{"vulnerability": "cve-2021-3718", "sightings": [{"uuid": "e3eeeb84-d780-4948-8d32-797453bc4aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37185", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2622", "content": "\u200b\u200b\u041c\u044b \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u0438 \u043e\u0431 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0410\u0421\u0423\u0422\u041f.\n\n\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 Siemens \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0440\u044f\u0434 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0431\u043e\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 SIMATIC.\n\n\u0422\u0440\u0438 \u0438\u0437 \u043d\u0438\u0445 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVE-2021-37185, CVE-2021-37204 \u0438 CVE-2021-37205), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c, \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb (DoS) \u043d\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b (PLC) SIMATIC S7-1200 \u0438 S7-1500, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u043f\u0440\u0438\u0432\u043e\u0434\u0430 SIMATIC, \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 ET 200SP, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f S7-1500, SIMATIC S7-PLCSIM Advanced, \u043c\u043e\u0434\u0443\u043b\u044c \u0441\u0432\u044f\u0437\u0438 TIM 1531 IRC, \u0430 \u0442\u0430\u043a\u0436\u0435 \u044d\u043a\u0441\u0442\u0440\u0435\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b SIPLUS. \u0411\u0430\u0433\u0438 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043f\u043e TCP-\u043f\u043e\u0440\u0442\u0443 102 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u0412 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u0436\u0438\u0437\u043d\u0438 \u0441\u0431\u043e\u0439 \u041f\u041b\u041a \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0435 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0430\u0432\u0430\u0440\u0438\u044f\u043c.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u0441\u0442\u0430\u043b\u0438 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2021 \u0433\u043e\u0434\u0430 \u0440\u0430\u0431\u043e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c ICS \u0413\u0430\u043e \u0426\u0437\u044f\u043d\u0435\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0443\u0441\u043b\u043e\u0432\u043d\u043e\u0435 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 S7+:Crash. \u0412\u0441\u0435 \u043e\u043d\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441\u043e \u0441\u0442\u0435\u043a\u043e\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u0441\u0432\u044f\u0437\u0438 OMS+.\n\n\u041f\u041b\u041a Siemens \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0442\u0430\u043a\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0430\u0442\u0430\u043a, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043e\u043f\u0446\u0438\u044f \u00ab\u043f\u043e\u043b\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b\u00bb, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u041f\u041b\u041a \u0438 \u041f\u041a \u0438\u043b\u0438 HMI.\n\n\u0414\u043b\u044f \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u043e, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u043b\u0435\u043a\u0442\u0440\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0438\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0434\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0446\u0435\u043d\u0438\u0442\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438 \u043d\u0430 \u0432\u0438\u0434\u0435\u043e\ud83d\udc47", "creation_timestamp": "2022-02-11T18:48:18.000000Z"}, {"uuid": "459acc9e-a8db-4c05-9e38-da07033ff5f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37185", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/517", "content": "\u0632\u06cc\u0645\u0646\u0633 \u0627\u0635\u0644\u0627\u062d\u06cc\u0647\u200c\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u062a\u0639\u062f\u0627\u062f\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0631\u0627\u06cc RCE (\u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631) \u0628\u0631\u062e\u06cc \u0627\u0632 \u0645\u062d\u0635\u0648\u0644\u0627\u062a SIMATIC \u062e\u0648\u062f \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f.\n\n \u062f\u0631 \u0631\u0648\u0632 \u0633\u0647\u200c\u0634\u0646\u0628\u0647 \u06f9 \u062a\u0648\u0635\u06cc\u0647 \u0628\u0631\u0627\u06cc \u0631\u0633\u06cc\u062f\u06af\u06cc \u0628\u0647 \u06f2\u06f7 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f.  \u06cc\u06a9\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0633\u06cc\u0627\u0631 \u0645\u0647\u0645 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0628\u0631\u0627\u06cc \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u062d\u0645\u0644\u0627\u062a \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 (DoS) \u0639\u0644\u06cc\u0647 \u0628\u0631\u062e\u06cc \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0632\u06cc\u0645\u0646\u0633 PLC (\u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc \u0645\u0646\u0637\u0642\u06cc \u0642\u0627\u0628\u0644 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0631\u06cc\u0632\u06cc) \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0648\u062f.\n \u062f\u0631 \u06cc\u06a9 \u0645\u062d\u06cc\u0637 \u0635\u0646\u0639\u062a\u06cc \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc\u060c \u062e\u0631\u0627\u0628\u06cc PLC \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u062a\u0623\u062b\u06cc\u0631 \u062c\u062f\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u0648 \u0628\u0627\u0639\u062b \u0642\u0637\u0639\u06cc \u0642\u0627\u0628\u0644 \u062a\u0648\u062c\u0647\u06cc \u0634\u0648\u062f.