{"vulnerability": "CVE-2021-42321", "sightings": [{"uuid": "c958b7db-c1d6-47de-8ed6-594bd71d87c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "d00d3389-d72d-42bc-8738-35c310d4d98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971173", "content": "", "creation_timestamp": "2024-12-24T20:25:21.295711Z"}, {"uuid": "47acd6ca-70d4-4f26-bae1-523b4eff4aef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=690", "content": "", "creation_timestamp": "2021-11-10T04:00:00.000000Z"}, {"uuid": "f7c6c09e-e1df-4d00-bc74-1840d7c5bf0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "e0f4cd23-968c-4604-a629-9114e3ee60a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/exchange_chainedserializationbinder_rce.rb", "content": "", "creation_timestamp": "2022-08-19T16:31:57.000000Z"}, {"uuid": "a6945581-0ef7-4acf-ba13-3994bf4f03d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_35/2021", "content": "", "creation_timestamp": "2021-11-24T07:25:09.000000Z"}, {"uuid": "76b4bd3a-6469-40eb-9df5-5ce99c888ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:40.000000Z"}, {"uuid": "1acdd262-9eca-4762-b3f8-94e728b91ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:58.000000Z"}, {"uuid": "02c10ab9-3eb5-4563-a93c-d0978a10ac12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/043df6f6-a167-4beb-a3a9-0f81632bf69a", "content": "", "creation_timestamp": "2026-02-02T12:28:32.898086Z"}, {"uuid": "d5334ee8-7441-4edc-900b-3451031a6776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c54ba016-1255-4e07-9fb6-686f9a0a936b", "content": "", "creation_timestamp": "2024-12-06T06:02:25.058002Z"}, {"uuid": "2d018c0c-6d8d-43fa-bdfb-f0014bb1616c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://t.me/cKure/7972", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Microsoft Fixes Exchange Server Zero-Day. November security update contains patches for 55 bugs \u2014 including six zero-days across various products including CVE-2021-42298, Exchange Server (CVE-2021-42321), Microsoft Excel (CVE-2021-42292), CVE-2021-38631\u00a0and\u00a0CVE-2021-41371\u00a0\u2014 involve Microsoft's RDP while flaws \u2014\u00a0CVE-2021-43208\u00a0and\u00a0CVE-2021-43209\u00a0are RCEs in Microsoft's 3D Viewer Remote technology.", "creation_timestamp": "2021-11-10T12:44:04.000000Z"}, {"uuid": "1ffc261a-ca70-4d1f-9fdc-f4f31cc964c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "67161f0f-9d4c-4770-8d2e-592410128334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8492", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Proxylogon, Proxyshell, Proxyoracle, Proxytoken, CVE-2021-42321 Deserialization RCE full chain exploit tool.\n\nhttps://github.com/FDlucifer/Proxy-Attackchain", "creation_timestamp": "2021-12-26T11:46:24.000000Z"}, {"uuid": "5c7e6c9f-2136-44e4-a225-738a5072d3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "https://t.me/cKure/8187", "content": "CVE-2021-42321: Proof-of-concept exploit code has been released online over the weekend for an actively exploited high severity vulnerability impacting Microsoft Exchange servers.\n\nhttps://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398", "creation_timestamp": "2021-11-22T23:01:08.000000Z"}, {"uuid": "e9d87503-5687-45ed-ae7d-4a70ab19a9c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "https://t.me/ckuRED/65", "content": "CVE-2021-42321: Proof-of-concept exploit code has been released online over the weekend for an actively exploited high severity vulnerability impacting Microsoft Exchange servers.\n\nhttps://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398", "creation_timestamp": "2021-11-22T23:00:56.000000Z"}, {"uuid": "20179fb8-14f9-4531-957a-8aca12047fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://t.me/itsec_news/1708", "content": "\u200b\ud83d\udd13 Microsoft: \u041a\u0438\u0442\u0430\u0439 \u043d\u0430\u043a\u0430\u043f\u043b\u0438\u0432\u0430\u0435\u0442 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\ud83d\udcac Microsoft \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u0438\u0431\u0435\u0440\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u041a\u0438\u0442\u0430\u044f \u0443\u043b\u0443\u0447\u0448\u0438\u043b\u0438\u0441\u044c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0437\u0430\u043a\u043e\u043d\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u041f\u0435\u043a\u0438\u043d\u0443 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u043d\u0435\u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u041f\u041e.