{"vulnerability": "cve-2024-4342", "sightings": [{"uuid": "b443ce14-c9cb-4216-a455-b261f945a1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43426", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441914378586918", "content": "", "creation_timestamp": "2024-11-07T13:30:42.841732Z"}, {"uuid": "d158609e-139c-4818-aec3-364f18b9c15f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441914362111021", "content": "", "creation_timestamp": "2024-11-07T13:30:42.875118Z"}, {"uuid": "43ebc571-8e97-4369-8489-68d17b246220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43428", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441914392939420", "content": "", "creation_timestamp": "2024-11-07T13:30:44.334649Z"}, {"uuid": "bf39bffe-1a2b-4345-b35e-66bc63865ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43429", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113464324836726241", "content": "", "creation_timestamp": "2024-11-11T12:29:59.196272Z"}, {"uuid": "50d2218c-d03e-4b40-ab23-342d220f0a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43427", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113464337012509027", "content": "", "creation_timestamp": "2024-11-11T12:33:04.991055Z"}, {"uuid": "65fe81ad-55f7-4b2c-ac90-f03b6f5905a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43427", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113464324803213837", "content": "", "creation_timestamp": "2024-11-11T12:29:58.794545Z"}, {"uuid": "e2a4eb62-863a-4192-993c-99873489fecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43429", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113464337027965927", "content": "", "creation_timestamp": "2024-11-11T12:33:05.534545Z"}, {"uuid": "12741f50-552d-4797-9024-800e541c08a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "30f17c71-bc21-4d1b-83d5-712fab24d044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:03.000000Z"}, {"uuid": "5763d19f-45b9-4625-8e7e-d654a6722a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lsxu5faqiz26", "content": "", "creation_timestamp": "2025-07-02T09:02:55.063600Z"}, {"uuid": "5e42281d-1d64-4a33-b447-92db15798c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lt3mss33pr2v", "content": "", "creation_timestamp": "2025-07-03T21:02:22.059348Z"}, {"uuid": "a92066c8-55c6-4031-8271-85c122335ed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43420", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3hom6wnib2", "content": "", "creation_timestamp": "2025-05-13T22:08:59.596614Z"}, {"uuid": "f7d12035-a746-4019-aeae-70485305d852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "9b795695-2ca1-4af2-bb72-c0ba6478a586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43420", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16246", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43420\n\ud83d\udd25 CVSS Score: 5.7 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information disclosure via local access.\n\ud83d\udccf Published: 2025-05-13T21:03:09.384Z\n\ud83d\udccf Modified: 2025-05-13T21:03:09.384Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html", "creation_timestamp": "2025-05-13T21:31:07.000000Z"}, {"uuid": "2274b2c0-ea1f-42a7-9689-468229b5677b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/moodle_rce.rb", "content": "", "creation_timestamp": "2024-12-06T11:21:41.000000Z"}, {"uuid": "6e3cd985-9ad6-489d-9e8b-f64a90e3aac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/11532", "content": "\u200aCVE-2024-43425: Moodle Remote Code Execution Vulnerability, PoC Published\n\nhttps://securityonline.info/cve-2024-43425-moodle-remote-code-execution-vulnerability-poc-published/", "creation_timestamp": "2024-08-29T09:08:14.000000Z"}, {"uuid": "8b042da8-4dc4-4437-9c3d-6dcafbb30f44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/48918", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a\ud83d\ude80 Exploit for Moodle 4.4.0 Authenticated RCE (CVE-2024-43425) \u2014 run commands remotely \u26a1\nURL\uff1ahttps://github.com/aayush256-sys/Moodle-authenticated-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-08-24T16:37:59.000000Z"}, {"uuid": "cb139650-de27-42d9-8e2a-1164a29d663a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43428", "type": "seen", "source": "https://t.me/cvedetector/10092", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43428 - Moodle Secure Local Storage Cache Poisoning Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43428 \nPublished : Nov. 7, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : To address a cache poisoning risk in Moodle, additional validation for local storage was required. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T16:06:02.000000Z"}, {"uuid": "97e6017d-ac3b-4eda-b1b2-47aaf370aa86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43429", "type": "seen", "source": "https://t.me/cvedetector/10496", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43429 - Moodle Invisible Field Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-43429 \nPublished : Nov. 11, 2024, 1:15 p.m. | 35\u00a0minutes ago \nDescription : A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the \"view hidden user fields\" capability having access to the information. