{"vulnerability": "cve-2017-0213", "sightings": [{"uuid": "f63849f6-c619-4b99-a629-b6eff1b4c23d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/48e15610-a505-4067-8dec-4627e36bcbe7", "content": "", "creation_timestamp": "2020-10-14T09:36:45.000000Z"}, {"uuid": "96d68bf9-f0ef-4a46-936a-b00eed26c700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/780a2f65-1062-43e5-a617-5a826e27c67d", "content": "", "creation_timestamp": "2020-08-05T06:00:42.000000Z"}, {"uuid": "e483835c-72aa-433d-bd67-a496fb555147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/b84ff8dd-0ad9-42fd-98db-4571ba5d6f49", "content": "", "creation_timestamp": "2020-10-09T14:09:29.000000Z"}, {"uuid": "aa946113-868b-418f-9c58-c6d0d9ff96e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/a5bb38c9-df8d-4a37-8d66-fd426ccb41aa", "content": "", "creation_timestamp": "2020-10-09T15:50:30.000000Z"}, {"uuid": "7fd8de92-ed74-4d48-a3ea-45e1ae50792c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "62ce94c5-6e1a-408c-8058-50142b284339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "exploited", "source": "https://www.exploit-db.com/exploits/42020", "content": "", "creation_timestamp": "2017-05-17T00:00:00.000000Z"}, {"uuid": "a5229262-80d4-426b-aa36-7d84d8151801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971476", "content": "", "creation_timestamp": "2024-12-24T20:29:53.320614Z"}, {"uuid": "5d356bbc-8e11-4e8d-a839-b0548d1a63dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:13.000000Z"}, {"uuid": "978188ee-fd3f-4f5f-b565-9b288b0aebe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-0213", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bbc53835-24cc-4658-8c90-049efac595d3", "content": "", "creation_timestamp": "2026-02-02T12:27:56.166066Z"}, {"uuid": "75529df9-437b-4211-8fd1-721718edb1d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:55.000000Z"}, {"uuid": "0dff507d-42ff-4df3-bafd-e20483f580d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "exploited", "source": "https://t.me/true_secator/865", "content": "\u0412\u0438\u0434\u0438\u043c\u043e, \"\u0441\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\" Group-IB \u0440\u0435\u0448\u0438\u043b\u0430 \u043d\u0435 \u043e\u0442\u0441\u0442\u0430\u0432\u0430\u0442\u044c \u043e\u0442 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u0448\u0442\u0430\u043c\u043f\u0443\u044e\u0442 \u043b\u044e\u0431\u043e\u043f\u044b\u0442\u043d\u044b\u0435 \u043e\u0442\u0447\u0435\u0442\u044b \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0430\u0447\u043a\u0430\u043c\u0438, \u0438 \u0432\u044b\u0434\u0430\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u0440\u0430\u043d\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0439 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Dharma.\n\nDharma (\u0440\u0430\u043d\u0435\u0435 CrySiS) - \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0442\u0430\u0440\u0435\u0439\u0448\u0438\u0445 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043f\u043e \u0441\u0445\u0435\u043c\u0435 RaaS (ransomware as a service), \u043a\u043e\u0433\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 ransomware \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u0432\u043e\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0441 \u043e\u0442 30 \u0434\u043e 40% \u0432\u044b\u043a\u0443\u043f\u0430. \u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 Dharma \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d \u043d\u0435\u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0435\u0434\u044a\u044f\u0432\u043b\u044f\u0435\u043c\u044b\u043c\u0438 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 \u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043e\u0442 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 Sodinjkibi (aka REvil), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u043e\u0434\u044f\u0442 \u0446\u0435\u043b\u044b\u0435 \u0441\u043e\u0431\u0435\u0441\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0445\u043e\u0440\u043e\u0448\u0438\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438.\n\n\u0412 \u043c\u0430\u0440\u0442\u0435 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0438 Dharma \u0431\u044b\u043b\u0438 \u0432\u044b\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u0440\u043e\u0434\u0430\u0436\u0443 \u043d\u0430 \u0434\u0432\u0443\u0445 \u0440\u0443\u0441\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 - \u043c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u043e\u0431 \u044d\u0442\u043e\u043c \u0437\u0434\u0435\u0441\u044c. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0438\u0440\u0430\u043d\u0446\u044b \u0435\u0433\u043e \u0442\u043e\u0433\u0434\u0430 \u0438 \u043a\u0443\u043f\u0438\u043b\u0438.