{"vulnerability": "cve-2023-2825", "sightings": [{"uuid": "09f1508b-ac40-4454-ac5e-1cc430c56704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "83f02fa4-11c0-401d-ad15-d044e5d48128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971798", "content": "", "creation_timestamp": "2024-12-24T20:34:11.672875Z"}, {"uuid": "94f5113e-305d-4961-baba-89d6b42c8b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "6903754e-9862-4888-a20d-5c6da137746e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "764fb940-364d-4643-a15c-17a964c764c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "699b5b8e-cecf-49ae-8f90-bd2090463b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "5135df2f-a2ea-4e28-9566-4d945ba48d4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:42.000000Z"}, {"uuid": "9943b1d4-0fc5-40a0-9913-382903c5e62c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3logflthet22i", "content": "", "creation_timestamp": "2025-05-05T12:46:31.892084Z"}, {"uuid": "283ef78e-b2c8-46c3-8d73-852519e3a68d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2023_28252_clfs_driver.rb", "content": "", "creation_timestamp": "2023-09-14T09:33:31.000000Z"}, {"uuid": "d84c79fd-afcc-41d7-9ef0-ea74a28df917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "c6af9bbe-5080-4a07-95c4-892e78131f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "845db273-f3ab-47d7-8f2d-b20ee514e51e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/gitlab_authenticated_subgroups_file_read.rb", "content": "", "creation_timestamp": "2023-06-07T11:25:49.000000Z"}, {"uuid": "0b1bf60c-81aa-4738-8f4a-f473fbea8c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-28250", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1005", "content": "", "creation_timestamp": "2023-04-12T14:53:28.000000Z"}, {"uuid": "ec17cbe7-886a-469f-956b-8610ce75f944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1005", "content": "", "creation_timestamp": "2023-04-12T14:53:28.000000Z"}, {"uuid": "9630be4c-c917-4444-a8fa-9a8ecda2647b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4114d4d4-145b-4f8a-a2b7-956f4cca0040", "content": "", "creation_timestamp": "2026-02-02T12:27:01.340752Z"}, {"uuid": "936abf3b-a9f5-4c13-b805-7d1c0f7328e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11061", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2023-2825 (analysis and exploit).\n\nhttps://occamsec.com/exploit-for-cve-2023-2825/", "creation_timestamp": "2023-05-31T12:48:04.000000Z"}, {"uuid": "5c79604e-8e2c-4f52-97e8-93d73126afc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/BleepingComputer/16758", "content": "\u200aGitLab 'strongly recommends' patching max severity flaw ASAP\n\nGitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal flaw tracked as CVE-2023-2825. [...]\n\nhttps://www.bleepingcomputer.com/news/security/gitlab-strongly-recommends-patching-max-severity-flaw-asap/", "creation_timestamp": "2023-05-24T21:02:35.000000Z"}, {"uuid": "bf29eefe-e308-4952-8c2c-6407be610b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/BleepingComputer/16751", "content": "Latest news and stories from BleepingComputer.com\nGitLab 'strongly recommends' patching max severity flaw ASAP\n\nGitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal flaw tracked as CVE-2023-2825. [...]", "creation_timestamp": "2023-05-24T20:51:37.000000Z"}, {"uuid": "22e00e2b-4901-4aa8-a681-04db3e4f960e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4443", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-2825 list\nURL\uff1ahttps://github.com/yuimarudev/CVE-2023-2825\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-30T08:27:42.000000Z"}, {"uuid": "9e87bed4-548a-40c1-9387-8bd1ca48df04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4425", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.\nURL\uff1ahttps://github.com/Rishipatidar/CVE-2023-30212-POC-DOCKER-FILE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-26T13:55:18.000000Z"}, {"uuid": "3b749142-5775-48e2-ac90-d55a98d85629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4424", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGitLab CVE-2023-2825 Checker\nURL\uff1ahttps://github.com/Occamsec/CVE-2023-2825\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-26T13:55:26.000000Z"}, {"uuid": "eabe9edb-57c8-4744-ab88-303fb1bcac7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4742", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPOC for CVE-2023-28252\nURL\uff1ahttps://github.com/Malwareman007/CVE-2023-28252\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-12T18:49:53.000000Z"}, {"uuid": "1b3db891-1022-4b93-8847-03070692a3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6354", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aThe repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252\nURL\uff1ahttps://github.com/bkstephen/Compiled-PoC-Binary-For-CVE-2023-28252\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2024-01-01T15:41:00.000000Z"}, {"uuid": "b70853ec-ac87-4e3c-9a93-32c69abff4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6353", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aThe repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252\nURL\uff1ahttps://github.com/bkstephen/Compiled-Binary-For-CVE-2023-28252\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2024-01-01T15:35:10.000000Z"}, {"uuid": "48a14589-c0db-47ab-8237-838b1fcb8cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5783", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 CVE-2023-28252 \nURL\uff1ahttps://github.com/Danasuley/CVE-2023-28252-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-13T07:52:45.000000Z"}, {"uuid": "a8d34b60-6590-4f17-972e-73e4a079c096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/itsec_news/2448", "content": "\u200b\u26a1\ufe0f \u041c\u0430\u043b\u044b\u0439 \u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u0431\u0438\u0437\u043d\u0435\u0441 \u0432 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435 \u0438 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0441\u0442\u0430\u043b \u0436\u0435\u0440\u0442\u0432\u043e\u0439 0day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows.\n\n\ud83d\udcac Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 Windows (CLFS), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Nokoyawa .\n\n\u0412 \u0441\u0432\u0435\u0442\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CISA \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ( KEV ), \u043f\u0440\u0438\u043a\u0430\u0437\u0430\u0432 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430\u043c \u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0441\u043a\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0432\u043b\u0430\u0441\u0442\u0438 (FCEB) \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u043d\u0435\u0435 \u0434\u043e 2 \u043c\u0430\u044f.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-28252 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u0438\u0437 Mandiant \u0438 DBAPPSecurity. \u041e\u0448\u0438\u0431\u043a\u0430 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows. Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u044d\u0442\u0443 \u0438 96 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 , \u0432\u043a\u043b\u044e\u0447\u0430\u044f 45 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb \u0438\u0437 \u0433\u0440\u0443\u043f\u043f\u044b GReAT \u0437\u0430\u044f\u0432\u0438\u043b\u0438 , \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-28252 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Nokoyawa.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0440\u044f\u0434\u0430 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Microsoft Windows, \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c \u043c\u0430\u043b\u043e\u0433\u043e \u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0432 \u0431\u043b\u0438\u0436\u043d\u0435\u0432\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u043c \u0438 \u0441\u0435\u0432\u0435\u0440\u043e\u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb, \u0433\u0440\u0443\u043f\u043f\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Nokoyawa \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0435\u0449\u0435 5 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 CLFS \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0440\u043e\u0437\u043d\u0438\u0447\u043d\u043e\u0439 \u0438 \u043e\u043f\u0442\u043e\u0432\u043e\u0439 \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438, \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0438, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e.\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Nokoyawa \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2022 \u0433\u043e\u0434\u0430 \u043a\u0430\u043a \u0448\u0442\u0430\u043c\u043c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c 64-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 Windows \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0434\u0432\u043e\u0439\u043d\u044b\u043c \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0430\u0434\u0443\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0438 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u0432\u044b\u043b\u043e\u0436\u0438\u0442\u044c \u0438\u0445 \u0432 \u0441\u0435\u0442\u044c, \u0435\u0441\u043b\u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u043b\u0430\u0447\u0435\u043d \u0432\u044b\u043a\u0443\u043f.\n\n\u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043a\u043e\u0434 Nokoyawa \u0431\u044b\u043b \u0441\u0445\u043e\u0436 \u0441 \u043a\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f JSWorm (Nemty) , \u043d\u043e \u043f\u043e\u0437\u0436\u0435 \u0431\u044b\u043b \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u0430\u043d \u043d\u0430 Rust. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b Nokoyawa \u0431\u044b\u043b\u0438 \u043f\u0440\u043e\u0441\u0442\u043e \u00ab\u0440\u0435\u0431\u0440\u0435\u043d\u0434\u0438\u043d\u0433\u043e\u043c\u00bb \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f JSWorm. \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e Nokoyawa, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0438\u043b\u044c\u043d\u043e \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u043a\u043e\u0434\u043e\u0432\u043e\u0439 \u0431\u0430\u0437\u044b JSWorm.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-04-12T13:22:15.000000Z"}, {"uuid": "f268cf43-9743-4253-ba0d-e37c094f3e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/itsec_news/2446", "content": "\u200b\u274c Microsoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 97 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\n\ud83d\udcac \u0412 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043e\u0434\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 97 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432. 7 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u0447\u0442\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435\u043c.\n\n\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u043a\u0430\u0436\u0434\u043e\u0439 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438:\n\n\u2014 20 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n\u2014 8 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438;\n\u2014 45 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE);\n\u2014 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438;\n\u2014 9 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (Denial of Service, DoS);\n\n6 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433.\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043e\u0434\u043d\u0443 0day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445. CVE-2023-28252 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0430\u044f\u0441\u044f \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u0449\u0435\u0433\u043e \u0436\u0443\u0440\u043d\u0430\u043b\u0430 Windows (CLFS).\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432:\n\n\u2014 Microsoft Office (CVE-2023-28285);\n\u2014 Word (CVE-2023-28311);\n\u2014 Publisher (CVE-2023-28295 , CVE-2023-28287 ), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0446\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0432 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u043e\u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0432\u044b\u044f\u0441\u043d\u0438\u0442\u044c, \u043a\u0430\u043a \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Microsoft Office \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b BleepingComputer \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043d\u0430 \u044d\u0442\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 .