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-11T15:16:04.000000Z"}, {"uuid": "b79491f3-3a5d-4db5-9fe9-43b0eb01e982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43427", "type": "seen", "source": "https://t.me/cvedetector/10495", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43427 - \"Moodle Privilege Escalation Information Disclosure\"\", \n  \"Content\": \"CVE ID : CVE-2024-43427 \nPublished : Nov. 11, 2024, 1:15 p.m. | 35\u00a0minutes ago \nDescription : A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-11T15:16:03.000000Z"}, {"uuid": "1c937eed-3a4e-45ae-84f8-cabec0d9cc5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "Telegram/F_0kXssBNAnzFCB7R9bFVUFk62G5CdZuqmDQbmRE-uzMdg", "content": "", "creation_timestamp": "2024-09-21T16:07:02.000000Z"}, {"uuid": "bb6de137-bae2-4e51-8b95-337ed2641348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43426", "type": "seen", "source": "https://t.me/cvedetector/10091", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43426 - TeX Live Arbitrary File Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43426 \nPublished : Nov. 7, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T16:06:01.000000Z"}, {"uuid": "7d5505c7-c445-4bf3-8453-a91d96b6d838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/414", "content": "", "creation_timestamp": "2024-09-21T20:25:51.000000Z"}, {"uuid": "07abe010-3ce1-4f91-85f9-a7d8f490bb9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "https://t.me/cvedetector/10090", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43425 - Moodle Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43425 \nPublished : Nov. 7, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T16:05:57.000000Z"}, {"uuid": "9cf2708f-a849-485f-b729-7584ed1672e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43424", "type": "seen", "source": "https://t.me/cvedetector/8899", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43424 - Sharp and Toshiba Tec MFPs HTTP Header Processing Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-43424 \nPublished : Oct. 25, 2024, 7:15 a.m. | 39\u00a0minutes ago \nDescription : Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability.  \nCrafted HTTP requests may cause affected products crashed. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T10:23:32.000000Z"}, {"uuid": "667aa3f1-e3be-4ca4-a25f-ad9e944dd50b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18822", "content": "", "creation_timestamp": "2024-09-21T16:06:49.000000Z"}, {"uuid": "85c2fdac-38c6-46e7-938b-98f0d30d07e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/BlackHat0Hackers/3133", "content": "CVE-2024-43425: Moodle Remote Code Execution Vulnerability\n\nIn this post, we will show you how we bypassed the sanitization attempts of the popular learning platform Moodle to achieve remote code execution.\n\nSearch Query:\nHUNTER:/product.name=\"Moodle\"\nSHODAN:http.component:\"Moodle\"\nFOFA:app=\"Moodle\"", "creation_timestamp": "2024-08-30T16:58:53.000000Z"}, {"uuid": "73a24b5b-2a32-4cc8-93a8-cd3312add7d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "Telegram/sV1gHuMmsF6Obkl4pHuEINogRh1QzHPw2lXaflMTbK27AeDb", "content": "", "creation_timestamp": "2024-08-28T09:02:28.000000Z"}, {"uuid": "c4e52f73-172d-4c64-aa76-52d41f20e04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/CypherStar/227", "content": "\ud83d\ude0eCVE-2024-43425: Moodle Remote Code Execution Vulnerability\ud83d\ude0e\n\nIn this post, we will show you how we bypassed the sanitization attempts of the popular learning platform Moodle to achieve remote code execution.\n\nSearch Query:\nHUNTER:/product.name=\"Moodle\"\nSHODAN:http.component:\"Moodle\"\nFOFA:app=\"Moodle\"", "creation_timestamp": "2024-08-30T19:30:05.000000Z"}, {"uuid": "01179fe2-dc6c-4f53-ae9f-34403b7cfb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "Telegram/GLNGAp7-4r9Fw5qDTXN2bUbXQdnuxUMfCfnz3tT-FZBf56E", "content": "", "creation_timestamp": "2025-02-09T12:00:09.000000Z"}, {"uuid": "eefc000c-906d-4f1d-9c25-4c63c3293b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "Telegram/oxS2Lp-zXenWaOF5FWtEcVE3O5OKV2JFZ6LH2JtOfuHJy7c", "content": "", "creation_timestamp": "2024-09-27T18:49:57.000000Z"}, {"uuid": "7f9025ae-7b11-48da-a0a3-8167023803d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6146", "content": "\u0412\u043a\u0440\u0430\u0442\u0446\u0435 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6386 (CVSS: 9,9) \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WPML \u0434\u0435\u043b\u0430\u0435\u0442 \u0441\u0430\u0439\u0442\u044b WordPress \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0434\u043e 4.6.13, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 20 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2024 \u0433\u043e\u0434\u0430.