Volt Typhoon is a threat actor attributed to CN, also known as VOLTZITE, UAT-5918, Redfly. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Volt Typhoon exploit?

Volt Typhoon is known to exploit 4 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

Volt Typhoon

Also known as: VOLTZITE, UAT-5918, Redfly, VANGUARD PANDA, Dev-0391, UNC3236, Vanguard Panda, Insidious Taurus, BRONZE SILHOUETTE, UAT-7237, Storm-0391, Bronze Silhouette, Voltzite, DEV-0391

CNInformation theft and espionage

Exploited CVEs

Overview

[Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. [Secureworks] BRONZE SILHOUETTE likely operates on behalf the PRC. The targeting of U.S. government and defense organizations for intelligence gain aligns with PRC requirements, and the tradecraft observed in these engagements overlap with other state-sponsored Chinese threat groups.

Exploited Vulnerabilities

CVE ID	Action
CVE-2023-27997