\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432\u0448\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0430\u043f\u0440\u0435\u043b\u0435:\n\n\u2014 Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u0434\u0432\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 0day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 iOS, iPadOS \u0438 macOS;\n\u2014 Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432;\n\u2014 Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432;\n\u2014 Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Android \u0438 Google Chrome;\n\nSAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432.\n\u0420\u0430\u043d\u0435\u0435 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Azure Pipelines, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-04-12T11:16:56.000000Z"}, {"uuid": "457b56e5-f3eb-4620-8032-0c5327c58307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28255", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1659", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28255\n\ud83d\udd39 Description: Windows DNS Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:13:55.078Z\n\ud83d\udccf Modified: 2025-01-14T23:57:17.917Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28255", "creation_timestamp": "2025-01-15T00:16:52.000000Z"}, {"uuid": "b7191cfc-afbe-4305-9a52-e69d6f4f553b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28256", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1657", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28256\n\ud83d\udd39 Description: Windows DNS Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:13:56.134Z\n\ud83d\udccf Modified: 2025-01-14T23:57:19.473Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28256", "creation_timestamp": "2025-01-15T00:15:52.000000Z"}, {"uuid": "2d6a7ed6-9550-4d21-8289-b7ebd9537491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28253", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1663", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28253\n\ud83d\udd39 Description: Windows Kernel Information Disclosure Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:13:52.958Z\n\ud83d\udccf Modified: 2025-01-14T23:57:15.397Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28253", "creation_timestamp": "2025-01-15T00:18:12.000000Z"}, {"uuid": "3e7f1e94-6cd1-4fe8-b940-7dae1cf09836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28254", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1661", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28254\n\ud83d\udd39 Description: Windows DNS Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:13:54.012Z\n\ud83d\udccf Modified: 2025-01-14T23:57:16.823Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28254", "creation_timestamp": "2025-01-15T00:17:35.000000Z"}, {"uuid": "659299f9-d3ea-437f-ad6f-a4e9ea0ae42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28250", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1668", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28250\n\ud83d\udd39 Description: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:13:50.289Z\n\ud83d\udccf Modified: 2025-01-14T23:57:12.377Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28250", "creation_timestamp": "2025-01-15T00:20:05.000000Z"}, {"uuid": "77f4e1ea-09f7-4f71-9225-8b8e6eed4e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1665", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28252\n\ud83d\udd39 Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:13:51.886Z\n\ud83d\udccf Modified: 2025-01-14T23:57:14.256Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28252", "creation_timestamp": "2025-01-15T00:19:06.000000Z"}, {"uuid": "bb5fcf12-b2ca-426b-b4cd-72c694f966f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1778", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2825\n\ud83d\udd39 Description: An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.\n\ud83d\udccf Published: 2023-05-26T00:00:00\n\ud83d\udccf Modified: 2025-01-15T15:45:18.054Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/412371\n2. https://hackerone.com/reports/1994725\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2825.json", "creation_timestamp": "2025-01-15T15:55:04.000000Z"}, {"uuid": "e0b8a0a7-6a04-4399-811c-5ae67b2591af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/83", "content": "Windows CLFS Driver Privilege Escalation\n\nThis vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization\u2019s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.\n\n Affects version:\n\u2014 Windows 11 21H2 (clfs.sys version 10.0.22000.1574);\n\u2014 Windows 11 22H2; \n\u2014 Windows 10 21H2;\n\u2014 Windows 10 22H2;\n\u2014 Windows Server 2022.\n\nResearch: \n\n https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability\n\nExploit: \n\n https://github.com/duck-sec/CVE-2023-28252-Compiled-exe", "creation_timestamp": "2024-01-26T16:02:05.000000Z"}, {"uuid": "53fc948e-8678-402a-92ab-db46951cf5de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3747", "content": "\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0443 GitLab \u0441\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c \u043e\u0447\u0435\u043d\u044c \u0432\u0430\u0436\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0437-\u0437\u0430 \u043e\u0447\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 10 \u0438\u0437 10\n\nAn issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project\n\nGitLab Critical Security Release: 16.0.1\nhttps://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16-0-1-released/\n\n\u0418 \u0432\u043e\u0442 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c PoC\n\nCVE-2023-2825 ANALYSIS AND EXPLOIT\nhttps://occamsec.com/exploit-for-cve-2023-2825/", "creation_timestamp": "2023-05-26T10:12:27.000000Z"}, {"uuid": "1ad2a3a2-6245-41e8-a0bb-7ec76ba45c52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/poxek/2816", "content": "\ud83d\udca5Nokoyawa ransomware attacks with Windows zero-day\nIn February 2023, Kaspersky technologies detected a number of attempts to execute similar elevation-of-privilege exploits on Microsoft Windows servers belonging to small and medium-sized businesses in the Middle East, in North America, and previously in Asia regions.\n\nThis is the one bug(CVE-2023-28252) under active attack this month, and if it seems familiar, that\u2019s because there was a similar 0-day patched in the same component just two months ago. To me, that implies the original fix was insufficient and attackers have found a method to bypass that fix. As in February, there is no information about how widespread these attacks may be. This type of exploit is typically paired with a code execution bug to spread malware or ransomware.", "creation_timestamp": "2023-04-11T18:59:27.000000Z"}, {"uuid": "dd268335-0741-4862-9699-14086d4d79d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/alexredsec/357", "content": "\u0423\u0436\u0435 \u043d\u0430\u0447\u0430\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \"\u043f\u043e\u0447\u0442\u0438 \u043f\u043e\u043b\u0443\u0433\u043e\u0434\u043e\u0432\u044b\u0435\" \u0438\u0442\u043e\u0433\u0438 \u0437\u0430 2023 \u0433\u043e\u0434 - \u0432\u0440\u0435\u043c\u044f \u043b\u0435\u0442\u0438\u0442\ud83d\ude05\n\u0412\u043e\u0442 \u0440\u0435\u0431\u044f\u0442\u0430 \u0438\u0437 PRIOn \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0432 \u044d\u0442\u043e \u0433\u043e\u0434\u0443 - \u0438\u0445 \u043d\u0430\u0441\u0447\u0438\u0442\u0430\u043b\u0438 44 \u0448\u0442\u0443\u043a\u0438.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \"\u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435\" \u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438 PRIOn:\n\u27a1\ufe0fCVE-2023-23397 [Microsoft Outlook] - \u0441\u0430\u043c\u0430\u044f \ud83d\udd25 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442. \u0410\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 APT28.\n\u27a1\ufe0fCVE-2023-27350  [PaperCut NG] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438.\n\u27a1\ufe0fCVE-2023-28771 [Zyxel] \u0438 CVE-2023-1389 [TP-Link] - \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043c\u043e\u0433\u0430\u043b\u0438 \u043f\u043e\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0440\u044f\u0434\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai\ud83d\ude08\n\u27a1\ufe0fCVE-2023-0669 [Fortra GoAnywhere MFT] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Clop.\n\u27a1\ufe0fCVE-2023-2868 [Barracuda ESG] - \u043f\u043e\u043a\u0430 \u043d\u0438\u043a\u043e\u043c\u0443 \u043d\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\u27a1\ufe0fCVE-2023-24880 [Microsoft Windows SmartScreen] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Magniber.\n\u27a1\ufe0fCVE-2023-28252 [Microsoft Windows 10] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Nokoyama.\n\u27a1\ufe0fCVE-2023-27532 [Veeam Backup] - \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u0435\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0435 FIN7.\n\u27a1\ufe0fCVE-2023-34362 [MOVEit Transfer] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438.\n\n\u041d\u0443 \u0438 \u0422\u041e\u041f-3 \u0442\u0438\u043f\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\u27a1\ufe0fPrivilege Escalation\n\u27a1\ufe0fSecurity Feature Bypass\n\u27a1\ufe0fCommand Injection", "creation_timestamp": "2023-06-07T15:59:32.000000Z"}, {"uuid": "a229dc48-2a64-4882-99e7-133c0f83e328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/174", "content": "GitLab Arbitrary File Read (CVE-2023-2825) Analysis \n\n\ud83d\udc64 by Sonny\n\nFor the unaware, GitLab is a widely used, enterprise-grade web application for managing source code repositories at scale. In this blog post author will be discussing a fresh vulnerability that has been issued an advisory by Gitlab with a CVSS score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N).\n\nAn issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.\n\n\ud83d\udcdd Contents:\n\u25cf Setting up the target environment \n\u25cf Reproducing the bug\n\u25cf But Why?\n\u25cf How impactful is this vulnerability?\n\u25cf Conclusion\n\nhttps://labs.watchtowr.com/gitlab-arbitrary-file-read-gitlab-cve-2023-2825-analysis/", "creation_timestamp": "2023-05-26T05:13:23.000000Z"}, {"uuid": "5e674004-82ca-4803-923e-15e10f8ac612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/26", "content": "\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0435\u0434\u0435\u043b\u0435, Gitlab \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u0432\u044b\u0440\u0432\u0430\u043b\u0441\u044f \u0432 \u043b\u0438\u0434\u0435\u0440\u044b \u043f\u043e \u0443\u0440\u043e\u0432\u043d\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e CVE-2023-2825 \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 GitLab Community \u0438 Enterprise Edition \u0432\u0435\u0440\u0441\u0438\u0438 16.0.0.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043c\u0430\u043a\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0443\u0440\u043e\u0432\u043d\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 - 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0443 CVSS3.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0444\u0430\u0439\u043b\u043e\u0432, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 Issues \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u043f\u0440\u043e\u0435\u043a\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0439 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043f\u044f\u0442\u044c\u044e \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438. \n\u0412 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e /var/opt/gitlab/gitlab-rails/uploads/@hashed/////, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u043a\u043e\u0440\u043d\u0435\u0432\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u0439\u0442\u0438 \u043f\u0440\u043e\u0435\u043a\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0439 11 \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0438\u043b\u0438 \u0438\u043c\u0435\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0438 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0433\u0440\u0443\u043f\u043f\u044b \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e.