{"vulnerability": "cve-2024-4406", "sightings": [{"uuid": "e8172e4c-0f7e-403f-bb31-6f77cf6df32f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "seen", "source": "https://t.me/cvedetector/7263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44068 - Samsung Exynos m2m Scaler Driver Use-After-Free Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-44068 \nPublished : Oct. 7, 2024, 7:15 p.m. | 33\u00a0minutes ago \nDescription : An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-07T21:49:14.000000Z"}, {"uuid": "681dc101-9e17-4a5d-8e22-afaf6728e974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44061", "type": "seen", "source": "https://t.me/cvedetector/8430", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44061 - WPFactory EU/UK VAT Manager for WooCommerce Basic XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44061 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:15:02.000000Z"}, {"uuid": "e263730a-6bf4-433a-8a6e-4058b444fa06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44065", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mavxa4idil2c", "content": "", "creation_timestamp": "2025-12-26T18:45:56.777029Z"}, {"uuid": "87623a2d-111a-4805-b8e1-b637903b642c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "seen", "source": "https://t.me/CyberBulletin/1233", "content": "\u26a1\ufe0fResearcher Details 0-Day Flaw CVE-2024-44068 in Samsung Exynos Processors.\n\n#CyberBulletin", "creation_timestamp": "2024-10-23T11:57:27.000000Z"}, {"uuid": "44bba2a1-7825-4747-89d1-0b016d6945fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44064", "type": "seen", "source": "https://t.me/cvedetector/5869", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44064 - LikeBtn Like Button Rating CSRF CWE-352 XSS\", \n  \"Content\": \"CVE ID : CVE-2024-44064 \nPublished : Sept. 17, 2024, 11:15 p.m. | 15\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in LikeBtn Like Button Rating allows Cross-Site Scripting (XSS).This issue affects Like Button Rating: from n/a through 2.6.54. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T01:39:21.000000Z"}, {"uuid": "99377214-34da-4eae-b40e-0d20c928e72f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44060", "type": "seen", "source": "https://t.me/cvedetector/5689", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44060 - Filmix Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-44060 \nPublished : Sept. 15, 2024, 8:15 a.m. | 32\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jennifer Hall Filmix allows Reflected XSS.This issue affects Filmix: from n/a through 1.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-15T10:55:19.000000Z"}, {"uuid": "478d2707-114a-4401-8ac6-ac80e6357a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44063", "type": "seen", "source": "https://t.me/cvedetector/5688", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44063 - Happyforms Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44063 \nPublished : Sept. 15, 2024, 8:15 a.m. | 32\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-15T10:55:18.000000Z"}, {"uuid": "25c58cdb-30af-45e5-89e6-b7e63fc46ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "exploited", "source": "https://t.me/xakep_ru/16585", "content": "Google \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Samsung\n\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 Google Threat Analysis Group (TAG) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Samsung. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u0430\u0433 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\nhttps://xakep.ru/2024/10/23/cve-2024-44068/", "creation_timestamp": "2024-10-23T10:34:18.000000Z"}, {"uuid": "f1640b43-e580-4946-8962-f9f2c6b050ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44062", "type": "seen", "source": "https://t.me/cvedetector/5687", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44062 - Hiroaki Miyashita Custom Field Template Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44062 \nPublished : Sept. 15, 2024, 8:15 a.m. | 32\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6.5. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-15T10:55:17.000000Z"}, {"uuid": "5dc00b5c-ceb0-424b-8beb-ce4dba84a97b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44069", "type": "seen", "source": "https://t.me/cvedetector/3504", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44069 - Pi-hole Unauthenticated Configuration Tampering Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44069 \nPublished : Aug. 19, 2024, 2:15 a.m. | 38\u00a0minutes ago \nDescription : Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the temperature units of the web dashboard. NOTE: the supplier reportedly does \"not consider the bug a security issue\" but the specific motivation for letting arbitrary persons change the value (Celsius, Fahrenheit, or Kelvin), seen by the device owner, is unclear. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T05:09:28.000000Z"}, {"uuid": "417842e5-7a5f-4cac-b4a5-9a26e21d7604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44067", "type": "seen", "source": "https://t.me/cvedetector/3502", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44067 - T-Head XuanTie CPU GhostWrite Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44067 \nPublished : Aug. 19, 2024, 1:15 a.m. | 40\u00a0minutes ago \nDescription : The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T04:19:25.000000Z"}, {"uuid": "e46487ae-4d83-41a6-924c-242634d9c4aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "exploited", "source": "https://t.me/CyberBulletin/1248", "content": "\u26a1\ufe0fA nasty bug in Samsung's mobile chips is being exploited by miscreants as part of an exploit chain to escalate privileges and then remotely execute arbitrary code, according to Google security researchers.\n\nThe use-after-free vulnerability is tracked as CVE-2024-44068, and it affects Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920. It received an 8.1 out of 10 CVSS severity rating, and Samsung, in its very brief security advisory, describes it as a high-severity flaw. The vendor patched the hole on October 7.