ctipilot.ch

2026-05-09-migrated

One pipeline fire, in full · intel run of 2026-05-09 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-05-09/2026-05-09-migrated.md.

Run telemetry

2026-05-09-migrated intel prompt v2.37
duration 17 published 3 updates
unknown (unknown) main agent
S1 absent

No record for this sub-agent.

S2 absent

No record for this sub-agent.

S3 absent

No record for this sub-agent.

S4 absent

No record for this sub-agent.

Verification

0 iterations · 0 residuals (legacy scalar · per-iteration breakdown not recorded)

Deep dive

2026-05-09/seppmail-secure-email-gateway-cvss-9-3-unauthenticated-rce-c

Entries published (this run)

Sources changed (this run)

Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.

No source-list edits recorded for this run.

Coverage gaps (this run)

Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)

No coverage gaps in this run · every source the brief needed returned usable content via its documented recipe.

Verification & coverage notes

The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.

Verification & coverage notesrun record body

2026-05-09-migrated · unknown · 17 entries published

Items Dropped from Phase 2 Candidates

GLPI CVE-2026-32312, CVE-2026-40108, CVE-2026-42317/18/20/21, CVE-2026-5385 — dedup: already covered 2026-05-08. Sub-agent S2 included these seven GLPI CVEs (CERTFR-2026-AVI-0551) as new candidates. Cross-check against state/cves_seen.json confirmed all seven were first-seen and fully covered in the 2026-05-08 brief. Dropped.

cPanel CVE-2026-29201 / CVE-2026-29202 / CVE-2026-29203 — § 3 gate not cleared; embargoed details. S1 flagged these three cPanel CVEs reported by watchTowr. Technical details remain under responsible-disclosure embargo (watchTowr post contained no CVSS score, no exploitation confirmation, and no published patch details). None of the § 3 inclusion gates (CISA KEV, vendor ITW confirmation, pre-auth RCE with PoC, ENISA EUVD CVSS-9+/exploited) were met. Dropped.

Apache CloudStack CVE-2026-25077 — post-auth, no KEV, no ITW; § 3 gate not cleared. S1 reported CVE-2026-25077 (Apache CloudStack authentication token handling flaw, CVSS 7.2). Authentication required for exploitation (post-auth admin access needed); no KEV entry; no ITW confirmation. § 3 gate not met. Dropped.

IBM Italy / Salt Typhoon state-actor breach — outside 36 h / 72 h recency windows. S4 reported a Corriere della Sera / Il Sole 24 Ore story on alleged Salt Typhoon compromise of IBM Italy infrastructure. Primary source dates: 2026-05-04 (Il Sole 24 Ore) and 2026-05-05 (BleepingComputer). The 72-hour developing window opened 2026-05-06 00:00 UTC; the primary developments predate this. No material new developments published within the window were identified. Dropped.

ChipSoft (Netherlands healthcare IT) — primary event outside window; secondary source unverifiable. S4 flagged a potential ChipSoft breach. The primary development (a ChipSoft advisory) was dated 2026-04-29, outside the 72-hour developing window. A May 7 DataBreaches.net reference was attempted via bridge fetch and returned HTTP 403. With the primary event outside the window and no verifiable secondary source, this was dropped.


Single-Source Items (§ 3 National-CERT Carve-Out and Other Exceptions)

CVE-2025-68670 (xrdp) — single source (Kaspersky Securelist). Despite a bridge-assisted fetch sweep across NCSC-CH (no post found), CERT-FR, and BSI, no corroborating advisory was found within the recency window. The vendor (xrdp project) has a corresponding GitHub commit and a release at 0.10.5 confirming the patch, which counts as independent confirmation of the patch but not independent vulnerability analysis. Marked [SINGLE-SOURCE] in § 3.

SEPPmail CVE cluster (CVE-2026-44128 et al.) — primary advisory is NCSC-CH (national CERT, carve-out applies) plus vendor release notes. No third-party security researcher write-up was found for this cluster. NCSC-CH is a national CERT, qualifying for the national-CERT single-source carve-out per prompt PD-6. Vendor release notes at the SEPPmail downloads portal independently confirm the CVE assignments and patched version. Marked [SINGLE-SOURCE-NATIONAL-CERT carve-out + vendor] in § 3.

Polish ABW water OT named facility list — ABW annual report only. The five named facilities (Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko, Sierakowo) appear only in the ABW Annual Report 2025. SecurityAffairs coverage cites the ABW report as its source; no independent naming was found. The ABW is a national government security agency, and its annual report constitutes an authoritative primary source. The two-source requirement is met at the level of the core story (ABW annual report + SecurityAffairs coverage), but the specific facility names derive from a single document.


URL Integrity Flags

Kaspersky DAEMON Tools URL — Turkish-language path corrected. The original Kaspersky Securelist URL provided by S1 contained a /tr/ path component (https://securelist.com/tr/daemon-tools-supply-chain-attack/...), indicating a Turkish-locale variant. The English canonical URL (https://www.kaspersky.com/blog/daemon-tools-supply-chain-attack/55691/) was verified live and used in all citations. Readers should use the English-path URL for consistency.

Ivanti hub.ivanti.com advisory URL — authentication wall; national CERT advisory substituted. The vendor advisory URL for CVE-2026-5787/CVE-2026-6973 at hub.ivanti.com requires customer portal login and was not fetchable. CERT-FR CERTFR-2026-AVI-0552 and NCSC-CH post 12548 are cited as primary public-access sources throughout. Readers with Ivanti support portal access should cross-reference the vendor advisory for full patch instructions.