\n\n\u2699\ufe0fPOC: https://github.com/Occamsec/CVE-2023-2825\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 ASAP.\n\n#CVE-2023-2825 #GitLab #path_traversal", "creation_timestamp": "2023-05-26T10:30:14.000000Z"}, {"uuid": "f231e7bd-4a42-43f9-a32b-4e69ace6ad81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/BitLenta/15331", "content": "#news GitLab \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0441\u0440\u043e\u0447\u043d\u043e \u043f\u0430\u0442\u0447\u0438\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u0412\u0441\u0435\u0433\u043e \u043d\u0438\u0447\u0435\u0433\u043e \u043f\u043e CVSS \u2013 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10. \u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 GitLab Community Edition \u0438 Enterprise Edition \u0432\u0435\u0440\u0441\u0438\u0438 16.0.0.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 CVE-2023-2825 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \u0427\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0438 \u043f\u0440\u043e\u043f\u0440\u0438\u0435\u0442\u0430\u0440\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0438 \u0442\u043e\u043a\u0435\u043d\u0430\u043c\u0438, \u0438 \u043f\u0440\u043e\u0447\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u043c\u0438 \u0444\u0430\u0439\u043b\u0430\u043c\u0438. \u041f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0440\u0435\u043f\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445 \u0435\u0441\u0442\u044c \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0432 \u043f\u044f\u0442\u044c \u0433\u0440\u0443\u043f\u043f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a GitLab \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0442\u0430\u043a\u0438\u0445 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u2013 \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043d\u0430\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u0441 \u044d\u0442\u0438\u043c \u043d\u0435 \u043c\u0435\u0434\u043b\u0438\u0442\u044c. \u0412 \u043a\u043e\u043d\u0446\u0435 \u043a\u043e\u043d\u0446\u043e\u0432, \u043d\u0435 \u043a\u0430\u0436\u0434\u044b\u0439 \u0434\u0435\u043d\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0431\u0438\u0432\u0430\u0435\u0442 \u0434\u0435\u0441\u044f\u0442\u043e\u0447\u043a\u0443 \u043f\u043e CVSS.\n/tomhunter", "creation_timestamp": "2023-05-25T14:40:15.000000Z"}, {"uuid": "00daa7d6-ea43-4e05-94ce-a7d0894e16f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/alexmakus/5008", "content": "GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal flaw tracked as CVE-2023-2825.\n\n\u043d\u0435 \u0442\u0430\u043a \u0442\u043e \u0447\u0430\u0441\u0442\u043e \u0432\u0438\u0436\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 10.0 \n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2825\n\nhttps://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16-0-1-released/", "creation_timestamp": "2023-05-24T19:32:15.000000Z"}, {"uuid": "13857b12-a0d0-4a8b-bc63-63ac95e96510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/alexmakus/4965", "content": "\u0423 Microsoft \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 Patch Tuesday, \u0438 \u0442\u0430\u043c \u0438\u0437 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0433\u043e \u0435\u0441\u0442\u044c \u0444\u0438\u043a\u0441 \u043e\u0434\u043d\u043e\u0439 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014\u00a0actively exploited in attacks.\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28252\n\n\u043f\u043e\u043b\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u043e \u043f\u0430\u0442\u0447\u0435 \nhttps://www.bleepingcomputer.com/microsoft-patch-tuesday-reports/April-2023.html", "creation_timestamp": "2023-04-11T17:54:18.000000Z"}, {"uuid": "bdce568f-95f8-44e5-9eb8-7706b21e874a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/kasperskyb2b/567", "content": "\u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 patch Tuesday: \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0438 \u0432\u0441\u0435-\u0432\u0441\u0435-\u0432\u0441\u0435\n\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u043f\u0430\u043a\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u0442\u043e\u043a \u043e\u0442 Microsoft \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 97 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u044f \u0440\u0430\u043d\u0435\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0430\u043f\u0434\u0435\u0439\u0442\u043e\u0432 Edge.\n\u0410\u0436 45 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 20 - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 9 - \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 8 - \u043e\u0431\u0445\u043e\u0434\u0443 \u0448\u0442\u0430\u0442\u043d\u044b\u0445 \u043c\u0435\u0440 \u0437\u0430\u0449\u0438\u0442\u044b.\n \n\u0412\u0436\u0438\u0432\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f CVE-2023-28252 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 CLFS \u0441 CVSS 7.8 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e system. \n\n\u0412 Microsoft \u043d\u0435 \u0441\u0442\u0430\u043b\u0438 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c, \u043a\u0442\u043e \u0438 \u0433\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u0437\u0438\u0440\u043e\u0434\u0435\u0439, \u0430 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0435\u043c.\n\n\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0434\u0430\u0436\u0435 \u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u0431\u0435\u0441\u043f\u043e\u043a\u043e\u0439\u0441\u0442\u0432\u043e \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 RCE \u0432 Office (CVE-2023-28285, CVE-2023-28287, CVE-2023-28295,  CVE-2023-28311, \u0432\u0441\u0435 CVSS 7.8) , \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0432\u0437\u044f\u0442\u044b \u0432 \u043e\u0431\u043e\u0440\u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e Microsoft \u0432\u043f\u0443\u0441\u0442\u0438\u043b\u0438 KB5025221 \u0438 KB5025229 \u0434\u043b\u044f Windows 10  22H2,  21H2,  21H1 \u0438 1809.\n\u041a\u0440\u043e\u043c\u0435 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u043b\u0430\u0442\u043e\u043a, \u0432 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0445\u043e\u0434\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a, \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e \u0438 \u043c\u0435\u043b\u043a\u0438\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f.", "creation_timestamp": "2023-04-11T20:59:25.000000Z"}, {"uuid": "f7a9d8ff-3327-4558-a2b5-da3a93bdbaae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/kasperskyb2b/572", "content": "\ud83d\udc68\u200d\ud83d\udcbb \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 APT-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u0434\u0435\u043b\u0438\n\n\u041f\u043e\u043a\u0430 Apple \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f  \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 iOS/iPadOS/macOS (CVE-2023-28205 \u0438 -28206, CVSS 8,8 \u0438 8,6),  Microsoft \u0438 Citizenlab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u043e\u0442\u0447\u0451\u0442\u044b \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435. \u041e\u043d\u0438 \u0432\u0445\u043e\u0434\u0438\u043b\u0438 \u0432 \u043d\u0430\u0431\u043e\u0440 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 QuaDream, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0441 2021 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e spyware. \u0414\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0436\u0435\u0440\u0442\u0432 \u0441 \u0430\u0439\u0444\u043e\u043d\u0430\u043c\u0438 \u0438\u043c \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u043b\u0438\u0441\u044c \u00ab\u043d\u0435\u0432\u0438\u0434\u0438\u043c\u044b\u0435 \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u043d\u044b\u0435 \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f\u00bb, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043b\u0441\u044f \u043c\u043d\u043e\u0433\u043e\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442 KingsPawn, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u043d\u0430 \u0432\u0441\u0435 \u043c\u044b\u0441\u043b\u0438\u043c\u044b\u0435 \u0443\u0436\u0430\u0441\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0441 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0430 \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 keychain.  \n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0432\u0442\u043e\u0440\u043e\u0439 CVE \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 PoC, \u043e\u0447\u0435\u043d\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u041f\u043e\u043a\u0430 Microsoft \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0437\u0438\u0440\u043e\u0434\u0435\u0438 \u0432 Windows (CVE-2023-28252 \u0441 CVSS 7.8),  Kaspersky \u0434\u0435\u043b\u0438\u0442\u0441\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u0411\u0430\u0433 \u0432 CLFS \u0432\u0437\u044f\u043b\u0438 \u043d\u0430 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0440\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0449\u0438\u043a\u0438 Nokoyawa. \n\nAPT36/TransparentTribe \u043d\u0430\u0447\u0430\u043b\u0430 \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u0442\u044c \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0435 \u043e\u0444\u0438\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0441 \u0412\u041f\u041e Crimson RAT \u043f\u043e  \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c. \u0420\u0430\u043d\u0435\u0435 \u0432 \u0438\u0445 \u0441\u0444\u0435\u0440\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u0438 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f.\n\n\u041c\u0438\u0440\u043e\u0432\u044b\u0435 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 DDoS: \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2023 Cloudflare \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u0440\u043e\u0441\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f VPS \u0438 \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u0438 IoT-\u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432.\n\n\u041d\u0435 \u0441\u043e\u0432\u0441\u0435\u043c APT, \u043d\u043e \u0442\u043e\u0436\u0435 \u0433\u0440\u0443\u0441\u0442\u043d\u043e \u2014 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 Gildoson \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0432\u043d\u0443\u0442\u0440\u0438 60 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 Google Play, \u0438\u043c\u0435\u044e\u0449\u0438\u0445 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e \u0431\u043e\u043b\u0435\u0435 100 \u043c\u043b\u043d. \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a. \n\u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0412\u041f\u041e \u0432 Google Play \u043c\u043e\u0436\u043d\u043e \u0432\u0441\u0435\u0433\u043e \u0437\u0430 2000 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438 \u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0438 \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438\u0437\u0443\u0447\u0430\u0439\u0442\u0435 \u043d\u0430 Securelist.  \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT @\u041f2\u0422", "creation_timestamp": "2023-04-17T09:47:32.000000Z"}, {"uuid": "3a57f10f-eef5-4d02-8c08-8b812b4ba82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/kasperskyb2b/1413", "content": "\ud83d\udcbb \u041d\u043e\u0432\u044b\u0439 \u0441\u0435\u0437\u043e\u043d \u0445\u0430\u0440\u0434\u0435\u043d\u0438\u043d\u0433\u0430 \u0432 Microsoft: \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 CLFS \u0438 ActiveX\n\n\u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0431\u043e\u0440\u043e\u0442\u044c\u0441\u044f \u0441 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c\u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u043c\u0438 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a. \u0421\u0440\u0435\u0434\u0438 \u0441\u0432\u0435\u0436\u0438\u0445 \u0430\u043d\u043e\u043d\u0441\u043e\u0432 \u2014 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 ActiveX \u0432 Office \u0438 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043b\u043e\u0433\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 CLFS, Common Log Filesystem.