{"vulnerability": "cve-2023-3656", "sightings": [{"uuid": "8cc551b4-0879-4181-b0fe-4cdf10600ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-10T21:10:02.000000Z"}, {"uuid": "de290d8b-7c5a-466a-944f-d4119820cbc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "MISP/1c9aae9c-4124-4b82-b3f8-5532dabf8993", "content": "", "creation_timestamp": "2023-10-12T10:17:27.000000Z"}, {"uuid": "4b268078-68fc-4fae-9505-113842ff7182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971901", "content": "", "creation_timestamp": "2024-12-24T20:35:25.849126Z"}, {"uuid": "00a9f501-ad1b-4d4e-b6bf-765f8b27d669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36561", "type": "seen", "source": "https://gist.github.com/brandonwmichael/28f8d7afc4251c70b276b133e9f6e5d4", "content": "", "creation_timestamp": "2025-07-08T19:39:29.000000Z"}, {"uuid": "1080a415-38ab-4448-8e51-6f4dd6509470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "b66026ef-fd76-4ad1-bc72-282418f2a5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1130", "content": "", "creation_timestamp": "2023-10-11T04:00:00.000000Z"}, {"uuid": "216a2ba2-45e7-4842-89d9-42d98151504a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36566", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11718", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36566\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Common Data Model SDK Denial of Service Vulnerability\n\ud83d\udccf Published: 2023-10-10T17:08:13.704Z\n\ud83d\udccf Modified: 2025-04-14T22:46:45.828Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36566", "creation_timestamp": "2025-04-14T22:53:43.000000Z"}, {"uuid": "5603b79d-b574-4934-b139-24956b3f7838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36563", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/be705179-3d7e-4533-a4d1-d17791a4a1b6", "content": "", "creation_timestamp": "2026-02-02T12:26:48.725890Z"}, {"uuid": "c971d196-db10-4378-8d7d-3cac6dea910f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36565", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11717", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36565\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Office Graphics Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2023-10-10T17:08:14.207Z\n\ud83d\udccf Modified: 2025-04-14T22:46:46.280Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565", "creation_timestamp": "2025-04-14T22:53:42.000000Z"}, {"uuid": "360eebf7-7c4f-4e5f-bce2-e51de23654ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/ctinow/142391", "content": "https://ift.tt/HEisAOw\nMicrosoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)", "creation_timestamp": "2023-10-10T22:28:16.000000Z"}, {"uuid": "91938b90-8108-4499-8f8e-61b423daf72c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/kasperskyb2b/930", "content": "\ud83d\udcbb \u041e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 Microsoft\n\n\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft \u043b\u0430\u0442\u0430\u0435\u0442 104 \u0434\u044b\u0440\u044b \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0438\u0437 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438  0day. 12 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0432\u0441\u0435 \u043e\u043d\u0438 RCE.    26 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 3 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 17 \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438. \u0412\u0441\u0435\u0433\u043e \u043e\u0448\u0438\u0431\u043e\u043a \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 45. \n\n\u0418\u0437 \u0442\u0440\u0451\u0445 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u0430\u043c\u0435\u0442\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 HTTP/2, \u0430\u0442\u0430\u043a\u0430 rapid reset. \u0415\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 DDoS. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430, \u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0435\u0433\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Wordpad \u2014 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044c \u0431\u0430\u0433\u0430 \u0432 MS Office, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 NTLM (CVE-2023-36563, CVSS 6.5) \n\n\u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u043a\u0440\u044b\u0442 EoP \u0432 Skype for business, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0445\u043e\u0441\u0442\u043e\u0432 \u0441\u0435\u0442\u0438 \u043d\u0430\u0440\u0443\u0436\u0443, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e IP \u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u043f\u043e\u0440\u0442\u044b (CVE-2023-41763, CVSS 5.3)\n\n\u0421\u0440\u0435\u0434\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0435 \u0431\u044b\u0432\u0448\u0438\u0445 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 RCE CVE-2023-35349 \u0432 MSMQ (CVSS 9.8) \u0438 \u0432 Exchange (CVE-2023-36778, CVSS 8.0) \n\n\u0422\u0430\u043a\u0436\u0435 \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043e\u0431\u043d\u043e\u0432\u0438\u043b \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 Exchange \u0434\u043b\u044f CVE-2023-21709, \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0449\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f. \n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-10-11T13:45:07.000000Z"}, {"uuid": "a0ad5b49-549b-4fec-b588-5f0d08a0cb74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/955", "content": "\ud83d\udee1\ufe0f Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones. \n\nFind