\n\n\u0412\u043b\u0430\u0441\u0442\u0438 \u041a\u0438\u0442\u0430\u044f \u0432 2021 \u0433\u043e\u0434\u0443 \u043f\u0440\u0438\u043d\u044f\u043b\u0438 \u0437\u0430\u043a\u043e\u043d, \u043e\u0431\u044f\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u043c\u0435\u0441\u0442\u043d\u044b\u043c \u0432\u043b\u0430\u0441\u0442\u044f\u043c, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0438\u0445 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0434\u0440\u0443\u0433\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 . \u041f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u041f\u0435\u043a\u0438\u043d\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0441\u0442\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445. \u0413\u043e\u0434 \u0441\u043f\u0443\u0441\u0442\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0410\u0442\u043b\u0430\u043d\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0441\u043e\u0432\u0435\u0442\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445, \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u044e\u0449\u0438\u0445 \u0438\u0437 \u041a\u0438\u0442\u0430\u044f, \u0443\u043c\u0435\u043d\u044c\u0448\u0438\u043b\u043e\u0441\u044c, \u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u043e\u0441\u044c.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 Microsoft \u043e \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u0435 \u0437\u0430 2022 \u0433\u043e\u0434 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442\u0441\u044f , \u0447\u0442\u043e \u044d\u0442\u043e\u0442 \u0437\u0430\u043a\u043e\u043d \u00ab\u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u043c\u0443 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0440\u0443\u0436\u0438\u044f\u00bb.\n\nMicrosoft \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0433\u043e\u0434 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043e\u0442\u0440\u0430\u0436\u0430\u0435\u0442 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u041a\u0438\u0442\u0430\u044f \u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0432\u0430\u0436\u043d\u044b\u0439 \u0448\u0430\u0433 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u0430.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u043e\u0432\u0430\u043b\u0430 \u0431\u0430\u0437\u0438\u0440\u0443\u044e\u0449\u0438\u0445\u0441\u044f \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u041a\u0438\u0442\u0430\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u043a\u0430\u043a \u00ab\u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u044b\u0442\u043d\u044b\u0445\u00bb \u0432 \u043f\u043b\u0430\u043d\u0435 \u0434\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f. Microsoft \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0438\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c\u0438. \u0421\u044e\u0434\u0430 \u0432\u0445\u043e\u0434\u044f\u0442:\n\nCVE-2021-35211 (SolarWinds Serv-U);\nCVE-2021-40539 (Zoho ManageEngine ADSelfService Plus);\nCVE-2021-44077 (Zoho ManageEngine ServiceDesk Plus);\nCVE-2021-42321 (Microsoft Exchange);\nCVE-2022-26134 (Confluence).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u041a\u0438\u0442\u0430\u0439 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b \u0448\u043f\u0438\u043e\u043d\u0430\u0436 \u0438 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0441\u0442\u043e\u044f\u0442\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c \u0421\u0428\u0410 \u0443\u0441\u0438\u043b\u0438\u0442\u044c \u0441\u0432\u043e\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u0432 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438. \u0412 114-\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u041a\u0438\u0442\u0430\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u043e\u043f\u0430\u0433\u0430\u043d\u0434\u0438\u0441\u0442\u0441\u043a\u0438\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n#Microsoft #\u041a\u0438\u0442\u0430\u0439 #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-11-07T15:55:02.000000Z"}, {"uuid": "6e5b45ab-e2af-41e1-95e8-3136339896a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/349", "content": "Programmatically create hunting rules for deserialization exploitation (https://www.kitploit.com/search/label/Exploitation) with multiple    keywords (e.g. cmd.exe)  gadget chains (e.g. CommonsCollection)  object types (e.g. ViewState, Java, Python Pickle, PHP)  encodings (e.g. Base64, raw)  rule types (e.g. Snort, Yara)  \n  Disclaimer  Rules generated by this tool are intended for hunting/research purposes and are not designed for high fidelity/blocking purposes.  