\n\n\ud83d\udcd4  \u0414\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0441 \u0432\u043d\u0435\u0434\u0440\u0451\u043d\u043d\u044b\u043c\u0438 \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 ActiveX \u0431\u044b\u043b\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b \u0442\u0440\u0438\u0434\u0446\u0430\u0442\u044c \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438\u043d\u0442\u0435\u0440\u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u0444\u043e\u0440\u043c, \u043d\u043e \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0433\u043e\u0434\u044b \u043f\u0440\u043e ActiveX \u0441\u043b\u044b\u0448\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 ActiveX \u0431\u0443\u0434\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0451\u043d \u0432 Office 2024, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Word, Excel, PowerPoint \u0438 Visio. \u041e\u0444\u043b\u0430\u0439\u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Office \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435, \u0430 \u0434\u0435\u0441\u043a\u0442\u043e\u043f-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Office 365 \u2014 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2025 \u0433\u043e\u0434\u0430.\n\u0414\u043b\u044f \u0442\u0435\u0445, \u0443 \u043a\u043e\u0433\u043e \u0432 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u0445 \u0432\u0441\u0451 \u0435\u0449\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 ActiveX \ud83d\ude31, \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0435\u0433\u043e \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0433\u0440\u0443\u043f\u043f\u043e\u0432\u044b\u0445 \u043f\u043e\u043b\u0438\u0442\u0438\u043a \u0438\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 Trust Center \u0441\u0430\u043c\u043e\u0433\u043e Office. \n\n\u2699\ufe0f CLFS \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043b\u043e\u0433\u043e\u0432 \u0441\u0430\u043c\u043e\u0439 Windows, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c, \u0436\u0435\u043b\u0430\u044e\u0449\u0438\u043c \u0445\u0440\u0430\u043d\u0438\u0442\u044c \u043b\u043e\u0433\u0438 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0447\u0442\u0435\u043d\u0438\u0435 \u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u043b\u043e\u0433\u043e\u0432 \u044d\u0442\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0437\u0430\u043f\u0443\u0442\u0430\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0432 CLFS \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0443\u0434\u043e\u0431\u043d\u044b\u0435 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0436\u0435\u043b\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e system. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 Microsoft \u043e \u0434\u0435\u0444\u0435\u043a\u0442\u0435 CVE-2023-28252.  \u0412\u0441\u0435\u0433\u043e \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 5 \u043b\u0435\u0442 Microsoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 24 CVE \u0432 CLFS, \u043f\u0440\u0438\u0447\u0451\u043c 19 \u0438\u0437 \u043d\u0438\u0445 \u0431\u044b\u043b\u0438 \u0438\u043c\u0435\u043d\u043d\u043e \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0447\u0438\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0441\u0435\u0440\u044b, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0432\u043d\u0435\u0434\u0440\u0438\u043b\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u044c HMAC \u0432 \u0444\u0430\u0439\u043b\u044b \u043b\u043e\u0433\u043e\u0432 CLFS. \u041a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043b\u044e\u0447\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e system \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u0434\u043b\u044f \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u0435\u0440\u0435\u0432\u043e \u0445\u044d\u0448\u0435\u0439. \u042d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0438\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441 \u043d\u0438\u0437\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u0433-\u0444\u0430\u0439\u043b\u0430\u043c\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043b\u043e\u0433\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043d\u0435 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u044b, \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows  \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u044f. \u0412 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 90 \u0434\u043d\u0435\u0439 \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043b\u043e\u0433\u0438 \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u0441\u043d\u0430\u0431\u0436\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u044f\u043c\u0438. \u0414\u043b\u044f \u043d\u043e\u0432\u044b\u0445 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0439 Windows \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0441\u0440\u0430\u0437\u0443 \u0441\u0442\u0430\u0440\u0442\u0443\u0435\u0442 \u0432 \u0441\u0442\u0440\u043e\u0433\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u0438 \u043e\u0442\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0438\u043b\u0438 \u043d\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e.\n\n\u041d\u0443\u0436\u043d\u043e \u0443\u0447\u0435\u0441\u0442\u044c, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043b\u043e\u0433-\u0444\u0430\u0439\u043b\u044b \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0438\u0442\u044c \u043c\u0435\u0436\u0434\u0443 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u043c\u0438. \u0415\u0441\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0438\u043b\u0438 \u0418\u0411-\u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0445\u043e\u0442\u044f\u0442 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043b\u043e\u0433\u0438 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043d\u0443\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043a\u043b\u044e\u0447\u0438 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043b\u043e\u0433\u0430\u043c\u0438. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0441\u043e\u0432\u0435\u0442\u044b @\u041f2\u0422", "creation_timestamp": "2024-09-13T09:52:30.000000Z"}, {"uuid": "db5732d6-811f-4e28-8658-0e13026c97eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/ctinow/105119", "content": "Microsoft patches zero-day exploited by attackers (CVE-2023-28252) - Help Net Security\n\nhttps://ift.tt/8d7NlZy", "creation_timestamp": "2023-04-12T01:17:57.000000Z"}, {"uuid": "a45f9b51-0934-48bd-8269-206a492cb672", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/ctinow/105078", "content": "Microsoft patches zero-day exploited by attackers (CVE-2023-28252)\n\nhttps://ift.tt/8d7NlZy", "creation_timestamp": "2023-04-11T22:36:42.000000Z"}, {"uuid": "42f22f9e-ca3d-403c-9c91-9675f642f388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "Telegram/7dJcVTmbiOC1f8Y8-3ZXpKvrUerR3fv1A4WgrR49kYSRew", "content": "", "creation_timestamp": "2024-03-31T18:17:22.000000Z"}, {"uuid": "f2513caa-b26e-4e2f-9e90-6225465821b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "Telegram/bqC3EUamuOCaLINDFnBtdRCwWE9I6q9pTeB7DN7ZEf8TNxoF", "content": "", "creation_timestamp": "2024-12-28T12:40:41.000000Z"}, {"uuid": "bfcb89c5-7461-40f3-bf4d-1c9237ebd42d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "Telegram/CkkYt8B4xoGoLtcsnoqBohZ8wZPZog6BnNTBumzJltN9TIM", "content": "", "creation_timestamp": "2023-04-13T00:54:52.000000Z"}, {"uuid": "690b82a5-4cd9-47ff-83d0-b7d0b63a296e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "Telegram/WxfVeUbAUGfp0ZiVTQo_3-Q2kG96T0GcMIoQYkhUS8qYkVc", "content": "", "creation_timestamp": "2023-05-01T23:19:47.000000Z"}, {"uuid": "97fe55bd-6cc7-4c60-aa29-db7dffa0a417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/253", "content": "https://github.com/Occamsec/CVE-2023-2825", "creation_timestamp": "2023-05-28T10:07:43.000000Z"}, {"uuid": "5d0a154e-6824-4a32-ad2b-096d88b3f41c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/VasileiadisAnastasis/463", "content": "\ud83d\udc69\u200d\ud83d\udcbb Windows CLFS Driver Privilege Escalation\n\n\ud83d\udcddThis vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization\u2019s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.\n\n\ud83d\udcccAffects version:\n\u2014 Windows 11 21H2 (clfs.sys version 10.0.22000.1574);\n\u2014 Windows 11 22H2; \n\u2014 Windows 10 21H2;\n\u2014 Windows 10 22H2;\n\u2014 Windows Server 2022.\n\n\ud83d\udd75\ufe0f#Research: https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability\n\n\ud83d\udd78\ufe0f#Exploit: https://github.com/duck-sec/CVE-2023-28252-Compiled-exe\n\n\ud83d\udd16#infosec #cybersecurity #hacking #pentesting #security \n\n\ud83d\udc64facebook.com/Cyberkid1987\n\ud83d\udc64x.com/Anastasis_king\n\ud83d\udc64tiktok.com/@anastasis.vasileiadis\n\ud83d\udc64defcon.social/@Cyberkid1987\n\ud83d\udc64t.me/VasileiadisAnastasis\n\ud83d\udc65t.me/infosec101", "creation_timestamp": "2024-01-28T03:37:47.000000Z"}, {"uuid": "5339d0aa-91dc-49f0-8ec1-7edee6e8fa04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/arpsyndicate/160", "content": "#ExploitObserverAlert\n\nCVE-2023-28252\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2023-28252. Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.018150000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:21:14.000000Z"}, {"uuid": "22aaed34-726c-45b5-ba79-b0734aef4dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "Telegram/he35_PuHfXBWq5P_l8krEvOTKJVHcCfkPtqWdREiZ2kzqA", "content": "", "creation_timestamp": "2023-05-28T14:54:24.000000Z"}, {"uuid": "742d5769-dc7a-490f-86d7-38ef248bedc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3066", "content": "Cybersecurity News - Hackers Factory\n\n\u200aSamsung ASLR Bypass Flaw Is Actively Exploited \u2013 Warns CISA\n\nhttps://latesthackingnews.com/2023/05/25/samsung-aslr-bypass-flaw-is-actively-exploited-warns-cisa/\n\n\u200aZyxel warns of critical vulnerabilities in firewall and VPN devices\n\nhttps://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-vulnerabilities-in-firewall-and-vpn-devices/\n\n\u200aWhat\u2019s a Double-Blind Password Strategy and When Should It Be Used\n\nhttps://www.bleepingcomputer.com/news/security/whats-a-double-blind-password-strategy-and-when-should-it-be-used/\n\n\u200aHow to improve sandbox effectiveness | Kaspersky official blog\n\nhttps://www.kaspersky.com/blog/sandbox-working-environment/48272/\n\n\u200aGoogle Introduces Mobile VRP For Its Android Apps\n\nhttps://latesthackingnews.com/2023/05/25/google-introduces-mobile-vrp-for-its-android-apps/\n\n\u200aNew Russian-linked CosmicEnergy malware targets industrial systems\n\nhttps://www.bleepingcomputer.com/news/security/new-russian-linked-cosmicenergy-malware-targets-industrial-systems/\n\n\u200aMicrosoft urges lawmakers to adopt new guidelines for responsible AI\n\nhttps://cyberscoop.com/microsoft-urges-lawmakers-to-adopt-new-guidelines-for-responsible-ai/\n\n\u200aExploiting the Sonos One Speaker Three Different Ways: A Pwn2Own Toronto Highlight\n\nhttps://www.thezdi.com/blog/2023/5/24/exploiting-the-sonos-one-speaker-three-different-ways-a-pwn2own-toronto-highlight\n\n\u200aD-Link fixes auth bypass and RCE flaws in D-View 8 software\n\nhttps://www.bleepingcomputer.com/news/security/d-link-fixes-auth-bypass-and-rce-flaws-in-d-view-8-software/\n\n\u200aMicrosoft 365 phishing attacks use encrypted RPMSG messages\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-use-encrypted-rpmsg-messages/\n\n\u200aFrom Espionage to Theft: The Multi-Faceted APT Attacks on SMBs\n\nhttps://securityonline.info/from-espionage-to-theft-the-multi-faceted-apt-attacks-on-smbs/\n\n\u200aIZ1H9: The New Face of Mirai Botnet Threatening Linux Servers\n\nhttps://securityonline.info/iz1h9-the-new-face-of-mirai-botnet-threatening-linux-servers/\n\n\u200agoblob: fast enumeration tool for publicly exposed Azure Storage blobs\n\nhttps://securityonline.info/goblob-fast-enumeration-tool-for-publicly-exposed-azure-storage-blobs/\n\n\u200aPoC Exploit Released for GitLab CVE-2023-2825 Vulnerability\n\nhttps://securityonline.info/poc-exploit-released-for-gitlab-cve-2023-2825-vulnerability/\n\n\u200aPredator: Looking under the hood of Intellexa\u2019s Android spyware\n\nhttps://www.bleepingcomputer.com/news/security/predator-looking-under-the-hood-of-intellexas-android-spyware/\n\n\u200aTransatlantic Cable podcast episode 300 kicks off with Meta\u2019s record fine, ChatGPT and Neeva closure. | Kaspersky official blog\n\nhttps://www.kaspersky.com/blog/transatlantic-cable-podcast-300/48276/\n\n\u200aWindows 11 finally gets a 'never combine taskbar buttons' mode\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-11-finally-gets-a-never-combine-taskbar-buttons-mode/\n\n\u200aChina-linked APT Volt Typhoon targets critical infrastructure organizations\n\nhttps://securityaffairs.com/146649/hacking/china-linked-apt-volt-typhoon.html\n\n\u200aGoogle Trust Services ACME API available to all users at no cost\n\nhttp://security.googleblog.com/2023/05/google-trust-services-acme-api_0503894189.html\n\n\u200aRooting with root cause: finding a variant of a Project Zero bug\n\nhttps://github.blog/2023-05-25-rooting-with-root-cause-finding-a-variant-of-a-project-zero-bug/\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-27T16:18:43.000000Z"}, {"uuid": "c8fa352c-33f4-4f81-946e-a3d4d3310024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3064", "content": "Tools - Hackers Factory \n\nJira-Scan\n\nProvide a list of websites to test with out the http or https and this will test each one for the SSRF vun.