details for CVE-2023-36563 and CVE-2023-41763 and other flaws here \u2014 https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html \n\nUpdate now to protect your systems.", "creation_timestamp": "2023-10-11T14:32:25.000000Z"}, {"uuid": "caf0bc87-849f-4561-83e5-8833f2564ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "published-proof-of-concept", "source": "Telegram/86P86irxSXB1GSmGLAoyltwJhUEOb0_2I2Fl1fOLmNZPqw", "content": "", "creation_timestamp": "2024-01-05T23:44:15.000000Z"}, {"uuid": "ce4ff782-ae8e-4588-b6f9-b61d03e6b9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36560", "type": "seen", "source": "https://t.me/arpsyndicate/507", "content": "#ExploitObserverAlert\n\nCVE-2023-36560\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36560. ASP.NET Security Feature Bypass Vulnerability\n\nFIRST-EPSS: 0.000720000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-23T14:32:35.000000Z"}, {"uuid": "7da07508-a4a7-4f2c-bf3e-4be2891b3707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3656", "type": "seen", "source": "https://t.me/cibsecurity/71465", "content": "\u203c CVE-2023-3656 \u203c\n\ncashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung &amp; Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T12:41:04.000000Z"}, {"uuid": "cafeb4d1-4ea7-4296-bc6c-40ee9fb4c1cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/arpsyndicate/1435", "content": "#ExploitObserverAlert\n\nCVE-2023-36563\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-36563. Microsoft WordPad Information Disclosure Vulnerability\n\nFIRST-EPSS: 0.003320000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-05T08:43:42.000000Z"}, {"uuid": "589bdf8e-7ad2-471e-a0cd-f2de29442bcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/true_secator/4951", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b Microsoft October 2023 Patch Tuesday, \u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0438\u043c \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 104 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 0-day.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0437\u0430\u043a\u0440\u044b\u0442\u043e 26 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 3 - \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 45 - RCE (\u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u043e\u043b\u044c\u043a\u043e 12 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435), 12 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 17 - DoS \u0438 1 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e 104, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Chromium, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-5346, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d\u0430 \u043d\u0430 Microsoft Edge.\n\n\u0418\u0437 \u0442\u0440\u0435\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u043d\u0435\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043e\u0441\u0442\u0430\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0430.\n\n\u041f\u0435\u0440\u0432\u0430\u044f 0-day, CVE-2023-41763, - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Skype \u0434\u043b\u044f \u0431\u0438\u0437\u043d\u0435\u0441\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043d\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u043d\u0435\u0441\u0442\u0438 \u0432 \u043d\u0435\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u0411\u0430\u0433\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0424\u043b\u043e\u0440\u0438\u0430\u043d \u0425\u0430\u0443\u0437\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0442\u0430\u00a0\u0436\u0435 \u0441\u0430\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u043e\u043d \u0443\u0436\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u044f\u043b Microsoft, \u0442\u043e\u0433\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c. \u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435, \u0447\u0442\u043e \u0435\u0435 \u043c\u043e\u0434\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-36563\u00a0\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Microsoft WordPad \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u0415\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 NTLM-\u0445\u044d\u0448\u0435\u0439 \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438.\n\n\u0427\u0442\u043e\u0431\u044b \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u041f\u041e, \u0447\u0442\u043e \u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Microsoft Threat Intelligence \u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0435\u043c CVE-2023-36761, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u0418 \u043d\u0430\u043a\u043e\u043d\u0435\u0446, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-44487 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c HTTP/2 Rapid Reset, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0438 \u0431\u044c\u0435\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u043f\u043e DDoS.\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430 HTTP/2 \u0438 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c, \u043a\u0440\u043e\u043c\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430. Microsoft \u0432\u044b\u0431\u0440\u0430\u043d \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b Cloudflare, Amazon \u0438 Google. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442\u0441\u044f.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Microsoft October 2023 Patch Tuesday, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d\u00a0\u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-10-11T13:47:32.000000Z"}, {"uuid": "dae8111a-e637-4730-a59a-cdc6e2c2a60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/arpsyndicate/87", "content": "#ExploitObserverAlert\n\nCVE-2023-36563\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36563. Microsoft WordPad Information Disclosure Vulnerability\n\nFIRST-EPSS: 0.003320000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-11T17:39:38.000000Z"}, {"uuid": "fade4a9e-bb69-47f3-a9b7-96d522684a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/56", "content": "\ud83d\udee1\ufe0f Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones. \n\nFind details for CVE-2023-36563 and CVE-2023-41763 and other flaws here \u2014 https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html \n\nUpdate now to protect your systems.", "creation_timestamp": "2023-10-11T14:32:25.000000Z"}, {"uuid": "702acf84-5fbd-4a7b-b1e2-49d77a75a2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/ZeroDay_TM/797", "content": "\ud83d\udccd Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones. \n \n\u2022 Find details for CVE-2023-36563 and CVE-2023-41763 and other flaws here \u2014 https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html \n \n\u2757\ufe0fUpdate now to protect your systems.\n\n- - - - - - - - - - - - - - - - - - - -\n-=[ @ZeroDay_TM ]=-", "creation_timestamp": "2023-10-14T09:49:02.000000Z"}, {"uuid": "4c9e04e4-a389-46e4-bd8d-9f9fa5b727e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36568", "type": "seen", "source": "https://t.me/cibsecurity/72031", "content": "\u203c CVE-2023-36568 \u203c\n\nMicrosoft Office Click-To-Run Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:26:50.000000Z"}, {"uuid": "37eb4011-c02d-488c-b35c-3e58fda88b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36561", "type": "seen", "source": "https://t.me/cibsecurity/72000", "content": "\u203c CVE-2023-36561 \u203c\n\nAzure DevOps Server Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:17:00.000000Z"}, {"uuid": "657826c0-0888-40ae-b8b2-5a4c453f9c78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36564", "type": "seen", "source": "https://t.me/cibsecurity/71999", "content": "\u203c CVE-2023-36564 \u203c\n\nWindows Search Security Feature Bypass Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:16:59.000000Z"}, {"uuid": "c74251cd-977e-4c86-b782-182717a8c13b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/Rootsec_2/1603", "content": "#Threat_Research\nAn Analysis of CVE-2023-36563, a WordPad Information Disclosure Vulnerability\nhttps://www.dillonfrankesecurity.com/posts/cve-2023-36563-wordpad-analysis", "creation_timestamp": "2024-08-16T08:43:27.000000Z"}, {"uuid": "27998046-093f-4601-9ba1-9220bf8da32d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36569", "type": "seen", "source": "https://t.me/cibsecurity/72033", "content": "\u203c CVE-2023-36569 \u203c\n\nMicrosoft Office Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:26:52.000000Z"}, {"uuid": "f98c21b2-53c4-4d58-a69d-54f2b96c0ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/cibsecurity/72007", "content": "\u203c CVE-2023-36563 \u203c\n\nMicrosoft WordPad Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:17:08.000000Z"}, {"uuid": "19823f48-f53a-4e11-8bae-885c13b2b368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36567", "type": "seen", "source": "https://t.me/cibsecurity/72043", "content": "\u203c CVE-2023-36567 \u203c\n\nWindows Deployment Services Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-28T15:17:08.000000Z"}, {"uuid": "62a12123-4f70-4c48-b8b6-52a006a9675c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36565", "type": "seen", "source": "https://t.me/cibsecurity/71990", "content": "\u203c CVE-2023-36565 \u203c\n\nMicrosoft Office Graphics Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:16:47.000000Z"}, {"uuid": "a7ba843b-94ea-4d2b-adaa-32ffbda3b4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/thehackernews/3993", "content": "\ud83d\udee1\ufe0f Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones. \n \nFind details for CVE-2023-36563 and CVE-2023-41763 and other flaws here \u2014 https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html \n \nUpdate now to protect your systems.", "creation_timestamp": "2023-10-11T14:29:57.000000Z"}, {"uuid": "4dd29b3c-bc64-4e79-b034-3228c4a645a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1404", "content": "https://www.dillonfrankesecurity.com/posts/cve-2023-36563-wordpad-analysis/\nCVE-2023-36563  WordPad", "creation_timestamp": "2023-10-31T13:31:12.000000Z"}, {"uuid": "600dd66e-95e1-416b-a1de-3e7c67ab1861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36563", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9300", "content": "#Threat_Research\nAn Analysis of CVE-2023-36563, a WordPad Information Disclosure Vulnerability\nhttps://www.dillonfrankesecurity.com/posts/cve-2023-36563-wordpad-analysis", "creation_timestamp": "2023-10-31T20:17:37.000000Z"}]}