{"vulnerability": "cve-2019-19705", "sightings": [{"uuid": "b0ffc280-7fda-4930-be6f-ba280d881606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19705", "type": "published-proof-of-concept", "source": "https://t.me/antichat/7813", "content": "Realtek... \u0410\u0443\u0434\u0438\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0441\u0442\u043e\u044f\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0430 ~80% \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u043e\u0432 / \u043c\u0430\u0442 \u043f\u043b\u0430\u0442\u0430\u0445 :)\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (\u0432 Windows \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0434\u043c\u0435\u043d\u0443 \u043d\u0435\u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u0435\u0439\u043b\u043e\u0430\u0434 (\u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0444\u043e\u043d\u0434\u043e\u0432\u043e\u043c\u0443 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0443 RAVBg64.exe) \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 SYSTEM...\n\nPoC\n\nhttps://safebreach.com/Post/Realtek-HD-Audio-Driver-Package-DLL-Preloading-and-Potential-Abuses-CVE-2019-19705\n\nReltek \u043e\u0431 \u044d\u0442\u043e\u043c \u0437\u043d\u0430\u0435\u0442 (\u0441 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u044b \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430) \u0438 \u0434\u0430\u0436\u0435 \u043f\u0438\u0448\u0435\u0442 (\u044f\u043d\u0432\u0430\u0440\u044c 2020):\n\nhttps://www.realtek.com/images/safe-report/PM_Realtek_Audio_Drivers_for_Windows_DLL_preloading_and_potential_Abuses_CVE-2019-19705_20200115.docx\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c \u0436\u0434\u0430\u0442\u044c / \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c Realtek \u041f\u041e \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 / \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0434\u0435\u0432\u0430\u0439\u0441\u0430\u0445 :)", "creation_timestamp": "2020-02-05T11:22:22.000000Z"}, {"uuid": "7f7c147b-3280-448e-b38c-b627c78507ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19705", "type": "seen", "source": "https://t.me/cibsecurity/55375", "content": "\u203c CVE-2019-19705 \u203c\n\nRealtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T00:41:02.000000Z"}, {"uuid": "bcc34ea7-9ea0-49c3-812b-297d3256c522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19705", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/579", "content": "#Threat_Research\nRealtek HD Audio Driver Package - DLL Preloading and Potential Abuses (CVE-2019-19705)\nhttps://safebreach.com/Post/Realtek-HD-Audio-Driver-Package-DLL-Preloading-and-Potential-Abuses-CVE-2019-19705", "creation_timestamp": "2021-01-02T21:30:54.000000Z"}, {"uuid": "e2af1b8f-55aa-452f-9e4c-6084a39dc1bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19705", "type": "seen", "source": "https://t.me/information_security_channel/34750", "content": "DLL Hijacking Vulnerability Found in Realtek HD Audio Driver\nhttp://feedproxy.google.com/~r/Securityweek/~3/jIBApmebGd8/dll-hijacking-vulnerability-found-realtek-hd-audio-driver\n\nA vulnerability in the Realtek HD Audio Driver package could be abused to execute arbitrary payloads with elevated privileges on a vulnerable machine, SafeBreach Labs has discovered.\nTracked as CVE-2019-19705, the vulnerability could be leveraged to evade defenses and achieve persistence by loading an arbitrary, unsigned DLL into a signed process.\nread more (https://www.securityweek.com/dll-hijacking-vulnerability-found-realtek-hd-audio-driver)", "creation_timestamp": "2020-02-06T17:44:36.000000Z"}]}