\n\nhttps://github.com/random-robbie/Jira-Scan\n\n#infosec #pentesting #bugbounty\n\ns3reverse\n\nThe format of various s3 buckets is convert in one format. for #bugbounty and security testing.\n\nhttps://github.com/hahwul/s3reverse\n\n#cybersecurity #infosec\n\nLogger++ \n\nA multithreaded logging extension for #BurpSuite. In addition to logging requests and responses from all Burp Suite tools, the extension allows advanced filters to be defined to highlight interesting entries or filter logs to only those which match the filter.\n\nhttps://github.com/nccgroup/LoggerPlusPlus\n\n#infosec #pentesting #bugbounty\n\nTop25 Parameter \n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual #recon.\n\nhttps://github.com/lutfumertceylan/top25-parameter\n\n#infosec #pentesting #bugbounty\n\nLOOBins\n\nLiving Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in \"living off the land\" macOS binaries and how they can be used by threat actors for malicious purposes.\n\nhttps://github.com/infosecB/LOOBins\n\nWeb:\nhttps://www.loobins.io/\n\n#infosec #blueteam\n\ncodeexplain.nvim\n\nA nvim plugin Powered by GPT4ALL for Real-time Code Explanation and Vulnerability Detection (no internet necessary).\n\nhttps://github.com/mthbernardes/codeexplain.nvim\n\n#cybersecurity #infosec\n\nCVE-2020-0683\n\nOriginal Poc sent to MSRC. Assigned to CVE-2020-0683 - Windows Installer Elevation of Privilege.\n\nhttps://github.com/padovah4ck/CVE-2020-0683\n\n#cve #cybersecurity #infosec\n\nCVE-2023-2825\n\nOn May 23, 2023 GitLab released version 16.0.1 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 16.0.0. The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug. It was discovered by pwnie on HackerOne through the bug bounty program.\n\nhttps://github.com/Occamsec/CVE-2023-2825\n\n#cve #cybersecurity #infosec\n\n\ud83d\ude80 AllForOne\n\nThis repository contains a Python script that allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories, helping to streamline the process of downloading multiple templates using just a single repository.\n\nhttps://github.com/AggressiveUser/AllForOne\n\n#infosec #pentesting #bugbounty\n\nCVE-2023-2732\n\nMStore API <= 3.9.2 - Authentication Bypass\n\nhttps://github.com/RandomRobbieBF/CVE-2023-2732\n\n#cve #cybersecurity #infosec\n\nCVE-2023-30145\n\nCamaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.\n\nhttps://github.com/paragbagul111/CVE-2023-30145\n\n#cve #cybersecurity #infosec\n\nWhatMail\n\nA command-line tool that analyzes the header of an email and provides detailed information about various fields.\n\nhttps://github.com/z0m31en7/WhatMail\n\n#OSINT #cybersecurity #infosec\n\nlibslub\n\nlibslub is a python library to examine the SLUB managements structures and object allocations (the Linux kernel heap implementation). It is currently designed for use with GDB but could easily be adapted to work with other debuggers.\n\nIt helps understanding SLUB internals and developing Linux kernel exploits.\n\nhttps://github.com/nccgroup/libslub\n\n#cybersecurity #infosec\n\nHidden Desktop BOF\n\nHidden Desktop (often referred to as HVNC) is a tool that allows operators to interact with a remote desktop session without the user knowing.\u00a0 The VNC protocol is not involved, but the result is a similar experience. This Cobalt Strike BOF implementation was created as an alternative to TinyNuke/forks that are written in C++.\n\nhttps://github.com/WKL-Sec/HiddenDesktop\n\n#infosec #pentesting #redteam\n\nBlackout \n\nKill anti-malware protected processes using BYOVD. leveraging gmer driver to effectively disabling or killing EDRs and AVs.\n\nhttps://github.com/ZeroMemoryEx/Blackout\n\n#infosec \n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-26T17:58:27.000000Z"}, {"uuid": "0eb1dcf5-fd2b-4e9b-a97f-aea3861fbf34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "Telegram/PfBDhyUlchQfTUwkRCz2h7RqM5ds-n-bVldH34W40cGx_g", "content": "", "creation_timestamp": "2023-07-01T17:36:04.000000Z"}, {"uuid": "4cad5bd0-148d-4bdd-97f4-608deb25dbaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3103", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - Hackers Factory \n\n\u200b\u200bNosey Parker\n\nA command-line program that finds secrets and sensitive information in textual data and Git history.\n\nhttps://github.com/praetorian-inc/noseyparker\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200b\ud83d\udee1 eBPFShield\n\nA high-performance security tool that utilizes eBPF and Python to provide real-time IP-Intelligence and DNS monitoring. \n\nhttps://github.com/sagarbhure/eBPFShield\n\n#cybersecurity #infosec\n\n\u200b\u200bNetSoc #OSINT\n\nTool focused on extracting information from an account in various Social Networks.\n\nhttps://github.com/XDeadHackerX/NetSoc_OSINT\n\n#cybersecurity #infosec\n\n\u200b\u200bcloudtoolkit\n\nCloud Penetration Testing Toolkit\n\nhttps://github.com/404tk/cloudtoolkit\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bTomcatBackdoorPoC\n\nTomcat backdoor based on CS blog.\n\nhttps://github.com/HackingLZ/TomcatBackdoorPoC\n\nDetails:\nhttps://bit.ly/437Myhb\n\n#infosec #pentesting #redteam\n\n\u200b\u200bNoMoreCookies\n\nBrowser Protector against various stealers, written in C# & C/C++. Works by hooking NtCreateFile and prevent accessing browser files, in addition to prevent it's unhooking. compatible with various games and software.\n\nhttps://github.com/AdvDebug/NoMoreCookies\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-28252\n\nUnderstanding the cve-2022-37969 windows common log file system driver local privilege escalation.\n\nhttps://github.com/fortra/CVE-2023-28252\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2982\n\nWordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-2982\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3338\n\nPracticing different Linux kernel exploitation techniques with my DECnet vulnerability and null page mapping enabled.\n\nhttps://github.com/TurtleARM/CVE-2023-3338\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2020-9289\n\nDecrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).\n\nhttps://github.com/synacktiv/CVE-2020-9289\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bPDFator\n\nInfoSec project that consists of a Python script and a C application to generate an executable payload. The payload includes functionality to write and execute a PDF file and execute shellcode. Both the PDF file and shellcode are encrypted using XOR and decrypted at runtime.\n\nhttps://github.com/smokeme/PDFator\n\n#cybersecurity #infosec\n\n\u200b\u200bUscrapper \n\n#OSINT tool that allows users to extract various personal information from a website. It leverages web scraping techniques and regular expressions to extract email addresses, social media links, author names, geolocations, phone numbers, and usernames from both hyperlinked and non-hyperlinked sources on the webpage.\n\nhttps://github.com/z0m31en7/Uscrapper\n\n#cybersecurity #infosec\n\n\u200b\u200bGold Digger\n\nA simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test.\n\nhttps://github.com/ustayready/golddigger\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bLinux-Exploit-Detection\n\nLinux-based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Rego/Sigma.\n\nhttps://github.com/Loginsoft-Research/Linux-Exploit-Detection\n\n#cybersecurity #infosec\n\n\u200b\u200bdynmx \n\nSignature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces.\n\nhttps://github.com/0x534a/dynmx\n\n#cybersecurity #infosec\n\n\u200b\u200bjsluice\n\nExtract URLs, paths, secrets, and other interesting bits from JavaScript.\n\nhttps://github.com/BishopFox/jsluice\n\n#infosec #pentesting #bugbounty\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-06T11:08:24.000000Z"}, {"uuid": "93542324-6f4a-475f-8731-433256506f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1544", "content": "CVE-2023-2825\n\nGitLab - Community Edition\\Enterprise Edition\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0447\u0435\u0440\u0435\u0437 \u043e\u0448\u0438\u0431\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438.\n\nPOC Exploit\n\n#gitlab", "creation_timestamp": "2023-05-28T11:18:48.000000Z"}, {"uuid": "0afbbd5f-7d0e-4361-b562-7c5575930fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1602", "content": "\u0420\u0435\u0431\u044f\u0442, \u0442\u0443\u0442 Windows Common Log File System  \u043f\u0440\u043e\u0442\u0451\u043a \n\u0415\u0441\u0442\u044c \u043f\u0430\u0442\u0447 \u043e\u0442 \u0430\u043f\u0440\u0435\u043b\u044f, \u0442\u0430\u043a \u0447\u0442\u043e \u043d\u0435 0-Day\nCVE-2023-28252\nPOC exploit\n \n#windows #lpe", "creation_timestamp": "2023-06-30T20:56:31.000000Z"}, {"uuid": "8dca2008-27c1-490d-996e-ea7096bbe263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "Telegram/qsB8cAYxRX8HjAET0adZqI5Zr1Stixhpl6GprkoTuhBxMx8", "content": "", "creation_timestamp": "2024-03-19T06:33:05.000000Z"}, {"uuid": "73dd21fe-9d61-4277-80e8-a3f7edf8842e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "Telegram/WWER-PPupbbS0Rogm272ZK3ywNyfrmrKbKPg5UazC_3Hpio", "content": "", "creation_timestamp": "2024-01-31T08:12:05.000000Z"}, {"uuid": "5f80b3ab-fb7d-490b-b06d-d2b45c412314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "Telegram/zdudhVLLDqfFrpQfIgVPQqJT76TnyKYVlJSZ720zIlJ8G5A", "content": "", "creation_timestamp": "2023-07-24T09:22:05.000000Z"}, {"uuid": "49008957-5f6e-44f1-ae9f-57ad578b8e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/798", "content": "CVE-2023-2825 : GitLab 16.0.0 - Unauthenticated  Arbitrary File Read \nBlog : https://labs.watchtowr.com/gitlab-arbitrary-file-read-gitlab-cve-2023-2825-analysis/", "creation_timestamp": "2023-08-07T22:29:01.000000Z"}, {"uuid": "f44504ff-6ffc-429e-959e-e62b3da26350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/true_secator/6927", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 134 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0441\u043a\u0443\u043f\u0443\u044e \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u0443\u044e 0-day.\n\n\u0412 \u044d\u0442\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0437\u0430\u043a\u0440\u044b\u0442\u043e \u043e\u0434\u0438\u043d\u043d\u0430\u0434\u0446\u0430\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u0441\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 RCE, \u0430 \u0432 \u0446\u0435\u043b\u043e\u043c \u043f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c: 49 - EoP, 9 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 31 - RCE, 17 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 14 - DoS \u0438 3 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Mariner \u0438 13 - \u0432 Microsoft Edge.\n\n\u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 0-day \u0432 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u043c PatchTuesday \u0441\u0442\u0430\u043b\u0430 CVE-2025-29824 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows Common Log.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, CVE-2025-29824 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043d\u0438\u0437\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c SYSTEM \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0439\u0447\u0430\u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f Windows Server \u0438 Windows 11, \u0430 \u0434\u043b\u044f Windows 10 Microsoft \u0432\u044b\u0439\u0434\u0443\u0442 \u043f\u043e\u0437\u0436\u0435.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0443\u043b\u044f \u0431\u0430\u043d\u0434\u043e\u0439 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 RansomEXX, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043a\u0430\u043a Storm-2460.