{"vulnerability": "cve-2022-2650", "sightings": [{"uuid": "4a4349ab-0ed9-4a98-82bb-1e29419fc881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "8a34bc9a-2003-4f37-b7ba-81f33640e0ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "a50e59b2-f317-462b-8860-fcae8a49f390", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "MISP/cec219ff-8f6d-45c9-bdbb-b4fb8c9c0f2b", "content": "", "creation_timestamp": "2023-09-20T10:35:00.000000Z"}, {"uuid": "39d06299-6e4e-4640-ab3e-c623014b16e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26504", "type": "seen", "source": "MISP/cec219ff-8f6d-45c9-bdbb-b4fb8c9c0f2b", "content": "", "creation_timestamp": "2023-09-20T10:36:36.000000Z"}, {"uuid": "9e1af554-5e59-47c9-9918-c59715b272d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "MISP/cec219ff-8f6d-45c9-bdbb-b4fb8c9c0f2b", "content": "", "creation_timestamp": "2023-09-20T10:37:56.000000Z"}, {"uuid": "36f95bd0-7624-46a5-b676-448fef3b4e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971745", "content": "", "creation_timestamp": "2024-12-24T20:33:33.413060Z"}, {"uuid": "e47b2fd3-7ccd-4cf5-88f9-6a39faadb5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971746", "content": "", "creation_timestamp": "2024-12-24T20:33:33.896373Z"}, {"uuid": "138d9925-190e-4398-bac0-6acec03304fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-26500", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/168346d7-ffb8-4733-91d2-a7fc51bc4446", "content": "", "creation_timestamp": "2026-02-02T12:27:08.776609Z"}, {"uuid": "0944b777-dd93-4340-97ff-cee959403a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:36.000000Z"}, {"uuid": "1d1188cf-5d7f-41a4-aa2a-f32ff0091746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:36.000000Z"}, {"uuid": "05f24aa2-4dbe-4175-9ccc-174285a572a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-26501", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f4836a01-be2a-4f33-b470-c7c67ddde200", "content": "", "creation_timestamp": "2026-02-02T12:27:08.903317Z"}, {"uuid": "bcee9132-c2fc-4e41-89ea-e4b72e11dc1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "exploited", "source": "https://t.me/itsec_news/315", "content": "\u200b\u26a1\ufe0f Positive Technologie \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Veeam.\n\n\ud83d\udcac \u042d\u043a\u0441\u043f\u0435\u0440\u0442 Positive Technologies \u041d\u0438\u043a\u0438\u0442\u0430 \u041f\u0435\u0442\u0440\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Veeam. \u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f Veeam Backup &amp; Replication. \u042d\u0442\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0431\u044d\u043a\u0430\u043f\u043e\u043c \u0438 \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u044b\u043c \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 Veeam Agent for Microsoft Windows. \u042d\u0442\u043e \u041f\u041e \u0434\u043b\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 Windows. \n\n\u00ab\u041f\u043e \u043d\u0430\u0448\u0438\u043c \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0430\u043c, \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043d\u0443\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u043c\u0443 \u0440\u0438\u0441\u043a\u0443 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0430\u0436\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u043b\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u044d\u0442\u0438\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438\u00bb, \u2014 \u043e\u0442\u043c\u0435\u0442\u0438\u043b \u041d\u0438\u043a\u0438\u0442\u0430 \u041f\u0435\u0442\u0440\u043e\u0432.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2022-26500, CVE-2022-26501), \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u0432 Veeam Backup &amp; Replication, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 (Remote Code Execution, RCE). \u0423\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0435\u0440\u0441\u0438\u0438 9.5, 10 \u0438 11 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430. \n\n#Windows #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-03-16T14:51:00.000000Z"}, {"uuid": "0ef28337-5bf5-4de1-a441-de752386ecf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "https://t.me/cKure/9039", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501).\n\nhttps://www.helpnetsecurity.com/2022/03/15/cve-2022-26500-cve-2022-26501/", "creation_timestamp": "2022-03-15T17:19:30.000000Z"}, {"uuid": "a32e6d50-7fd4-4e7d-89b6-e0b298d54754", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "https://t.me/cKure/9039", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501).