windows 11 Version 23H2 predicted 7.6 CVE-2021-27059 HIGH Microsoft Office 2016 predicted 7.6 CVE-2021-33742 HIGH Microsoft Windows 10 Version 1809 predicted 7.5 CVE-2025-30397 HIGH Microsoft Windows 10 Version 1507 predicted 7.5 CVE-2023-36884 HIGH Microsoft Windows 10 Version 1809 predicted 7.5 CVE-2021-36942 HIGH Microsoft Windows Server 2019 predicted 7.5 CVE-2021-42278 HIGH Microsoft Windows Server 2019 predicted 7.5 CVE-2020-0968 HIGH Microsoft Internet Explorer 9 predicted 7.5 CVE-2021-42287 HIGH Microsoft Windows Server 2019 predicted 7.5 CVE-2021-42287 HIGH Microsoft Windows Server 2019 predicted 7.5 CVE-2023-36884 HIGH Microsoft Windows 10 Version 1809 predicted 7.5 CVE-2021-36942 HIGH Microsoft Windows Server 2019 predicted 7.5 CVE-2024-38112 HIGH Microsoft Windows 10 Version 22H2 predicted 7.5 CVE-2024-29059 HIGH Microsoft .NET Framework 4.8 predicted 7.5 CVE-2023-38180 HIGH Microsoft ASP.NET Core 2.1 predicted 7.5 CVE-2021-33766 HIGH Microsoft Exchange Server 2019 Cumulative Update 9 predicted 7.3 CVE-2023-24955 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 7.2 CVE-2024-38094 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 7.2 CVE-2023-24955 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 7.2 CVE-2024-38094 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 7.2 CVE-2021-31196 HIGH Microsoft Exchange Server 2019 Cumulative Update 9 predicted 7.2 CVE-2021-43890 HIGH Microsoft App Installer predicted 7.1 CVE-2021-43890 HIGH Microsoft App Installer predicted 7.1 CVE-2021-34448 MEDIUM Microsoft Windows 10 Version 1809 predicted 6.8 CVE-2021-31207 MEDIUM Microsoft Exchange Server 2013 Cumulative Update 23 medium 6.6 CVE-2021-31207 MEDIUM Microsoft Exchange Server 2013 Cumulative Update 23 predicted 6.6 CVE-2026-32201 MEDIUM Microsoft SharePoint Enterprise Server 2016 predicted 6.5 CVE-2023-36761 MEDIUM Microsoft Office 2019 predicted 6.5 CVE-2024-38213 MEDIUM Microsoft Windows 10 Version 1809 predicted 6.5 CVE-2025-49706 MEDIUM Microsoft SharePoint Enterprise Server 2016 predicted 6.5 CVE-2024-43451 MEDIUM Microsoft Windows Server 2025 predicted 6.5 CVE-2025-49706 MEDIUM Microsoft SharePoint Enterprise Server 2016 predicted 6.5