Attack path: CVE-2026-56115
Where this CVE sits in the complete attacker lifecycle.
0 techniques directly attributed and 1 inferred, across 1 phase. Each technique shows its mapping confidence; follow-on techniques come from shared-actor co-occurrence.
Highlighted from CVE-2026-56115 · primary technique T1210
Reconnaissance
·
Resource Dev
·
Initial Access
·
Persistence
Stealth
·
Defense Impairment
·
Credential Access
Discovery
Lateral Movement
Collection
·
C2
·
Exfiltration
·
Impact
T1488
7.3x
Disk Content Wipe
T1495
5.2x
Firmware Corruption
✓ detection content available
T1496
5.0x
Resource Hijacking
✓ detection content available
T1561
4.6x
Disk Wipe
T1529
4.2x
System Shutdown/Reboot
✓ detection content available
T1499.004
4.2x
Application or System Exploitation
✓ detection content available
T1561.001
4.2x
Disk Content Wipe
✓ detection content available
T1561.002
4.2x
Disk Structure Wipe
✓ detection content available
Want your real detection gaps for this chain?
Declare your detection stack - your rules, telemetry, and techniques - and we will show exactly which of these techniques you cannot see. We do not grade you against a public rule corpus, only against what you actually run.
Direct - an ATT&CK/nuclei source names this CVE
Inferred - derived via CWE/CAPEC (lower confidence, may be off)
Likely follow-on (shared-actor co-occurrence)
✓We hold public detection content
Lift = how strongly a follow-on co-occurs with this CVE across shared threat actors (1x expected, 5x highly distinctive).
Hunt package
All 16 techniques in this view - Sigma rules, Atomic tests, and coverage in one place.