\n\n#CyberBulletin", "creation_timestamp": "2024-10-24T07:50:46.000000Z"}, {"uuid": "539976ec-699a-4289-9e3f-f03adbdfe4c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "seen", "source": "https://t.me/InfoSecInsider/24161", "content": "\u26a1\ufe0fResearcher Details 0-Day Flaw CVE-2024-44068 in Samsung Exynos Processors.\n\n#CyberBulletin", "creation_timestamp": "2024-10-23T11:59:26.000000Z"}, {"uuid": "41488b29-66b7-45c9-8928-70db18e43786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "exploited", "source": "https://t.me/true_secator/6346", "content": "Samsung \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2024-44068, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Exynos \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 use-after-free \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 m2m1shot_scaler0 \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0438 \u0432\u0438\u0434\u0435\u043e.\n\nCVE-2024-44068\u00a0\u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Google, \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8.1 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438 Exynos 9820, 9825, 980, 990, 850 \u0438 W920.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Google \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 zero-day \u0431\u044b\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041e\u043d\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u044b\u043c \u0443\u0447\u0430\u0441\u0442\u043a\u0430\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 PFNMAP \u0432 \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u0435 \u043a \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c I/O-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u043b\u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u043c \u0447\u0435\u0440\u0435\u0437 IOCTL-\u0432\u044b\u0437\u043e\u0432\u044b, \u0434\u043e\u0431\u0438\u0432\u0430\u044f\u0441\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 Kernel Space Mirroring Attack \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0442\u0430\u0431\u043b\u0438\u0446 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u044f\u0434\u0440\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u044b\u0437\u043e\u0432\u044b mmap \u0438 mincore, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442, \u043a\u043e\u0433\u0434\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u0431\u044b\u043b\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 I/O-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438.\n\n\u0412 \u0445\u043e\u0434\u0435 \u044d\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0430\u0435\u0442\u0441\u044f \u043f\u0430\u043c\u044f\u0442\u044c, \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0432 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438, \u043a\u043e\u0433\u0434\u0430 \u043e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0443\u0436\u0435 \u043d\u0435\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 Samsung \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u043f\u0435\u0440\u0435\u0441\u043c\u043e\u0442\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u043d\u044b\u043c\u0438 \u0441\u0441\u044b\u043b\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446 PFNMAP, \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u044f \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 SMR-Oct-2024 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0435\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438 \u043d\u0438\u0432\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2024-10-22T16:40:05.000000Z"}, {"uuid": "d173df70-8be3-4ef8-a3bd-32027ce8d021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "seen", "source": "https://t.me/CyberBulletin/26168", "content": "\u26a1\ufe0fResearcher Details 0-Day Flaw CVE-2024-44068 in Samsung Exynos Processors.\n\n#CyberBulletin", "creation_timestamp": "2024-10-23T11:57:27.000000Z"}, {"uuid": "34241c8c-c509-4fa5-8b06-3c6920923330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11484", "content": "#Mobile_Security\nSamsung Exynos m2m1shot_scaler0 device driver page UaF in Android (CVE-2024-44068)\nhttps://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2024/CVE-2024-44068.html", "creation_timestamp": "2024-11-26T11:07:01.000000Z"}, {"uuid": "5c2d3f03-712a-42d7-b76e-f013f40840bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "exploited", "source": "https://t.me/Rootsec_2/5253", "content": "#Mobile_Security\nSamsung Exynos m2m1shot_scaler0 device driver page UaF in Android (CVE-2024-44068)\nhttps://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2024/CVE-2024-44068.html", "creation_timestamp": "2024-11-26T05:28:17.000000Z"}, {"uuid": "444d3c90-aaff-45b1-a987-83cecb4b91a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "exploited", "source": "https://t.me/DEVIL_La_RSx/1803", "content": "#Mobile_Security\nSamsung Exynos m2m1shot_scaler0 device driver page UaF in Android (CVE-2024-44068)\nhttps://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2024/CVE-2024-44068.html", "creation_timestamp": "2024-12-02T02:36:32.000000Z"}, {"uuid": "34a32339-1d57-4843-8700-0ff6444c9b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "exploited", "source": "https://t.me/CyberBulletin/26183", "content": "\u26a1\ufe0fA nasty bug in Samsung's mobile chips is being exploited by miscreants as part of an exploit chain to escalate privileges and then remotely execute arbitrary code, according to Google security researchers.\n\nThe use-after-free vulnerability is tracked as CVE-2024-44068, and it affects Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920. It received an 8.1 out of 10 CVSS severity rating, and Samsung, in its very brief security advisory, describes it as a high-severity flaw. The vendor patched the hole on October 7.\n\n#CyberBulletin", "creation_timestamp": "2024-10-24T07:50:46.000000Z"}, {"uuid": "813ef606-c780-4bb3-b379-ed3045737906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44068", "type": "seen", "source": "https://t.me/InfoSecInsider/548", "content": "\u26a1\ufe0fResearcher Details 0-Day Flaw CVE-2024-44068 in Samsung Exynos Processors.\n\n#CyberBulletin", "creation_timestamp": "2024-10-23T11:59:28.000000Z"}]}