\n\n\u0413\u0440\u0418\u0411\u044b \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Dharma \u043e\u0431\u043b\u0430\u0434\u0430\u044e\u0442 \u043e\u0447\u0435\u043d\u044c \u043d\u0438\u0437\u043a\u0438\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u043c \u0441\u043a\u0438\u043b\u043b\u043e\u043c. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0435 \u0432 \u0441\u0435\u0442\u0438 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0435 \u041f\u041e \u043e\u043d\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0441\u0435\u0442\u044c \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u043f\u043e\u0440\u0442\u043e\u0432 RDP (Remote Desktop Protocol, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b) \u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0437\u0430\u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0445\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0431\u0443\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0430\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-0213 \u0434\u043b\u044f Windows, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. \n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e Group-IB, \u0443 \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043d\u0435\u0442 \u0447\u0435\u0442\u043a\u043e\u0433\u043e \u043f\u043b\u0430\u043d\u0430 \u043a\u0430\u043a \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0442\u044c \u0441\u0432\u043e\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445. \u0422\u0430\u043a \u0447\u0442\u043e \u0432 \u043a\u0430\u0436\u0434\u043e\u043c \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u043d\u0438 \u0440\u0435\u0448\u0430\u044e\u0442 \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c \u0434\u0430\u043b\u044c\u0448\u0435 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0446\u0435\u043b\u0438 - \u0432 \u0420\u043e\u0441\u0441\u0438\u0438, \u042f\u043f\u043e\u043d\u0438\u0438, \u041a\u0438\u0442\u0430\u0435 \u0438 \u0418\u043d\u0434\u0438\u0438. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438\u0437-\u0437\u0430 \u043f\u0430\u043d\u0434\u0435\u043c\u0438\u0438 \u0440\u0435\u0437\u043a\u043e \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u043e\u0441\u044c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043b\u043e\u0445\u043e \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 RDP-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0432\u0441\u0435\u0433\u0434\u0430 \u0435\u0441\u0442\u044c \u0447\u0435\u043c \u043f\u043e\u0436\u0438\u0432\u0438\u0442\u044c\u0441\u044f. \u0422\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e \u043f\u0440\u043e\u0441\u044f\u0442 \u043e\u043d\u0438 \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0435\u043c\u043d\u043e\u0433\u043e - \u043e\u0442 1 \u0434\u043e 5 BTC (\u043f\u0440\u0438\u0431\u043b\u0438\u0437\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442 12 \u0434\u043e 60 \u0442\u044b\u0441. \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u043f\u043e \u0442\u0435\u043a\u0443\u0449\u0435\u043c\u0443 \u043a\u0443\u0440\u0441\u0443).", "creation_timestamp": "2020-08-24T12:19:57.000000Z"}, {"uuid": "05d21fba-469c-4517-8547-102e7edeba54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "published-proof-of-concept", "source": "Telegram/7YHDlkF9hFkoEkSkGgrwLkyMSqqnz7kXESHQpNjMnrh2gdw", "content": "", "creation_timestamp": "2023-10-29T04:57:37.000000Z"}, {"uuid": "50899246-d292-4649-a74e-29f4fa588901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "published-proof-of-concept", "source": "https://t.me/zedsoftofficial/7767", "content": "#CVE-2017-0213\n\nExploit - Get Administrator Access in Guest or User.\n\n\u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u062c\u0647\u062a \u06af\u0631\u0641\u062a\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u06cc\u0648\u0632\u0631 \u0628\u062f\u0648\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc.\n\n\u0631\u0648 \u0648\u06cc\u0646\u062f\u0648\u0632 2008 \u062a\u0633\u062a \u0634\u062f\u0647 \u0648 \u062c\u0648\u0627\u0628 \u062f\u0627\u062f\u0647.\nT.me/ZedSoftOfficial", "creation_timestamp": "2021-01-29T18:59:36.000000Z"}, {"uuid": "282bd94f-a0ba-4cae-b38b-e4dfa73872a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "https://t.me/information_security_channel/8883", "content": "RT @PhysicalDrive0: CVE-2017-0213: Windows COM Elevation of Privilege Vulnerability https://t.co/QhqjeT8YuT", "creation_timestamp": "2017-09-15T10:44:01.000000Z"}, {"uuid": "35cf1a79-0df8-4332-a8fa-271970f531ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0213", "type": "seen", "source": "MISP/48e15610-a505-4067-8dec-4627e36bcbe7", "content": "", "creation_timestamp": "2026-05-07T22:16:31.000000Z"}]}