ATT&CK matrix
T1030
Data Transfer Size Limits
1 CVE mapped
TA0010Exfiltration
An adversary may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.
Platforms4
LinuxmacOSWindowsESXi
CVEs mapped to this technique1
| CVE | Description | Severity | EPSS | Flags | Modified |
|---|---|---|---|---|---|
| CVE-2025-49113 | Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. | HIGH8.8 | 89%p100 | KEVWeaponized | 2026-02-23 |