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0426\u0435\u043d\u0442\u0440\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Microsoft.\n\n\u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e PipeMagic backdoor \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 CVE-2025-29824, \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 !_READ_ME_REXX2_!.txt \u043f\u043e\u0441\u043b\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u0426\u0435\u043b\u044f\u043c\u0438 \u0430\u0442\u0430\u043a \u0441\u0442\u0430\u043b\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 \u0438 \u043d\u0435\u0434\u0432\u0438\u0436\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0421\u0428\u0410, \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440 \u0432 \u0412\u0435\u043d\u0435\u0441\u0443\u044d\u043b\u0435, \u0438\u0441\u043f\u0430\u043d\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f-\u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u041f\u041e \u0438 \u0441\u0435\u043a\u0442\u043e\u0440 \u0440\u043e\u0437\u043d\u0438\u0447\u043d\u043e\u0439 \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438 \u0432 \u0421\u0430\u0443\u0434\u043e\u0432\u0441\u043a\u043e\u0439 \u0410\u0440\u0430\u0432\u0438\u0438.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f ESET \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0441 \u043c\u0430\u0440\u0442\u0430 2023 \u0433\u043e\u0434\u0430 PipeMagic \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 0-day \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 Windows Win32 (CVE-2025-24983).\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432 2022 \u0433\u043e\u0434\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043b\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f.\n\n\u0412 2023 \u0433\u043e\u0434\u0443 \u041b\u041a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u044d\u0442\u043e\u0442 \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u0440\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438\u00a0\u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f Nokoyawa.\n\n\u0412 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0434\u0440\u0443\u0433\u043e\u0439 \u043d\u043e\u043b\u044c \u0432 Windows Common Log File System Driver, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-28252.\n\n\u041f\u043e\u043b\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442, - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2025-04-09T15:00:08.000000Z"}, {"uuid": "a45b1803-6635-4d7d-af68-1069ad155ee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/true_secator/5250", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Qualys \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u0441 \u0430\u043d\u0430\u043b\u0438\u0437\u043e\u043c \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0430 \u0443\u0433\u0440\u043e\u0437 \u0437\u0430 2023 \u0433\u043e\u0434, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u0432\u044b\u0432\u043e\u0434\u0430\u043c \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u043d\u0435\u0435 1% \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 26 000 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 2023 \u0433\u043e\u0434\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u0435\u0442 \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 2022 \u0433\u043e\u0434\u0443, \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u043d\u0430 1500 CVE.\u00a0\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u0442\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e. \u0422\u0440\u0435\u0442\u044c \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \n\n\u0411\u043e\u043b\u0435\u0435 7000 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u043c\u0435\u043b\u0438 PoC, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u043b\u0443\u0447\u0430\u0435 \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u043c\u0435\u043b \u043d\u0438\u0437\u043a\u043e\u0435 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e, \u0441\u043d\u0438\u0436\u0430\u044f \u0440\u0438\u0441\u043a \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438.\n\n\u0414\u043b\u044f 206 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430 \u0431\u044b\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f. 115 \u0438\u0437 \u043d\u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c\u0438 \u041f\u041e \u0438 \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 (20), \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e LockBit, CL0P \u0438 Cerber.\n\n\u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f, \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e, PaperCut NG, MOVEit Transfer, \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u041e\u0421 Windows, Google Chrome, Atlassian Confluence \u0438 Apache ActiveMQ.\n\n109 \u0438\u043c\u0435\u043b\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u0431\u044b\u043b\u0438 \u0432\u043d\u0435\u0441\u0435\u043d\u044b \u0432 CISA KEV, \u043d\u043e 97 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043d\u0435 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432 \u0441\u043f\u0438\u0441\u043e\u043a.\n\n\u0412 2023 \u0433\u043e\u0434\u0443 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430.\n\n\u0421\u0440\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 2023 \u0433\u043e\u0434\u0443 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e\u00a044 \u0434\u043d\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c 75 % \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 19 \u0434\u043d\u0435\u0439 (\u043f\u0440\u0438\u0431\u043b\u0438\u0437\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u0440\u0438 \u043d\u0435\u0434\u0435\u043b\u0438) \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e 25% \u043f\u0440\u043e\u0446\u0435\u043d\u0442\u043e\u0432 CVE \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u0440\u0438\u0441\u043a\u0430 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0434\u0435\u043d\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0432 \u0434\u0435\u043d\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438. \n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0442\u0430\u043a\u0442\u0438\u043a\u0430\u043c\u0438 MITRE ATT&CK \u0441\u0442\u0430\u043b\u0438: \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 (T1210 \u0438 T0866), \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 (T1190 \u0438 T0819) \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (T1068).\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b: CVE-2023-0669, CVE-2023-20887, CVE-2023-22952, CVE-2023-23397, CVE-2023-24880, CVE-2023-27350, CVE-2023-28252, CVE-2023-2868, CVE-2023-29059, CVE-2023-34362.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0430 \u0443\u0433\u0440\u043e\u0437 \u0432 2023 \u0433\u043e\u0434\u0443, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0442\u0430\u043a\u0438\u0435 \u0442\u0440\u0435\u043d\u0434\u044b, \u043a\u0430\u043a \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u044b\u0439 \u0442\u0435\u043c\u043f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0440\u0443\u0436\u0438\u044f \u0438 \u043d\u0430\u043c\u0435\u0442\u0438\u0432\u0448\u0435\u0435\u0441\u044f \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u0438\u0435 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0443\u0433\u0440\u043e\u0437, \u0447\u0442\u043e \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435.", "creation_timestamp": "2023-12-27T12:34:26.000000Z"}, {"uuid": "6739077a-953d-4d9d-b3fa-81dec1c0a694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5243", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b Common Log File System (CLFS) \u0432 \u0447\u0430\u0441\u0442\u0438 \u0435\u0433\u043e \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432, \u0443\u043c\u0435\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 ransomware \u0432 2022 \u0438 2023.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043b\u0441\u044f \u043a\u0430\u043a CVE-2023-28252\u00a0\u0438 \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d Microsoft \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e, \u043a\u0430\u043a \u043e \u043d\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0431\u044b\u043b \u043f\u043e\u0445\u043e\u0436 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (EoP) \u0434\u043b\u044f Microsoft Windows, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0433\u043e\u0434\u0430.\n\n\u0412\u043e\u043e\u0431\u0449\u0435 \u0436\u0435 \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u043b\u044f\u00a0\u043f\u044f\u0442\u0438\u00a0\u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 CLFS.\n\n\u0427\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 (CVE-2022-24521, CVE-2022-37969, CVE-2023-23376, CVE-2023-28252), \u0431\u044b\u043b\u0438 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043a\u0430\u043a \u043d\u0443\u043b\u0435\u0432\u044b\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0442\u0430\u043a\u043e\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 CLFS, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0433\u043e\u0434\u0430, \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c.\n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043d\u0438\u0447\u0435\u0433\u043e \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0437\u043d\u0430\u044f \u043a\u0430\u043a Microsoft \u0432\u0435\u0434\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0431\u044b\u043b\u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\n\u0410 \u0447\u0442\u043e \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f Common Log File System (CLFS), \u0442\u043e \u044d\u0442\u043e \u0445\u043e\u0440\u043e\u0448\u0438\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u043e\u0440\u043c\u0430\u0442 \u0444\u0430\u0439\u043b\u0430. \u0418 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f CVE-2023-28252 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u043d\u0435\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0435\u0449\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c.\n\n\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e, \u043e\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0442\u0430\u043a\u0438 \u043e\u0431\u044a\u0435\u043c\u043d\u044b\u043c \u0438 \u0431\u044b\u043b\u043e \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u043e \u043d\u0430 \u0448\u0435\u0441\u0442\u044c \u0447\u0430\u0441\u0442\u0435\u0439, \u043f\u0435\u0440\u0432\u0430\u044f (\u0447\u0430\u0441\u0442\u044c 1. Windows CLFS \u0438 \u043f\u044f\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439) \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u0430 CLFS.\n\n\u041f\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u043a\u043b\u044e\u0447\u0430\u0442 \u043e\u0431\u0437\u043e\u0440 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0435\u0440\u0432\u043e\u043f\u0440\u0438\u0447\u0438\u043d \u0438 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: \u0447\u0430\u0441\u0442\u044c 2: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21161 - CVE-2022-24521, \u0447\u0430\u0441\u0442\u044c 3: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21162 \u2014 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2022, \u0447\u0430\u0441\u0442\u044c 4: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21163 \u2014 \u043e\u043a\u0442\u044f\u0431\u0440\u044c 2022, \u0447\u0430\u0441\u0442\u044c 5: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21164 \u2014 CVE-2023-23376 \u0438 \u0447\u0430\u0441\u0442\u044c 6: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21165 \u2014 CVE-2023-28252.", "creation_timestamp": "2023-12-25T17:10:05.000000Z"}, {"uuid": "cf90867a-69fe-4c5c-9ce8-cc9cb466d768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/true_secator/4421", "content": "GitLab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435  \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS v3.1: 10,0), \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-2825.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c pwnie, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 HackOne Bug Bounty.