{"vulnerability": "cve-2022-2265", "sightings": [{"uuid": "86837f45-0bd8-4426-a991-a8ef30724511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22654", "type": "seen", "source": "https://t.me/ashaburroyah313/187", "content": "{(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)}\n\n===========================================================================\n\n[AI] Abducting target to extract interesting information... Be patient!\n\n======================\n\n -Target URL: https://hy.health.gov.il\n\n -IP    : 62.90.118.183\n -IPv6  : OFF\n -Port  : 443\n\n -Domain: hy.health.gov.il\n\n---------\n\nTrying single visit broadband test (using GET)...\n\n -Bytes in : 58.7 KB\n -Load time: 6.04 seconds\n\n---------\n\nDetermining webserver fingerprint (note that this value can be a fake)...\n\n -Banner: Microsoft-IIS/8.5\n -V\u00eda   : NOT found!\n\n---------\n\nSearching for extra Anti-DDoS protections...\n\n -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)\n\n---------\n\nSearching at CVE (https://cve.mitre.org) for vulnerabilities...\n\n -Last Reports:\n\n        + CVE-2022-35282 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35282\n\n        + CVE-2022-34336 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34336\n\n        + CVE-2022-34165 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34165\n\n        + CVE-2022-22670 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22670\n\n        + CVE-2022-22666 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22666\n\n        + CVE-2022-22654 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22654\n\n        + CVE-2022-22640 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22640\n\n        + CVE-2022-22638 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22638\n\n        + CVE-2022-22637 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637\n\n        + CVE-2022-22633 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22633\n\n---------\n\n[Info] [AI] Abduction finished! -> [OK!]", "creation_timestamp": "2022-10-01T14:47:50.000000Z"}, {"uuid": "21eb49f6-1909-4c4c-b605-4ba691474c0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22652", "type": "seen", "source": "https://t.me/cibsecurity/39238", "content": "\u203c CVE-2022-22652 \u203c\n\nThe GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account information and settings from the lock screen.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:28:46.000000Z"}, {"uuid": "15dc5985-e115-43ce-a139-f2e5409b70bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22655", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7793", "content": "#Red_Team_Tactics\n1. NtQueueApcThreadEx NTDLL Gadget Injection\nhttps://github.com/LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection\n2. Location Services Bypass (PoC for CVE-2022-22655)\nhttps://theevilbit.github.io/posts/cve-2022-22655", "creation_timestamp": "2023-02-21T11:01:01.000000Z"}, {"uuid": "1fa147eb-cb12-4d50-8531-4d7c628e0621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22655", "type": "published-proof-of-concept", "source": "Telegram/hcXE6cmA6olv0NYEfkfn-fUwIZsBG-xkMtO-sVCeym5OPco", "content": "", "creation_timestamp": "2023-02-13T16:16:26.000000Z"}, {"uuid": "da24895f-f48e-4393-aa00-f94d829ece9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22651", "type": "seen", "source": "https://t.me/cibsecurity/39240", "content": "\u203c CVE-2022-22651 \u203c\n\nAn out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.3. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:28:48.000000Z"}, {"uuid": "4e2e9b4e-fafc-40b8-8ceb-1361c5698694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22656", "type": "seen", "source": "https://t.me/cibsecurity/39220", "content": "\u203c CVE-2022-22656 \u203c\n\nAn authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user\u00e2\u20ac\u2122s desktop from the fast user switching screen.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:22:47.000000Z"}]}