CVE-2023-33246 DreamBus botnet leverages RocketMQ vulnerability. You would like to know what coverage SEP offers. 

SEP 14.x. 

CVE-2023-33246 is a remote code execution vulnerability affecting Apache RocketMQ which is a distributed messaging and streaming platform. If exploited could allow remote attackers to perform arbitrary code execution. According to recent reports, modular botnet known as DreamBus has resurfaced in a newly observed campaign that leverages this RocketMQ vulnerability for initial access and malware distribution. DreamBus capabilities includes bash script execution as well as download and execution of additional modules and XMRig coinminer payloads.

Symantec protects you from this threat, identified by the following:

File-based

• Linux.Mirai
• Trojan Horse
• Trojan.Gen.NPE
• WS.Malware.1

Network-based

• Web Attack: RocketMQ RCE CVE-2023-33246

Web-based

• Observed domains/IPs are covered under security categories in all WebPulse enabled products