\n\nhttps://www.helpnetsecurity.com/2022/03/15/cve-2022-26500-cve-2022-26501/", "creation_timestamp": "2022-03-15T17:19:30.000000Z"}, {"uuid": "55b24d3a-3b1d-4e7c-8c05-81e647c3b6b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2650", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2650\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.\n\ud83d\udccf Published: 2022-11-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T18:11:17.130Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/f0d85efa-4e78-4b1d-848f-edea115af64b\n2. https://github.com/wger-project/wger/commit/5e3167e3a2dc95836fa2607fe201524c031a2c4c", "creation_timestamp": "2025-04-25T19:07:34.000000Z"}, {"uuid": "571f8ec3-91a2-410f-ad8e-8c85667d1435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26509", "type": "seen", "source": "https://t.me/itsec_news/2208", "content": "\u200b\u26a1\ufe0f Intel \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 2 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Intel SGX.\n\n\ud83d\udcac Intel \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e Intel Software Guard Extensions, \u0438 \u043f\u0440\u0438\u0437\u0432\u0430\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443. \u0412\u0441\u0435\u0433\u043e \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 14 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0432 Intel Security Center \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d 31 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 5 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 SGX. \u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u043d\u0435\u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043b\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e\u043b\u0436\u043d\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u043d\u0443\u0442\u0440\u0438 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0431\u043b\u0430\u0441\u0442\u0435\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (\u0430\u043d\u043a\u043b\u0430\u0432\u044b).\n\nCVE-2022-38090 (CVSS: 6.0) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0440\u044f\u0434 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 Intel, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0447\u0438\u043f\u044b Xeon Scalable 3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Intel, \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044f \u043e\u0431\u0449\u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Intel \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 Intel Software Guard \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\nCVE-2022-33196 (CVSS: 7.2) \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0447\u0438\u043f\u044b Xeon Scalable 3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Xeon D. Intel \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f BIOS \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043b\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0447\u0438\u043f\u043e\u0432. \u041e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Intel \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u043f\u0430\u043c\u044f\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 Intel Xeon \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 Intel Software Guard \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\nIntel \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 SGX, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u043e\u043c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e (SDK). \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a CVE-2022-26509 (CVSS: 2.5) \u0438\u043c\u0435\u0435\u0442 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Intel, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0447\u0438\u043f\u044b Xeon Scalable 3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Atom. \u0412 \u0442\u043e \u0436\u0435 \u0432\u0440\u0435\u043c\u044f CVE-2022-21216 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043e\u0441\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0442\u0438 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0434\u0435\u0442\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u0440\u0438 \u0432\u043d\u0435\u0448\u043d\u0435\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438. Intel \u043f\u043e\u043e\u0431\u0435\u0449\u0430\u043b\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n#Intel #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-02-18T14:37:16.000000Z"}, {"uuid": "f00554a5-9214-45f0-ad68-6c5424232a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "published-proof-of-concept", "source": "https://t.me/road_to_oscp/212", "content": "\u0420\u0430\u0437\u0431\u043e\u0440 \u0438  POC \u0434\u043b\u044f 10 \u0438 11 \u0432\u0435\u0440\u0441\u0438\u0438 Veeam Backup(CVE-2022-26500)\n\n\u041d\u0435 \u0442\u0430\u043a \u0434\u0430\u0432\u043d\u043e \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0440\u0430\u0431\u043e\u0447\u0438\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c\u0438 