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 GitLab Community Edition (CE) \u0438 Enterprise Edition (EE) \u0432\u0435\u0440\u0441\u0438\u0438 16.0.0, \u043d\u043e \u043d\u0435 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u0442\u0430\u0440\u0448\u0435 \u043d\u0435\u0435. \u0412 \u0441\u0438\u043b\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438 \u0441\u0440\u043e\u043a\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u043d\u0434\u043e\u0440 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0435 (\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0432 \u043f\u044f\u0442\u0438 \u0433\u0440\u0443\u043f\u043f\u0430\u0445).\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u00a0CVE-2023-2825\u00a0\u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u0434 \u043f\u0440\u043e\u043f\u0440\u0438\u0435\u0442\u0430\u0440\u043d\u043e\u0433\u043e \u041f\u041e, \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0442\u043e\u043a\u0435\u043d\u044b, \u0444\u0430\u0439\u043b\u044b \u0438 \u0434\u0440\u0443\u0433\u0443\u044e \u043b\u0438\u0447\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e.\n\nGitLab \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u0442\u043b\u0430\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u043f\u0440\u043e\u0435\u043a\u0442\u0430, \u0430 \u0434\u043b\u044f GitLab Runner\u00a0 - \u0437\u0434\u0435\u0441\u044c.\n\n\u0421\u043c\u044f\u0433\u0447\u0430\u044e\u0449\u0438\u043c \u0444\u0430\u043a\u0442\u043e\u0440\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445 GitHub.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0432\u0441\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c GitLab 16.0.0 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 16.0.1, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a.\u00a0\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439.", "creation_timestamp": "2023-05-25T15:05:06.000000Z"}, {"uuid": "b19f36e1-8c04-49f6-b5c5-5a08f8ba9885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "exploited", "source": "https://t.me/true_secator/4279", "content": "\u0420\u0435\u0448\u0438\u043b\u0438 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c Microsoft 0-day \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows (CLFS), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043b\u044c\u0432\u0438\u043d\u0443\u044e \u0434\u043e\u043b\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f CVE-2023-28252 \u043f\u0440\u043e\u0434\u0435\u043b\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b GReAT \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u043c\u0438\u043c\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u043c\u044b\u0445 Mandiant \u0438 DBAPPSecurity WeBin.\n\n0-day \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Microsoft Windows \u043f\u044b\u0442\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e Nokoyawa ransomware \u043d\u0430 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u0445 \u043c\u0430\u043b\u043e\u0433\u043e \u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0432 \u0431\u043b\u0438\u0436\u043d\u0435\u0432\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u043c \u0438 \u0441\u0435\u0432\u0435\u0440\u043e\u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e, \u0441\u0442\u043e\u044f\u0449\u0430\u044f \u0437\u0430 ransomware \u0433\u0440\u0443\u043f\u043f\u0430 \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430  \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0435\u0449\u0435 \u043f\u044f\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 CLFS, \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438, \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0438, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e.\n\n\u0421 2018 \u0433\u043e\u0434\u0430 Redmond \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 32 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows CLFS, \u043f\u0440\u0438\u0447\u0435\u043c \u0442\u0440\u0438 \u0438\u0437 \u043d\u0438\u0445 (CVE-2022-24521, CVE-2022-37969 \u0438 CVE-2023-23376) \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c - \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0410\u0420\u0422.\n\n\u041d\u0435 \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0442\u0435\u043c \u0431\u043e\u043b\u0435\u0435 \u0447\u0442\u043e \u0432\u0441\u0435\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0435\u0440\u0435\u0437 \u0434\u0435\u0432\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u0430\u0442\u0447\u0430.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0431\u044b\u043b\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0430\u043c\u043f\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u043a\u0443\u0441\u0442\u0430 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 HKEY_LOCAL_MACHINE\\SAM.\n\n\u0410 \u0447\u0442\u043e \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0442\u043e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Cobalt Strike BEACON. \u041e\u043d \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0441 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u0432, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f AV.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CLFS \u043c\u0430\u0448\u0438\u043d\u044b \u0436\u0435\u0440\u0442\u0432\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u043c \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c Pipemagic, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 MSBuild.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-28252 \u0441\u0443\u0431\u044a\u0435\u043a\u0442 \u043f\u044b\u0442\u0430\u043b\u0441\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c Nokoyawa (\u0440\u0435\u0431\u0440\u0435\u043d\u0434\u0438\u043d\u0433 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 JSWorm), \u043d\u043e \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041a\u0430\u043a \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438, \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u044b\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e, \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0442\u043e\u043b\u044c\u043a\u043e APT.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0436\u0435 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0432\u0441\u0435\u043c\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438, \u0447\u0442\u043e\u0431\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c 0-day \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2023-04-12T14:34:47.000000Z"}, {"uuid": "878659b3-64c9-4652-b902-078bbd2c7b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/true_secator/4278", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 Apple, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Microsoft \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0439 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0447\u0442\u0438 \u0441\u043e\u0442\u043d\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u0434\u043d\u043e\u0439 0-day.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0442 RCE.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 45 RCE-\u043e\u0448\u0438\u0431\u043e\u043a, \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 20 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 8 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 10 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 9 - DoS \u0438 6 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f \u0432 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 CVE-2023-28252 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows CLFS,  \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e SYSTEM.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e Microsoft, \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0413\u044d\u043d\u0432\u044d\u0439 \u0426\u0437\u044f\u043d\u043e\u043c \u0438\u0437 Mandiant \u0438 \u041a\u0443\u0430\u043d \u0414\u0436\u0438\u043d\u043e\u043c \u0438\u0437 DBAPPSecurity WeBin Lab.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2023-28285, CVE-2023-28295, CVE-2023-28287 \u0438 CVE-2023-28311) Microsoft Office, Word \u0438 Publisher, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043f\u0440\u043e\u0441\u0442\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0436\u0435\u0440\u0442\u0432 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0439 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043f\u043e\u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f, \u043a\u0430\u043a \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 \u0441\u0432\u043e\u0438\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445.\n\n\u0412 \u044d\u0442\u043e\u0439 \u0441\u0432\u044f\u0437\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Microsoft Office \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f \u043d\u0430 Microsoft, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u043b\u043e\u0441\u044c \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0434\u043e\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u0438 \u0447\u0438\u043d\u0438\u0442\u044c \u043f\u043e\u043f\u0443\u0442\u043d\u043e \u043b\u0430\u0433\u0430\u044e\u0449\u0438\u0439 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0441\u043e\u0444\u0442.\n\n\u041f\u043e\u043b\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c -\u00a0\u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-04-12T13:27:13.000000Z"}, {"uuid": "863d069d-2943-474f-9e90-7717488fc63e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3571", "content": "Path traversal flaws are an all-too-common occurrence. These vulnerabilities, if exploited, allow attackers to access files and directories outside of the intended scope. Among the recent discoveries, one notable vulnerability is CVE-2023-2825, which exposes a path traversal flaw in GitLab version 16.0.0. \n\nhttps://system32.ink/exploring-the-depths-unveiling-cve-2023-2825-path-traversal-vulnerability-in-gitlab-16-0-0/", "creation_timestamp": "2023-05-28T13:46:27.000000Z"}, {"uuid": "53317b5c-cb17-459d-82f8-556ccc037f35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3783", "content": "\ud83d\udd31CVE-2023-24488 POC : https://www.system32.ink/2023/07/cve-2023-24488-poc.html\n\n\ud83d\udd31CVE-2023-28252 POC : https://www.system32.ink/2023/07/cve-2023-28252-poc.html\n\n\ud83d\udd31Sniffle - Sniffer for Bluetooth 5 and 4.x (LE) : https://www.system32.ink/2023/07/sniffle-sniffer-for-bluetooth-5-and-4x.html\n\n\ud83d\udd31ChromeOS pluginvm arbitrary chmod 777 : https://www.system32.ink/2023/07/chromeos-pluginvm-arbitrary-chmod-777.html\n\n\ud83d\udd31Akira Ransomware Decryptor Software : https://www.system32.ink/2023/07/akira-ransomware-decryptor-software.html\n\n\ud83d\udd31CVE-2023-27997 FortiGate SSL VPN Detector : https://www.system32.ink/2023/07/cve-2023-27997-fortigate-ssl-vpn.html\n\n\ud83d\udd31TomcatBackdoorPoC : https://www.system32.ink/2023/07/tomcatbackdoorpoc.html", "creation_timestamp": "2023-07-10T00:50:12.000000Z"}, {"uuid": "ce68dece-f663-460c-ba0f-8586c25ad5a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1445", "content": "\ud83d\udc69\u200d\ud83d\udcbb Windows CLFS Driver Privilege Escalation\n\nThis vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization\u2019s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.\n\n\ud83d\udcca Affects version:\n\u2014 Windows 11 21H2 (clfs.sys version 10.0.22000.1574);\n\u2014 Windows 11 22H2; \n\u2014 Windows 10 21H2;\n\u2014 Windows 10 22H2;\n\u2014 Windows Server 2022.\n\nResearch: \n\ud83d\udd17 https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability\n\nExploit: \n\ud83d\udd17 https://github.com/duck-sec/CVE-2023-28252-Compiled-exe\n\n#windows #privesc #clfs #driver", "creation_timestamp": "2024-01-26T14:40:08.000000Z"}, {"uuid": "9ed02fea-3ecc-47ef-9e52-2526c8918ced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/ctinow/157592", "content": "https://ift.tt/Z5kA7KE\nWindows CLFS and five exploits used by ransomware operators (Exploit #5 \u2013 CVE-2023-28252)", "creation_timestamp": "2023-12-21T11:07:47.000000Z"}, {"uuid": "caf285d9-1bbe-4d88-b9f0-0547c222484f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28255", "type": "seen", "source": "https://t.me/cibsecurity/61948", "content": "\u203c CVE-2023-28255 \u203c\n\nWindows DNS Server Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:29:52.000000Z"}, {"uuid": "a5dec012-fab0-4765-8a40-76884b27c337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28251", "type": "seen", "source": "https://t.me/cibsecurity/63685", "content": "\u203c CVE-2023-28251 \u203c\n\nWindows Driver Revocation List Security Feature Bypass Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:45:04.000000Z"}, {"uuid": "f96c8dc9-0aaf-40f8-99be-02957f6f88a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3232", "content": "\u0420\u0435\u0431\u044f\u0442, \u0442\u0443\u0442 Windows Common Log File System  \u043f\u0440\u043e\u0442\u0451\u043a \n\u0415\u0441\u0442\u044c \u043f\u0430\u0442\u0447 \u043e\u0442 \u0430\u043f\u0440\u0435\u043b\u044f, \u0442\u0430\u043a \u0447\u0442\u043e \u043d\u0435 0-Day\nCVE-2023-28252\nPOC exploit\n \n#windows #lpe", "creation_timestamp": "2023-06-30T21:00:31.000000Z"}, {"uuid": "3aff0498-44e5-4939-be0e-203237b2fe0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/information_security_channel/49995", "content": "GitLab Security Update Patches Critical Vulnerability\nhttps://www.securityweek.com/gitlab-security-update-patches-critical-vulnerability/\n\nGitLab CE/EE version 16.0.1 patches a critical arbitrary file read vulnerability tracked as CVE-2023-2825.