Please test thoroughly before deploying to any production systems.  The Yara rules are primarily intended for scanning web server logs. Some of the \"object prefixes\" are only 2 bytes long, so they can make large scans a bit slow. (Translation: please don't drop them all into VT Retrohunt.)  Usage  Help:  python3 heyserial.py -h  Examples:  python3 heyserial.py -c 'ExampleChain::condition1+condition2' -t JavaObj  python3 heyserial.py -k cmd.exe whoami 'This file cannot be run in DOS mode'  python3 heyserial.py -k Process.Start -t NETViewState -e base64 \"base64+utf16le\"    Utils  utils/checkyoself.py  This is a tool to automate bulk testing of Snort and Yara rules on a variety of sample files.  Usage:  python3 checkyoself.py [-y rules.yara] [-s rules.snort] [-o file_output_prefix] [--matches] [--misses] -d malware.exe malware.pcap  Examples:  python3 checkyoself.py -y rules/javaobj -s rules/javaobj -d payloads/javaobj pcaps --misses -o java_misses  utils/generate_payloads.ps1  YSoSerial.NET v1.34 payload generation. Run on Windows from the ./utils directory.    Source: https://github.com/pwntester/ysoserial.net  License: ysoserial.net_LICENSE.txt    utils/generate_payloads.sh  YSoSerial payload generation. Run on Linux from the ./utils directory.    Source: https://github.com/frohoff/ysoserial  License: ysoserial_LICENSE.txt    utils/install_snort.sh  Installing Snort on a Debian based system was a bit finnicky for me, so I wrote my install notes here.  Use at your own risk in a VM that you have snapshotted recently.  utils/server.py  Simple Python script that runs an HTTP server on 127.0.0.1:12345 and accepts POST requests.  Handy for generating test PCAPs.  License  Copyright (C) 2021 Alyssa Rahman, Mandiant, Inc. All Rights Reserved.  Licensed under the Apache License, Version 2.0 (the \"License\"); you may not use this file except in compliance with the License.  You may obtain a copy of the License at: [package root]/LICENSE.txt  Unless required by applicable law or agreed to in writing, software distributed (https://www.kitploit.com/search/label/Distributed) under the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the License for the specific language governing permissions and limitations under the License.  Contributing  Check out the Developers' guide (DEVELOPERS.md) for more details on extending HeySerial!  Prior Work/Related Resources  Tools    Deserialization-Cheat-Sheet (https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet) \u2013 @GrrrDog  Ysoserial (https://github.com/frohoff/ysoserial) - @frohoff  MarshalSec (https://github.com/frohoff/marshalsec) - @frohoff  Ysoserial (forked) (https://github.com/wh1t3p1g/ysoserial) - @wh1t3p1g  Ysoserial.NET (https://github.com/pwntester/ysoserial.net) and v2 branch (https://github.com/pwntester/ysoserial.net/tree/v2) - @pwntester  ViewGen (https://github.com/0xacb/viewgen) \u2013 0xacb  Rogue-JNDI (https://github.com/veracode-research/rogue-jndi) - @veracode-research    Vulnerabilities    Log4J (CVE-2021-44228 (https://www.lunasec.io/docs/blog/log4j-zero-day/))  Exchange (CVE-2021-42321 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42321))  Zoho ManageEngine (CVE-2020-10189 (https://nvd.nist.gov/vuln/detail/CVE-2020-10189))  Jira (CVE-2020-36239 (https://oxalis.io/atlassian-jira-data-centers-critical-vulnerability-what-you-need-to-know/))  Telerik (CVE-2019-18935", "creation_timestamp": "2022-05-12T22:17:01.000000Z"}, {"uuid": "76dc52f1-6ad1-4bfe-9f5c-fc598ab4d4f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1941", "content": "Proxy-Attackchain\nproxylogon, proxyshell, proxyoracle, proxytoken, CVE-2021-42321 Deserialization RCE full chain exploit tool\nProxyLogon: \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0438 \u0432\u043b\u0438\u044f\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f Exchange.\nProxyOracle: \u0430\u0442\u0430\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Exchange \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430\nProxyShell: \u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0430 Pwn2Own 2021 \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 Exchange.