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0441\u044f  \u0441 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0432 CVE-2022-26500. \u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043d\u0430\u043a\u043e\u043f\u0438\u043b\u043e\u0441\u044c \u043c\u043d\u043e\u0433\u043e \u0437\u0430\u043c\u0435\u0442\u043e\u043a \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u043e\u043d\u043e\u0432\u0430\u043b, \u043f\u0440\u0438\u0432\u0435\u043b \u0432 \u043f\u043e\u0440\u044f\u0434\u043e\u043a \u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u0443\u044e \u0432\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435  \u043c\u043e\u0435\u0433\u043e \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0430 (\u043d\u0430\u0434\u0435\u044e\u0441\u044c \u043d\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e).", "creation_timestamp": "2023-06-20T14:53:29.000000Z"}, {"uuid": "32c89350-ce0f-419d-8442-e8201a0c1c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1426", "content": "CVE-2022-26503\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2022-26503) \u0432 Veeam Agent \u0434\u043b\u044f Microsoft Windows \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 LOCAL SYSTEM.\n\u0422\u0430\u043a\u0436\u0435 \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0432\u044b \u043d\u0430\u0439\u0434\u0451\u0442\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0434\u0430\u043d\u043d\u044b\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\nhttps://github.com/sinsinology/CVE-2022-26503\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-28T19:01:36.000000Z"}, {"uuid": "579291f8-980b-4b9e-be76-46da7615ecf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "seen", "source": "https://t.me/ptswarm/115", "content": "Veeam fixed an Unauth RCE (CVE-2022-26500, CVE-2022-26501) in Veeam Backup &amp; Replication and Local Privilege Escalation (CVE-2022-26503) in Veeam Agent for Microsoft Windows found by our researcher Nikita Petrov.\n\nAdvisory: https://www.veeam.com/kb4288", "creation_timestamp": "2022-03-14T13:38:49.000000Z"}, {"uuid": "033c2aab-77b3-4403-9c2e-6a35278e2089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "https://t.me/ptswarm/115", "content": "Veeam fixed an Unauth RCE (CVE-2022-26500, CVE-2022-26501) in Veeam Backup &amp; Replication and Local Privilege Escalation (CVE-2022-26503) in Veeam Agent for Microsoft Windows found by our researcher Nikita Petrov.\n\nAdvisory: https://www.veeam.com/kb4288", "creation_timestamp": "2022-03-14T13:38:49.000000Z"}, {"uuid": "9823c68e-04b2-424c-aaa7-c22658c8eefb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "https://t.me/ptswarm/115", "content": "Veeam fixed an Unauth RCE (CVE-2022-26500, CVE-2022-26501) in Veeam Backup &amp; Replication and Local Privilege Escalation (CVE-2022-26503) in Veeam Agent for Microsoft Windows found by our researcher Nikita Petrov.\n\nAdvisory: https://www.veeam.com/kb4288", "creation_timestamp": "2022-03-14T13:38:49.000000Z"}, {"uuid": "c35158a6-29bb-46b8-a904-16088500e6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "exploited", "source": "https://t.me/itsec_news/315", "content": "\u200b\u26a1\ufe0f Positive Technologie \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Veeam.\n\n\ud83d\udcac \u042d\u043a\u0441\u043f\u0435\u0440\u0442 Positive Technologies \u041d\u0438\u043a\u0438\u0442\u0430 \u041f\u0435\u0442\u0440\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Veeam. \u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f Veeam Backup &amp; Replication. \u042d\u0442\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0431\u044d\u043a\u0430\u043f\u043e\u043c \u0438 \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u044b\u043c \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 Veeam Agent for Microsoft Windows. \u042d\u0442\u043e \u041f\u041e \u0434\u043b\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 Windows. \n\n\u00ab\u041f\u043e \u043d\u0430\u0448\u0438\u043c \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0430\u043c, \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043d\u0443\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u043c\u0443 \u0440\u0438\u0441\u043a\u0443 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0430\u0436\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u043b\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u044d\u0442\u0438\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438\u00bb, \u2014 \u043e\u0442\u043c\u0435\u0442\u0438\u043b \u041d\u0438\u043a\u0438\u0442\u0430 \u041f\u0435\u0442\u0440\u043e\u0432.