{"vulnerability": "cve-2024-4364", "sightings": [{"uuid": "36ea7e5f-988b-4db7-b3d3-aef6637ee036", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43643", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471799925402298", "content": "", "creation_timestamp": "2024-11-12T20:11:00.279426Z"}, {"uuid": "2405fb96-6707-4063-bdc9-b333e3286e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43644", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471799940465768", "content": "", "creation_timestamp": "2024-11-12T20:11:00.549634Z"}, {"uuid": "269ba25a-0ff4-461d-814b-80bf50cf097a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43646", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471858961774248", "content": "", "creation_timestamp": "2024-11-12T20:26:01.213889Z"}, {"uuid": "2dc44175-a564-4483-a0c2-df7162c5415a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "ce7ec49f-080e-4384-9c84-bf4fcf5afe93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43646", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "72ff3ccb-1a26-4880-bb61-0aa495117386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43642", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "b6b9b486-2264-4d48-9059-0d3cc0f51acd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43643", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "bca6bdca-6a13-47ff-80e2-840bcab0a338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43645", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471799961130577", "content": "", "creation_timestamp": "2024-11-12T20:11:00.825750Z"}, {"uuid": "a3725bab-367d-492b-acdd-da554f81fd89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43644", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "223b5077-99c5-4e1e-bd69-a4d59f2ff9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43640", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "2db83bda-ef62-41c1-8a61-a97e79e2ecb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43642", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471799910181368", "content": "", "creation_timestamp": "2024-11-12T20:10:59.886470Z"}, {"uuid": "a36fb9ed-1890-4871-9ab5-7050cc1ecff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43645", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "2a79ddb5-6f23-4296-b3ff-99d7c839b21e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43640", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471740890371912", "content": "", "creation_timestamp": "2024-11-12T19:55:59.785051Z"}, {"uuid": "cf79831d-f8ce-4e83-a70d-eeae54e7eac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471740904819107", "content": "", "creation_timestamp": "2024-11-12T19:55:59.947379Z"}, {"uuid": "9dd03603-75d6-43b5-8be8-377ecbc664e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html", "content": "", "creation_timestamp": "2024-12-19T18:03:00.000000Z"}, {"uuid": "bc50e88f-da87-47d3-8597-90d539b6dc2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43648", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:08.681572Z"}, {"uuid": "8a37831b-45f3-48d7-a435-420c0ea5a7d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43649", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113799007314543960", "content": "", "creation_timestamp": "2025-01-09T15:04:08.723803Z"}, {"uuid": "0fd1a135-5410-4b6c-961d-6cce651ae721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43648", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797350794261397", "content": "", "creation_timestamp": "2025-01-09T08:02:52.240223Z"}, {"uuid": "43b3b8aa-99a8-4387-8b2e-db743e0c41b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43649", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113797350829373745", "content": "", "creation_timestamp": "2025-01-09T08:02:53.287141Z"}, {"uuid": "b1629ffe-f743-4a33-a72b-b37799e6d528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43648", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcafr4jjy25", "content": "", "creation_timestamp": "2025-01-09T08:16:14.681623Z"}, {"uuid": "d45b2817-2902-4e01-8186-0510f7cc828f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43649", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcafuatxe2d", "content": "", "creation_timestamp": "2025-01-09T08:16:18.068750Z"}, {"uuid": "c663b30e-049d-4bfb-8f2d-085afd341ea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43649", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfcz4m6csz2y", "content": "", "creation_timestamp": "2025-01-09T15:38:32.885827Z"}, {"uuid": "d647b54e-e508-4c89-bf72-c5f7aa7fbe0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43648", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfcz4mibkp2h", "content": "", "creation_timestamp": "2025-01-09T15:38:33.592517Z"}, {"uuid": "7f45d87d-ad78-43c9-9955-74e2092c15d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43648", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113799182149941849", "content": "", "creation_timestamp": "2025-01-09T15:48:36.472827Z"}, {"uuid": "045cc596-8b60-4732-a356-b7526b2b4c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43649", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113799182201869927", "content": "", "creation_timestamp": "2025-01-09T15:48:37.927280Z"}, {"uuid": "ba4200fb-cdfd-4dfd-b464-82bcebc43110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-8-exploitation.html", "content": "", "creation_timestamp": "2025-05-28T05:00:00.000000Z"}, {"uuid": "31594daa-6a0e-416e-9519-3f49cc391f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-8-exploitation.html", "content": "", "creation_timestamp": "2025-05-28T16:09:15.861000Z"}, {"uuid": "34f7fc46-51f5-4a8d-8216-762409ea8839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T07:05:54.874000Z"}, {"uuid": "40fe2ab3-317f-4690-93cc-09d230da9ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43641", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T05:00:00.000000Z"}, {"uuid": "7b18db84-6698-4150-99b5-101bfd883b7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43647", "type": "seen", "source": "https://t.me/cvedetector/5213", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43647 - Siemens Simatic S7-200 SMarc TCP Packet Structure Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-43647 \nPublished : Sept. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T13:23:53.000000Z"}, {"uuid": "3982f918-25fb-4ba0-85ca-32d432e326c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43646", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/987", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43646\n\ud83d\udd39 Description: Windows Secure Kernel Mode Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2024-11-12T17:53:46.681Z\n\ud83d\udccf Modified: 2025-01-09T16:52:58.556Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43646", "creation_timestamp": "2025-01-09T17:19:10.000000Z"}, {"uuid": "b42b8adb-1ad0-44a2-9b1f-ae68afa22ff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43643", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/986", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43643\n\ud83d\udd39 Description: Windows USB Video Class System Driver Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2024-11-12T17:53:44.644Z\n\ud83d\udccf Modified: 2025-01-09T16:54:04.825Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43643", "creation_timestamp": "2025-01-09T17:19:03.000000Z"}, {"uuid": "8e61d1bc-4d0a-4933-b6e5-da21863277aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43649", "type": "seen", "source": "https://t.me/cvedetector/14814", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43649 - Iocharger AC Model Authenticated Root RCE through Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-43649 \nPublished : Jan. 9, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : Authenticated command injection in the filename of a .exe request leads to remote code execution as the root user.  \n  \nThis issue affects Iocharger firmware for AC models before version 24120701.  \n  \nLikelihood: Moderate \u2013 This action is not a common place for command injection vulnerabilities to occur. Thus, an attacker will likely only be able to find this vulnerability by reverse-engineering the firmware or trying it on all  fields. The attacker will also need a (low privilege) account to gain access to the  binary, or convince a user with such access to execute a payload.  \n  \nImpact: Critical \u2013 The attacker has full control over the charging station as the root user, and can arbitrarily add, modify and delete files and services.  \n  \nCVSS clarification:\u00a0This attack can be performed over any network conenction serving the web interfacr (AV:N), and there are not additional mitigating measures that need to be circumvented (AC:L) or other prerequisites (AT:N). The attack does require privileges, but the level does not matter (PR:L), there is no user interaction required (UI:N). The attack leeds to a full compromised of the charger (VC:H/VI:H/VA:H) and a compromised charger can be used to \"pivot\" to networks that should normally not be reachable (SC:L/SI:L/SA:H). Because this is an EV chargers with significant pwoer, there is a potential safety imp0act (S:P). THis attack can be automated (AU:Y). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T10:14:01.000000Z"}]}