\nhttps://github.com/FDlucifer/Proxy-Attackchain\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-08T09:00:47.000000Z"}, {"uuid": "09e6aa49-7a1b-4a3d-8d8d-9a6aadfb5ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "https://t.me/CyberGovIL/1342", "content": "\u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d7\u05d5\u05d3\u05e9\u05d9 \u05e9\u05dc \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 - \u05e0\u05d5\u05d1\u05de\u05d1\u05e8 2021 | Com10760\n\n\u05d1-9 \u05dc\u05d7\u05d5\u05d3\u05e9 \u05e4\u05e8\u05e1\u05de\u05d4 \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05db-55 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05ea\u05d5\u05db\u05e0\u05d5\u05ea \u05e0\u05ea\u05de\u05db\u05d5\u05ea.\n\n6 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e1\u05d5\u05d5\u05d2\u05d5\u05ea \u05db\u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea. 4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d3\u05d5\u05d5\u05d7\u05d5 \u05e4\u05d5\u05de\u05d1\u05d9\u05ea \u05dc\u05e4\u05e0\u05d9 \u05e4\u05e8\u05e1\u05d5\u05dd \u05d4\u05e2\u05d3\u05db\u05d5\u05df. 2 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd (Zero Day).\n\n\u05d0\u05d7\u05ea \u05de\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc (CVE-2021-42321) \u05d4\u05d9\u05d0 \u05d1\u05e9\u05e8\u05ea\u05d9 Exchange, \u05d5\u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 (RCE) \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05de\u05d6\u05d5\u05d4\u05d4 (Authenticated).\n\n13 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e0\u05d9\u05ea\u05e0\u05d5\u05ea \u05dc\u05e0\u05d9\u05e6\u05d5\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e3 \u05de\u05e8\u05d5\u05d7\u05e7 \u05dc\u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 (RCE).\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05de\u05d0\u05d3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d4\u05e2\u05d3\u05db\u05d5\u05e0\u05d9\u05dd \u05d1\u05e1\u05d1\u05d9\u05d1\u05ea \u05e0\u05d9\u05e1\u05d5\u05d9, \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05e0\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2021-11-10T18:50:57.000000Z"}, {"uuid": "e74f60a3-eae7-4c9e-8549-03468dcb526d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/91", "content": "Some notes about Microsoft Exchange Deserialization RCE (CVE-2021\u201342321)\n\n\ud83d\udc64 by Peterjson\n\nPost-Auth Deserialization RCE in Microsoft Exchange Server 2016 and 2019. The vulnerability occurs due to issues with the validation of cmdlet arguments\n\n\ud83d\udcdd Contents: \n\u2022 Intro\n\u2022 The Sink\n\u2022 The Source\n\u2022 Full Exploit\n\u2022 Improvement\n\nhttps://peterjson.medium.com/some-notes-about-microsoft-exchange-deserialization-rce-cve-2021-42321-110d04e8852", "creation_timestamp": "2021-11-22T15:04:04.000000Z"}, {"uuid": "17ef7d1a-ea74-45d9-b8e1-2ab8013bee57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/42844", "content": "Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug\n\nhttps://ift.tt/3xhWB4X", "creation_timestamp": "2021-11-23T18:22:25.000000Z"}, {"uuid": "f423836f-57b5-4c69-a2b7-b1e5ee8c1d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "https://t.me/alexmakus/4390", "content": "\u0418 \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u0435\u043c \u043f\u0440\u043e \u0442\u043e, \u0447\u0442\u043e \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0443 Microsoft \u0431\u044b\u043b \u043d\u043e\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 patch tuesday! \u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 CVE \u2014\u00a055 \u0448\u0442\u0443\u043a! \u043d\u0443, \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c, \u043d\u0435 71, \u043a\u0430\u043a \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435, \u043d\u043e \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435. 