SEPPmail patch version discrepancy — resolved. Sub-agent S1 initially cited SEPPmail fixed version as 15.0.2.1 based on the vendor release notes table. S2 and NCSC-CH advisory 12551 cite 15.0.4 / 15.0.4.1. Investigation: 15.0.2.1 is an earlier branch-maintenance release (different security fix scope); 15.0.4 is the current patch release addressing all six CVEs in the cluster. NCSC-CH's recommended version (15.0.4 / 15.0.4.1) is used throughout as the authoritative remediation target.


Coverage Gaps

ENISA EUVD — JavaScript-rendered; returned empty on all fetch attempts during this run. EUVD could not be used as a secondary confirmation source. This is a recurring infrastructure gap for this routine. coverage_gap: enisa-euvd-inaccessible

CCN-CERT-ES (Spain) — Geo-blocked (HTTP 451 / 403) on all fetch attempts including bridge. coverage_gap: ccn-cert-es-geoblocked

CISA advisories (ICS-CERT and standard) — CISA domains return HTTP 403 on default UA and require the bridge fetcher (tools/fetch_source.py). Bridge was used for CISA KEV status lookups; specific ICS advisories that may be relevant to OT items were not fully enumerated due to bridge throttling (rate limit encountered on third request in window). coverage_gap: cisa-ics-advisories-partial

Unmatched action items (migrated)

  • Verify Captive Portal is disabled: Device > User Identification > Captive Portal Settings > uncheck Enable Captive Portal.
  • If GlobalProtect is not required, disable it. Confirm with show global-protect-gateway summary.
  • Apply/confirm Threat Prevention content update ≥ 8765-9032 and confirm signatures 95817/95818/95820 are in blocking mode.
  • Hunt for rogue admin account name pattern svc-health-check-[6-digit-numeric] in admin account list (show admins).
  • Review running configuration exports for unexpected changes, particularly pre-shared key material.
  • Upgrade to SEPPmail 15.0.4 (patch 15.0.4.1). Contact SEPPmail support if the update channel is unavailable.
  • If patching is delayed: block source IPs outside admin CIDR from paths /gina/diag/ and /gina/api/v1/admin/ at WAF or network perimeter.
  • After patching: confirm /gina/diag/exec returns HTTP 403/404 from an untrusted IP; confirm /gina/api/v1/admin/config/export returns HTTP 401 without a valid session.
  • Rotate LDAP bind credentials, SMTP relay credentials, and S/MIME key store password regardless of whether exploitation is suspected.
  • Review Tomcat access logs (/var/log/seppmail/access_log.*.txt) for historical access to /gina/diag/ or /gina/api/v1/admin/.
  • Patch Ivanti EPMM to the vendor's current patch level (EPMM 11.12.0.4 or 12.1.0.1 per vendor advisory).
  • If patching is not achievable by 2026-05-10: isolate the admin API (TCP/8443) from internet access at the perimeter firewall.
  • Rotate all admin-level credentials on EPMM instances, including those patched for January 2026 CVE-2026-1281/1340 but where passwords were not rotated after that event.
  • Review device management logs for unexpected device enrollment, profile push, or configuration export events since 2026-04-25.
  • EU organisations: confirm GDPR Article 33 notification obligations — if devices enrolled in EPMM belonged to data subjects, the compromise may trigger a personal data breach notification.
  • Identify all LiteLLM Proxy instances in your environment, including self-hosted, cloud-VM, and container deployments.
  • Update to v1.83.7+: pip install --upgrade litellm or pull updated container image.
  • Treat every upstream API key stored in the proxy database as compromised if the instance was internet-accessible during the exposure window (post-2026-04-29 GHSA publication): rotate OpenAI, Anthropic, Azure OpenAI, Cohere, and all other configured provider keys.
  • Review proxy database access logs for time-delayed injection patterns (multiple requests with anomalous Authorization headers, especially those containing SQL metacharacters or sleep directives).
  • Apply available distribution patches: Ubuntu 22.04/24.04, RHEL 8/9, and CentOS Stream are the priority distros with patches available.
  • For unpatched systems: confirm /proc/sys/kernel/unprivileged_userns_clone is set to 0 on Ubuntu/Debian. On RHEL, confirm user.max_user_namespaces=0 via sysctl.
  • If FIPS mode is not enabled and algif_aead is loadable, check lsmod | grep algif_aead and blacklist if not required: echo "blacklist algif_aead" > /etc/modprobe.d/blacklist-algif.conf && update-initramfs -u.
  • Query EDR/software inventory for DAEMON Tools Lite versions 12.5.0.2421 through 12.5.0.2434.
  • On flagged hosts: check for envchk.exe, processes injected into notepad.exe or conhost.exe, and outbound UDP 443 (QUIC) to non-sanctioned destinations.
  • Update to clean version 12.6.0.2445 if DAEMON Tools Lite is authorised in your environment.
  • If your organisation uses Canvas LMS, confirm with Instructure whether you received an institution notification (Instructure stated affected institutions were notified by 2026-05-01).
  • If notified: assess whether enrolled student or staff data was in scope; evaluate GDPR Article 33 notification obligations (72-hour clock runs from the date Instructure provided confirmation of scope to your institution).
  • Review third-party LTI tool provider access grants in Canvas admin console; revoke service accounts for unused integrations.

Migrated from briefs/2026-05-09.md (v2).

← Operations dashboard · day page 2026-05-09 · run-record contract: docs/pipeline.md