\n\n \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0632\u06cc\u0645\u0646\u0633 SIMATIC S7-1200 \u0648 S7-1500 PLC\u060c SIMATIC Drive Controller\u060c ET 200SP Open Controller\u060c S7-1500 Software Controller\u060c SIMATIC S7-PLCSIM Advanced\u060c TIM 1531 IRC \u0645\u0627\u0698\u0648\u0644 \u0627\u0631\u062a\u0628\u0627\u0637\u06cc \u0648 SIPLUS \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0628\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u0641\u0631\u0627\u0637\u06cc \u062e\u0648\u062f \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n \u06af\u0627\u0626\u0648 \u062c\u06cc\u0627\u0646\u060c \u0645\u062d\u0642\u0642 \u0627\u0645\u0646\u06cc\u062a\u06cc ICS \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u06a9\u0647 \u062a\u0646\u0647\u0627 \u062a\u0639\u062f\u0627\u062f \u06a9\u0645\u06cc \u0627\u0632 \u0647\u0634\u062a \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f\u060c \u062f\u0631 \u062d\u0627\u0644\u06cc \u06a9\u0647 \u0645\u0633\u0627\u0626\u0644 \u062f\u06cc\u06af\u0631 \u062f\u0631 \u062d\u0627\u0644 \u0628\u0631\u0631\u0633\u06cc \u0647\u0633\u062a\u0646\u062f.  \u06af\u0627\u0626\u0648 \u062c\u06cc\u0627\u0646 \u062f\u0631 \u06cc\u06a9 github \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u0627\u0648 \u0634\u0631\u0648\u0639 \u0628\u0647 \u06af\u0632\u0627\u0631\u0634 \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627 \u0628\u0647 \u0632\u06cc\u0645\u0646\u0633 \u062f\u0631 \u0622\u06af\u0648\u0633\u062a 2021 \u06a9\u0631\u062f \u06a9\u0647 \u0622\u0646 \u0631\u0627 S7+:Crash \u0646\u0627\u0645\u06cc\u062f \u06a9\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u067e\u0631\u0648\u062a\u06a9\u0644 \u0627\u0631\u062a\u0628\u0627\u0637\u06cc OMS+ \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0632\u06cc\u0645\u0646\u0633 \u0627\u0633\u062a.\n\n S7+: Crash \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u0639\u0627\u0645\u0644 \u062a\u0647\u062f\u06cc\u062f \u0628\u0627 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0645\u0648\u0631\u062f \u0646\u0638\u0631 \u062f\u0631 \u067e\u0648\u0631\u062a TCP 102 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.  \u0627\u06af\u0631 PLC \u0628\u0647 \u062f\u0644\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0627\u0634\u062a\u0628\u0627\u0647 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062f\u06cc\u062f \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f\u060c \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u0633\u062a\u0642\u06cc\u0645 \u0627\u0632 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0646\u06cc\u0632 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0627\u0645\u06a9\u0627\u0646 \u067e\u0630\u06cc\u0631 \u0628\u0627\u0634\u062f.\n\n RCE:\n CVE-2021-37185\n CVE-2021-37204\n CVE-2021-37205\n \u0644\u06cc\u0646\u06a9 \u062e\u0628\u0631:\n https://bit.ly/3BixbpQ\n https://bit.ly/3LvHTxR\n https://bit.ly/3HNL5CO\n\n\n #OT#ICS #\u0632\u06cc\u0631\u0633\u0627\u062e\u062a_\u0628\u062d\u0631\u0627\u0646\u06cc #\u0627\u0646\u0631\u0698\u06cc #\u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 #PLC #\u0632\u06cc\u0645\u0646\u0633 #RCE #\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc #\u0632\u06cc\u0631\u0633\u0627\u062e\u062a \n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2022-02-14T16:20:30.000000Z"}, {"uuid": "6d876217-dc5b-496f-ada1-028f1b67e5f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37188", "type": "seen", "source": "https://t.me/cibsecurity/33733", "content": "\u203c CVE-2021-37188 \u203c\n\nAn issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may load customized firmware (because the bootloader does not verify that it is authentic), changing the behavior of the gateway.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T16:25:01.000000Z"}, {"uuid": "262e728a-0bd5-408e-a06b-04f5d8f313d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37187", "type": "seen", "source": "https://t.me/cibsecurity/33732", "content": "\u203c CVE-2021-37187 \u203c\n\nAn issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file (with reversible passwords) from the device, which allows decoding of other users' passwords.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T16:24:59.000000Z"}, {"uuid": "8907c146-e565-49f9-b2ac-c9389c43932f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3718", "type": "seen", "source": "https://t.me/cibsecurity/32343", "content": "\u203c CVE-2021-3718 \u203c\n\nA denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-13T00:39:27.000000Z"}, {"uuid": "1b8d4417-9afb-4662-9a68-b7e1a8b8ee8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37189", "type": "seen", "source": "https://t.me/cibsecurity/33735", "content": "\u203c CVE-2021-37189 \u203c\n\nAn issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T16:25:03.000000Z"}, {"uuid": "ebbb15ed-10f9-4f2c-ba3a-996610dfd51b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37180", "type": "seen", "source": "https://t.me/cibsecurity/27046", "content": "\u203c CVE-2021-37180 \u203c\n\nA vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T14:37:06.000000Z"}, {"uuid": "4be8b709-3a81-4cf0-8c7a-3200e9c254cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37181", "type": "seen", "source": "https://t.me/cibsecurity/28782", "content": "\u203c CVE-2021-37181 \u203c\n\nA vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All versions), Cerberus DMS V4.2 (All versions), Cerberus DMS V5.0 (All versions < v5.0 QU1), Desigo CC Compact V4.0 (All versions), Desigo CC Compact V4.1 (All versions), Desigo CC Compact V4.2 (All versions), Desigo CC Compact V5.0 (All versions < V5.0 QU1), Desigo CC V4.0 (All versions), Desigo CC V4.1 (All versions), Desigo CC V4.2 (All versions), Desigo CC V5.0 (All versions < V5.0 QU1). The application deserialises untrusted data without sufficient validations, that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system. The CCOM communication component used for Windows App / Click-Once and IE Web / XBAP client connectivity are affected by the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T14:21:04.000000Z"}, {"uuid": "920e5cb0-743c-4fe6-a29e-25c7b252036b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37183", "type": "seen", "source": "https://t.me/cibsecurity/28769", "content": "\u203c CVE-2021-37183 \u203c\n\nA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending send-to-sleep notifications to the managed devices. An unauthenticated attacker in the same network of the affected system can abuse these notifications to cause a Denial-of-Service condition in the managed devices.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T14:20:44.000000Z"}]}