\nThe post GitLab Security Update Patches Critical Vulnerability (https://www.securityweek.com/gitlab-security-update-patches-critical-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-05-25T14:26:59.000000Z"}, {"uuid": "0cf431f4-d105-4621-bcb1-d5124d64f374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/xakep_ru/14096", "content": "GitLab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 GitLab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u043e\u0439 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0432\u0435\u0440\u0441\u0438\u044f 16.0.1) \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043d\u0430\u0431\u0440\u0430\u0432\u0448\u0435\u0439 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVSS. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2023-2825 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u0434 \u043f\u0440\u043e\u043f\u0440\u0438\u0435\u0442\u0430\u0440\u043d\u043e\u0433\u043e \u041f\u041e, \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0442\u043e\u043a\u0435\u043d\u044b, \u0444\u0430\u0439\u043b\u044b \u0438 \u0442\u0430\u043a \u0434\u0430\u043b\u0435\u0435.\n\nhttps://xakep.ru/2023/05/25/gitlab-bug/", "creation_timestamp": "2023-05-25T18:39:44.000000Z"}, {"uuid": "4e88291e-56b6-43fa-8dfd-820223312d8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/677", "content": "https://github.com/fortra/CVE-2023-28252 \n#github", "creation_timestamp": "2023-07-01T09:16:50.000000Z"}, {"uuid": "121a7f69-ef09-4993-9ada-cc0d600e0d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/932", "content": "https://unsafe.sh/go-174865.html\nCVE-2023-28252 CLFS \u63d0\u6743\u6f0f\u6d1e\u5206\u6790", "creation_timestamp": "2023-08-25T04:10:04.000000Z"}, {"uuid": "804374cb-8d32-4452-9f40-2b114786156e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9712", "content": "#exploit\n#Analytics\nTop 10 Vulnerabilities of 2023:\n\n1. CVE-2023-34362: MOVEit Vulnerability\n2. CVE-2023-23397: MS Outlook PE\n3. CVE-2023-43641: 1-Click RCE on GNOME\n4. CVE-2023-28252: Windows CLFS PE\n5. CVE-2023-2868: Barracuda ESG CI\n6. CVE-2023-26360: Adobe ColdFusion\n7. CVE-2023-4966: Citrix Bleed\n8. CVE-2023-22952: SugarCRM RCE\n9. CVE-2023-24880: Win Smart Screen Bypass\n10. CVE-2022-42475: FortiOS heap-based BoF in sslvpnd\n]-> https://github.com/scrt/cve-2022-42475", "creation_timestamp": "2024-10-11T02:08:15.000000Z"}, {"uuid": "9644e8a2-c875-4a3a-93f8-d35dcbaa1a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8371", "content": "#exploit\n1. CVE-2023-2825:\nPath traversal vulnerability in GitLab 16.0.0\nhttps://github.com/Occamsec/CVE-2023-2825\n\n2. CVE-2023-28131:\nExpo Framework AuthSession Redirect Proxy redirect\nhttps://salt.security/blog/a-new-oauth-vulnerability-that-may-impact-hundreds-of-online-services", "creation_timestamp": "2023-05-27T12:37:01.000000Z"}, {"uuid": "b46c9604-056f-4e58-afe0-76e825d62b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "Telegram/KZzQm2YE4rpEt8NA4p0fWCKf8IGc9MwzLO8fPh-VA8fmJIs", "content": "", "creation_timestamp": "2023-05-25T18:15:16.000000Z"}, {"uuid": "7d4d34ff-bc98-4634-b39c-e9f04eea8044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "Telegram/J-kUi9Fe7-JZSFHIIrvstGc3U2hlq7FmTWWR73dTfdW1dUc", "content": "", "creation_timestamp": "2023-05-26T13:20:27.000000Z"}, {"uuid": "86de83d4-7bfe-4044-9d49-e47fd68abe82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2583", "content": "\ud83d\udc69\u200d\ud83d\udcbb Windows CLFS Driver Privilege Escalation\n\nThis vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization\u2019s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.\n\nAffects version:\n\u2014 Windows 11 21H2 (clfs.sys version 10.0.22000.1574);\n\u2014 Windows 11 22H2; \n\u2014 Windows 10 21H2;\n\u2014 Windows 10 22H2;\n\u2014 Windows Server 2022.\n\n#Research: https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability\n\n#Exploit: https://github.com/duck-sec/CVE-2023-28252-Compiled-exe\n\n#windows #privesc #clfs #driver", "creation_timestamp": "2024-08-16T09:02:41.000000Z"}, {"uuid": "9f10bf79-13a8-49db-9686-45a6905a3498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/Rootsec_2/2414", "content": "#exploit\n#Analytics\nTop 10 Vulnerabilities of 2023:\n\n1. CVE-2023-34362: MOVEit Vulnerability\nhttps://t.me/CyberSecurityTechnologies/8493\n2. CVE-2023-23397: MS Outlook PE\nhttps://t.me/CyberSecurityTechnologies/8677\n3. CVE-2023-43641: 1-Click RCE on GNOME\nhttps://t.me/CyberSecurityTechnologies/9175\n4. CVE-2023-28252: Windows CLFS PE\nhttps://t.me/CyberSecurityTechnologies/8595\n5. CVE-2023-2868: Barracuda ESG CI\nhttps://t.me/CyberSecurityTechnologies/8627\n6. CVE-2023-26360: Adobe ColdFusion\nhttps://t.me/CyberSecurityTechnologies/9702\n7. CVE-2023-4966: Citrix Bleed\nhttps://t.me/CyberSecurityTechnologies/9257\n8. CVE-2023-22952: SugarCRM RCE\nhttps://t.me/CyberSecurityTechnologies/7907\n9. CVE-2023-24880: Win Smart Screen Bypass\nhttps://www.vicarius.io/vsociety/posts/windows-smartscreen-security-feature-bypass-cve-2023-24880\n10. CVE-2022-42475:\nFortiOS heap-based buffer overflow in sslvpnd\nhttps://bishopfox.com/blog/exploit-cve-2022-42475\n]-> https://github.com/scrt/cve-2022-42475", "creation_timestamp": "2024-08-16T08:59:55.000000Z"}, {"uuid": "1b02e71e-d404-4892-b2bc-355e51edc2c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28252", "type": "seen", "source": "https://t.me/sysodmins/26658", "content": "\ud83c\udfb9 PipeMagic \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f: \u043d\u043e\u0432\u044b\u0439 \u0432\u0438\u0442\u043e\u043a \u0430\u0442\u0430\u043a \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043d\u043e\u0432\u043e\u0439 \u0432\u043e\u043b\u043d\u0435 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u044d\u043a\u0434\u043e\u0440\u0430 PipeMagic. \u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0439 \u0432 2022 \u0433\u043e\u0434\u0443, \u044d\u0442\u043e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u044d\u0432\u043e\u043b\u044e\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u0435\u0442: \u043e\u043d \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0434\u0430\u0432\u0430\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043a\u0430\u043a \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u043e\u0444\u0442 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u044f\u0445.\n\n\u0412 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445 PipeMagic \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u043c Nokoyawa, \u0433\u0434\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0430\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows Common Log (CVE-2023-28252). \u0412 2024 \u0433\u043e\u0434\u0443 \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432 \u0421\u0430\u0443\u0434\u043e\u0432\u0441\u043a\u043e\u0439 \u0410\u0440\u0430\u0432\u0438\u0438, \u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0430\u0441\u044c \u2014 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u043b\u0438 \u0438 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438.\n\n\u0422\u0435\u043a\u0443\u0449\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0441\u0432\u0435\u0436\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-29824 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 clfs.sys, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Microsoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2025 \u0433\u043e\u0434\u0430. \u042d\u0442\u0430 \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u043e\u0434\u043d\u0438\u043c\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0432\u043e\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b. \u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0434\u0430\u0436\u0435 \u0438\u043d\u0434\u0435\u043a\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0441\u043f\u0440\u0430\u0432\u043a\u0438 Microsoft \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 PipeMagic \u0432\u043d\u0435\u0441\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u0434, \u0443\u0441\u0438\u043b\u0438\u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0443\u043f\u0440\u043e\u0441\u0442\u0438\u0432 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435. \u0414\u0440\u0430\u0439\u0432\u0435\u0440 clfs.sys \u0443\u0436\u0435 \u043d\u0435 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0446\u0435\u043b\u044c\u044e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0434\u043b\u044f \u043d\u0435\u0433\u043e \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u044e\u0442 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0433\u0434\u0435 \u043d\u0430 \u043a\u043e\u043d\u0443 \u0441\u0442\u043e\u0438\u0442 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u0430\u044f \u0432\u044b\u0433\u043e\u0434\u0430.\n\n\ud83d\udccc \u0424\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 PipeMagic \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u043b\u0441\u044f \u043a\u0430\u043a \u00ab\u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u00bb \u0434\u043b\u044f APT-\u0433\u0440\u0443\u043f\u043f: \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0442\u043e\u0447\u0435\u0447\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0432 \u0410\u0437\u0438\u0438, \u0442\u0435\u043f\u0435\u0440\u044c \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438 \u0430\u0434\u0430\u043f\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0434 \u043d\u043e\u0432\u044b\u0435 \u0440\u0435\u0433\u0438\u043e\u043d\u044b \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2025-08-20T04:36:41.000000Z"}, {"uuid": "c8bc1abc-bbad-475b-9202-c93e1ec0cb0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "seen", "source": "https://t.me/Netzwerksicherheit/163", "content": "Kritische Sicherheitsl\u00fccke mit H\u00f6chstwertung bedroht GitLab\n\nEs gibt eine wichtiges Sicherheitsupdate f\u00fcr die Versionsverwaltung GitLab. Entwickler sollten jetzt reagieren. \n\nEntwickler, die bei der Softwareerstellung die Versionsverwaltung GitLab einsetzen, sollten die Software zeitnah auf den aktuellen Stand bringen. Andernfalls k\u00f6nnten Angreifer unbefugt auf Daten zugreifen.\n\nIn einer Warnmeldung raten die GitLab-Entwickler das Sicherheitsupdate so schnell wie m\u00f6glich zu installieren. Ob bereits Attacken laufen, ist derzeit nicht bekannt. Die Sicherheitsl\u00fccke mit maximaler CVSS-Einstufung 10 von 10 (CVE-2023-2825 \"kritisch\") soll ausschlie\u00dflich die Version 16.0.0 von GitLab Community Edition (CE) und Enterprise Edition (EE) betreffen. J\u00fcngere Ausgaben sollen davon nicht betroffen sein.\nDatenleak-L\u00fccke\n\nDie Voraussetzung f\u00fcr Attacken ist, dass ein Anhang in einem \u00f6ffentlichen Projekt vorhanden ist, der in mindestens f\u00fcnf Gruppen verschachtelt ist. In einem solchen Fall soll ein Angreifer ohne Authentifizierung an der Path-Traversal-Schwachstelle ansetzen k\u00f6nnen. Wie eine Attacke konkret ablaufen k\u00f6nnte, ist derzeit nicht bekannt. Bei erfolgreichen Angriffen k\u00f6nnen unter anderem Softwarecode und Zugangsdaten leaken.\n\nDie Entwickler geben an, das Sicherheitsproblem in der Version 16.0.1 gel\u00f6st zu haben.\n\nQuelle\n\n_\nIT Sicherheit @Netzwerksicherheit\n...IT f\u00fcr Nutzeraufkl\u00e4rung und -sicherheit", "creation_timestamp": "2023-05-26T16:18:58.000000Z"}, {"uuid": "b4f279c7-fdf1-47d8-bd38-9bf2c7885cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "Telegram/eEkK6PVbdDfglsyujSuxBWIZjJpDuh84Njq8yhH-Zu1Cfr8", "content": "", "creation_timestamp": "2026-05-18T03:00:06.000000Z"}]}