6 \u0438\u0437 \u043d\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0435, 49 \u2014\u00a0\u0442\u0430\u043a, \u0435\u0440\u0443\u043d\u0434\u0430, \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u0434\u0430\u0436\u0435 \u0438 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0439 \ud83d\ude42\n\nhttps://msrc.microsoft.com/update-guide/releaseNote/2021-Nov\n\n\u0412\u043e\u0442 \u044d\u0442\u0430 \u0432 Exchange Server, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321\n\n\u0411\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u043d\u044b\u0439 \u043e\u0431\u0437\u043e\u0440 \u043f\u0430\u0442\u0447\u0430 \u0442\u0443\u0442 \u2014\u00a0https://www.zerodayinitiative.com/blog/2021/11/9/the-november-2021-security-update-review\n\n\u043d\u043e \u0432\u044b \u0438 \u0442\u0430\u043a \u0437\u043d\u0430\u0435\u0442\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c \ud83d\ude42", "creation_timestamp": "2021-11-18T12:47:38.000000Z"}, {"uuid": "572039b6-049f-4a18-9cb5-53291d53467e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3238", "content": "\u2b55\ufe0fPoC of MS Exchange RCE via mspaint.exe\n\n@securation", "creation_timestamp": "2021-11-23T13:52:23.000000Z"}, {"uuid": "def89f30-d24f-4dcf-abed-5c576ade6333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://t.me/arpsyndicate/1842", "content": "#ExploitObserverAlert\n\nCVE-2021-42321\n\nDESCRIPTION: Exploit Observer has 36 entries related to CVE-2021-42321. Microsoft Exchange Server Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.913120000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-17T21:18:36.000000Z"}, {"uuid": "61c49999-5783-4db3-b02d-c793d74f4632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/463", "content": "CVE-2021-42321 Microsoft Exchange Server Post-Auth RCE\nhttps://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398\n\nGhost let me Inject OS Commands RCE\nhttps://medium.com/@Hossam.Mesbah/ghost-let-me-inject-os-commands-rce-a6e71e54445d", "creation_timestamp": "2021-11-22T09:23:23.000000Z"}, {"uuid": "4b9c172c-4087-4ffe-ac7c-7b2f9b18771a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "https://t.me/true_secator/2359", "content": "\u200b\u200b\u0421\u043f\u0435\u0448\u0438\u043c \u0432\u0430\u0441 \u043e\u0431\u0440\u0430\u0434\u043e\u0432\u0430\u0442\u044c \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e\u0441\u0442\u044c\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u0441\u0440\u0435\u0434\u0438 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 (\u0438 \u0432 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0410\u0420\u0422) Microsoft Exchange. \u041d\u043e \u0432 \u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438 - \u0432\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043c\u043e.\n \n\u0412 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Janggggg \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 CVE-2021-42321, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 Exchange Server 2016 \u0438 Exchange Server 2019 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 \u0432 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 Exchange). \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u0430 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 Patch Tuesday.\n \n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f RCE \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0432 Exchange \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n \n\u041f\u043e\u043a\u0430 Microsoft \u0442\u0440\u0443\u0431\u044f\u0442 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0430\u0434\u043c\u0438\u043d\u044b Exchange \u0432\u043e\u0432\u0441\u044e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442, \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0438\u0445.\n \n\u041f\u043e\u043c\u043d\u044f \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 2021 \u0433\u043e\u0434\u0430 Exchange \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ProxyLogon \u0438 ProxyShell, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043f\u043e\u0441\u043a\u043e\u0440\u0435\u0435 \u0430\u043a\u0442\u0443\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 Exchange \u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0435 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2021-42321, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u043c \u043f\u0430\u0442\u0447\u0438.", "creation_timestamp": "2021-11-23T13:06:43.000000Z"}, {"uuid": "db703a00-40d8-4fa2-bdbf-924d8f7e970b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://t.me/true_secator/2302", "content": "\u200b\u200bMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u0439 PatchTuesday, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 6 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0435\u0449\u0435 49 \u0432\u0430\u0436\u043d\u044b\u0445, \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 55: \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 20 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 2 - \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 15 - \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, 10 - \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 3 - \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, 4 - \u0441\u043e \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n \n\u0422\u0435\u043a\u0443\u0449\u0438\u0439 Patch \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 2 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2021-42292 (\u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft Excel) \u0438 CVE-2021-42321 (\u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0432 Microsoft Exchange Server).\n \n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 Microsoft Exchange \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u0438 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0430 Tianfu Cup, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n \n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u043e\u0434\u043d\u0430\u043a\u043e \u0437\u0430\u0432\u0435\u0440\u044f\u044e\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u043d\u043e\u0441\u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Exchange 2016 \u0438 2019, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 Microsoft Exchange Server, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 \u0432 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 Exchange. \u041d\u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0441\u043d\u043e \u043f\u043e\u043c\u043d\u0438\u043c \u043f\u0440\u0435\u0442\u0435\u043d\u0437\u0438\u0438 \u0421\u0428\u0410 \u0438 \u0438\u0445 \u0441\u043e\u044e\u0437\u043d\u0438\u043a\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0415\u0421, \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044e \u0438 \u041d\u0410\u0422\u041e, \u0432 \u0430\u0434\u0440\u0435\u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0432\u043b\u0430\u0441\u0442\u0435\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 Microsoft Exchange.\n \n\u0412\u0442\u043e\u0440\u043e\u0439 0-day \u0431\u044b\u043b \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 Microsoft Excel \u0438 \u043e\u043f\u0438\u0441\u0430\u043d \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u0442\u0430\u0431\u043b\u0438\u0446. \u0414\u044b\u0440\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0426\u0435\u043d\u0442\u0440\u043e\u043c \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u0443\u0433\u0440\u043e\u0437 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439.\n \n\u041d\u043e\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2021-3711, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u0435\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f SM2 OpenSSL, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0441\u044f \u0432 \u043a\u043e\u043d\u0446\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2021 \u0433\u043e\u0434\u0430 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0435. \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f (DoS).\n \n\u0414\u0440\u0443\u0433\u0438\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 Chakra Scripting Engine (CVE-2021-42279), Microsoft Defender (CVE-2021-42298), Microsoft Virtual Machine Bus (CVE-2021-26443), RDP (CVE-2021-38631 \u0438 CVE-2021-41371), \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u0445 3D-\u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 (CVE-2021-43208 \u0438 CVE-2021-43209).\n \n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Microsoft Patch Tuesday \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Azure, Microsoft Edge, Visual Studio \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows.\n \n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 Patch Tuesday \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 Adobe, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 4 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d \u0441\u0430\u043c\u044b\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a CVE-2021-39858 \u0432 RoboHelp Server (RHS2020.0.1 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043e\u0434 Windows) \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0446\u0435\u043d\u043a\u0443 \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439\u00bb, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0440\u0435\u0434\u0443 \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n \n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u043d\u043e\u044f\u0431\u0440\u044c 2021 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0437\u0434\u0435\u0441\u044c.