\n\nWPML - \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043c\u043d\u043e\u0433\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress c \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Stealthcopter \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u043c \u043a\u043e\u0440\u043e\u0442\u043a\u0438\u0445 \u043a\u043e\u0434\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0432\u0441\u0442\u0430\u0432\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u043f\u043e\u0441\u0442\u043e\u0432: \u0430\u0443\u0434\u0438\u043e, \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u0438\u0434\u0435\u043e.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u044f Contributor \u0438 \u0432\u044b\u0448\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438\u00a0\u043d\u0430\u0448\u043b\u0438\u00a0\u0441\u043f\u043e\u0441\u043e\u0431 \u0434\u0430\u043c\u043f\u0430 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u0438\u043b\u0438 Fuse Key0) \u0434\u043b\u044f Intel SGX.\n\n\u041c\u0435\u0442\u043e\u0434 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0435\u0440\u0438\u044f\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432,\u00a0\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0436\u0435 \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0430. \n\n\u042d\u0442\u043e\u0442 \u043a\u043b\u044e\u0447 \u0442\u0435\u043f\u0435\u0440\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430 SGX \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043a\u043b\u044e\u0447\u0435\u0439 Intel - \u0438\u043b\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u043d\u0443\u0442\u0440\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0432 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0435 Intel. \u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0441 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0447\u0438\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u0431\u0443\u0444\u0435\u0440, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0432\u0441\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f FK0.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041c\u0430\u0440\u043a\u0443\u0441 \u0425\u0430\u0442\u0447\u0438\u043d\u0441 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0441\u0442\u0430\u0442\u044c\u044e\u00a0\u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 CVE-2024-38063 (CVSS 9,8), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u0448\u0435\u043b \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 PoC (\u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442) \u043d\u0435\u0442, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u044d\u0442\u043e\u0433\u043e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 DoS.\n\nMobile Security Framework (MobSF) \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 \u0434\u043b\u044f \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0438\u043d\u0433\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0442\u0430\u043a ZIP Slip \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 MobSF.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438 \u043f\u0440\u043e\u0441\u0442\u0430 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\nRedTeam Pentensting \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e CVE-2024-43425 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c Moodle.\n\n\u0421\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC \u0434\u043b\u044f CVE-2024-38856, RCE \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Apache OFBiz, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439\u00a0\u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0431\u0430\u0437\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a CISA KEV.\n\nMicrosoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0438\u043c\u0432\u043e\u043b\u044b ASCII \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438\u0437 Copilot AI.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 Trend Micro \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 CVE-2024-37079 \u0432 VMware vCenter Server, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043f\u0440\u0438\u0447\u0438\u043d\u0443 \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044f, \u043a\u0430\u043a \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f RCE.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u043d\u0438 \u043e\u0434\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u0430.", "creation_timestamp": "2024-08-29T14:20:05.000000Z"}, {"uuid": "5403ce29-1a07-490b-a9fd-892313bf58a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2039", "content": "", "creation_timestamp": "2024-09-21T16:06:49.000000Z"}, {"uuid": "48dcc022-4435-4cf1-b65a-615f141738e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "published-proof-of-concept", "source": "https://t.me/BackupLulz/244", "content": "", "creation_timestamp": "2024-11-03T04:41:27.000000Z"}]}