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2022-26500, CVE-2022-26501), \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u0432 Veeam Backup &amp; Replication, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 (Remote Code Execution, RCE). \u0423\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0435\u0440\u0441\u0438\u0438 9.5, 10 \u0438 11 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430. \n\n#Windows #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-03-16T14:51:00.000000Z"}, {"uuid": "4eef669c-0f8f-43ec-a3c3-c4babd09806d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26509", "type": "seen", "source": "https://t.me/cibsecurity/58363", "content": "\u203c CVE-2022-26509 \u203c\n\nImproper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:54.000000Z"}, {"uuid": "2213c876-2ce2-4c91-b852-23d5f3d517f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "Telegram/fIfO1guZPRmKqojVEV3BqJ7iHmPwV23nSAY2OqPkpwdEyb1x", "content": "", "creation_timestamp": "2025-02-06T02:39:18.000000Z"}, {"uuid": "19754f34-6d68-4fdc-91e2-f511e22b219b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "Telegram/_GnvdCw3e_nhrG56Sn8S1EmG-9TVuVWf11IDADH1xE2CNwe-", "content": "", "creation_timestamp": "2025-02-06T02:39:18.000000Z"}, {"uuid": "35b5df83-4ba8-483b-bef3-1c9b7fbd053d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "https://t.me/arpsyndicate/966", "content": "#ExploitObserverAlert\n\nCVE-2022-26500\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-26500. Improper limitation of path names in Veeam Backup", "creation_timestamp": "2023-12-03T15:25:59.000000Z"}, {"uuid": "35518d03-ffe9-4dcf-b65a-50658f01b713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2650", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1630", "content": "#exploit\n1. CVE-2022-2650:\nBrute Force on wger workout application v2.0\nhttps://github.com/HackinKraken/CVE-2022-2650\n\n2. CVE-2022-44721:\nCrowdstrike Falcon Uninstaller\nhttps://github.com/purplededa/CVE-2022-44721-CsFalconUninstaller", "creation_timestamp": "2022-12-06T04:04:16.000000Z"}, {"uuid": "5f088419-98df-4c8f-99fa-b7a559a42cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2650", "type": "seen", "source": "https://t.me/cibsecurity/53482", "content": "\u203c CVE-2022-2650 \u203c\n\nImproper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-24T20:14:45.000000Z"}, {"uuid": "2389d7f1-5219-4252-a2d6-ce49649e8e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26508", "type": "seen", "source": "https://t.me/cibsecurity/52872", "content": "\u203c CVE-2022-26508 \u203c\n\nImproper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:23.000000Z"}, {"uuid": "c2fce82b-a725-4b22-afd4-15c11f8829ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "seen", "source": "https://t.me/cibsecurity/39153", "content": "\u203c CVE-2022-26503 \u203c\n\nDeserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T19:26:40.000000Z"}, {"uuid": "57632042-5c21-4b00-8327-b44b753cdd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26501", "type": "seen", "source": "https://t.me/cibsecurity/39172", "content": "\u203c CVE-2022-26501 \u203c\n\nVeeam Backup &amp; Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T23:21:52.000000Z"}, {"uuid": "51c57c11-dde7-4037-a263-1ee905db09f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26504", "type": "seen", "source": "https://t.me/cibsecurity/39171", "content": "\u203c CVE-2022-26504 \u203c\n\nImproper authentication in Veeam Backup &amp; Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T23:21:51.000000Z"}, {"uuid": "b7080620-0783-4740-83a0-07ed080daf98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26500", "type": "seen", "source": "https://t.me/cibsecurity/39170", "content": "\u203c CVE-2022-26500 \u203c\n\nImproper limitation of path names in Veeam Backup &amp; Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T23:21:50.000000Z"}, {"uuid": "cdc69c9c-4ff7-4800-85f5-bebf882ef502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5706", "content": "#exploit\n1. CVE-2022-0995:\nHeap out-of-bounds write in the watch_queue Linux kernel component\nhttps://github.com/Bonfee/CVE-2022-0995\n\n2. Script for 2FA bypass that replay Citrix credentials\nhttps://github.com/post-cyberlabs/Offensive_tools/tree/main/Citrix\n\n3. ABC-Code Execution for Veeam (CVE-2022-26503 LPE)\nhttps://www.mdsec.co.uk/2022/03/abc-code-execution-for-veeam", "creation_timestamp": "2022-03-30T11:03:01.000000Z"}, {"uuid": "595b0a4f-8524-455d-b14b-c43a95ec1fc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2650", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7297", "content": "#exploit\n1. CVE-2022-2650:\nBrute Force on wger workout application v2.0\nhttps://github.com/HackinKraken/CVE-2022-2650\n\n2. CVE-2022-44721:\nCrowdstrike Falcon Uninstaller\nhttps://github.com/purplededa/CVE-2022-44721-CsFalconUninstaller", "creation_timestamp": "2022-12-04T13:55:52.000000Z"}]}