\n \n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Mac \u043f\u043e\u043a\u0430 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u0434\u0430\u0436\u0435 \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Excel \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Microsoft Office \u0434\u043b\u044f macOS.\n \n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c Windows \u0431\u0435\u0437 \u043f\u0440\u043e\u043c\u0435\u0434\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c macOS \u0443\u043f\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u0443\u0434\u0430\u0447\u0443 \u0438 \u0442\u0435\u0440\u043f\u0435\u043d\u0438\u0435.", "creation_timestamp": "2021-11-10T13:12:56.000000Z"}, {"uuid": "a091a4d0-7484-4965-aece-493e33896f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "exploited", "source": "Telegram/PmOi4UCqVk8vGB488C4H9nDpjCEpRjPBecP-Gyu-rWZ2rA0s", "content": "", "creation_timestamp": "2022-02-28T09:54:04.000000Z"}, {"uuid": "4cbfee3f-8e31-48d0-b9ea-4211b4b924cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/11626", "content": "\u0412 \u0441\u0435\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0441\u0432\u0435\u0436\u0435\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Exchange\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u043e\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e \u00ab\u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439\u00bb Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0430\u0433 CVE-2021-42321, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 Exchange Server 2016 \u0438 Exchange Server 2019. \u0422\u0435\u043f\u0435\u0440\u044c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442.\n\nhttps://xakep.ru/2021/11/24/cve-2021-42321-poc/", "creation_timestamp": "2021-11-24T21:03:24.000000Z"}, {"uuid": "7f70ec92-6e4e-482a-8098-d27ff07e68f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://t.me/thehackernews/1642", "content": "&lt; Nov. 2021 Patch Tuesday &gt; \n\nMicrosoft releases security patches for 55 new vulnerabilities, including two actively exploited zero-day flaws in Excel (CVE-2021-42292) and Exchange Server (CVE-2021-42321).\n\nRead Details: https://thehackernews.com/2021/11/microsoft-issues-patches-for-actively.html", "creation_timestamp": "2021-11-10T07:32:55.000000Z"}, {"uuid": "38efa2c3-b13f-4d49-b537-4618d105f142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4809", "content": "#exploit\n1. CVE-2021-42321:\nExchange Post-Auth RCE\nhttps://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398\n\n2. CVE-2021-22053:\nSpring Cloud Netflix Hystrix Dashboard\ntemplate resolution vulnerability\nhttps://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053", "creation_timestamp": "2021-11-22T11:01:01.000000Z"}, {"uuid": "d667a2df-5aa2-41b3-bb4c-5028cb46c8bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42321", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4889", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Nov 1-30)\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-30883 - iOS IOMFB Vuln\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-3064 - Memory Corruption in PAN-OS GlobalProtect Portal/Gateway Interfaces\nhttps://t.me/cybersecuritytechnologies/4724\nCVE-2021-41379 - Windows Installer LPE\nhttps://t.me/cybersecuritytechnologies/4813\nCVE-2021-42321 - MS Exchange Post-Auth RCE\nhttps://t.me/cybersecuritytechnologies/4809\nCVE-2021-40539 - Zoho ManageEngine Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/4718\nCVE-2021-41277 - MetaBase Arbitrary File Read\nhttps://t.me/cybersecuritytechnologies/4802\nCVE-2021-43267 - Remote Kernel Heap Overflow in TIPC\nhttps://t.me/cybersecuritytechnologies/4678\nCVE-2021-42574 - Unicode Bidirectional override vuln\nhttps://github.com/js-on/CVE-2021-42574\nhttps://github.com/pierDipi/unicode-control-characters-action\nCVE-2021-24084 - Windows MDM LPE\nhttps://t.me/cybersecuritytechnologies/4850", "creation_timestamp": "2021-12-03T11:00:35.000000Z"}]}