{"vulnerability": "cve-2024-4548", "sightings": [{"uuid": "58b15a21-e0f7-4f8c-ac97-cd2fde6875ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4548", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "91a4bb7c-12e4-4835-ba03-36948fc58732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45483", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "05e1ef84-a28c-40b2-96e6-0eb990aebd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4548", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:04.000000Z"}, {"uuid": "e899f051-4139-4cec-b318-64488519e134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45482", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "38b9d645-0eac-4294-b933-9a28169f4aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45481", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "06cb6173-c504-4b3c-b67f-1d6ecc117d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45480", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "6052fad4-3ea7-4835-b4cd-e91af4e566fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45484", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "7a7b9064-7640-4787-b40d-f399b8cae48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45480", "type": "seen", "source": "https://t.me/cvedetector/21046", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45480 - B&R APROL Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45480 \nPublished : March 25, 2025, 5:15 a.m. | 23\u00a0minutes ago \nDescription : An improper control of generation of code ('Code Injection') vulnerability in the AprolCreateReport component of B&R APROL <4.4-00p5\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T06:57:08.000000Z"}, {"uuid": "6a6086f4-d32f-4271-bdb5-625cae3c769d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4548", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/diaenergie_sqli.rb", "content": "", "creation_timestamp": "2024-08-21T14:03:13.000000Z"}, {"uuid": "dba1abc6-94da-4aee-adc7-5dc711b2d200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4548", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "7ffd3660-c3fb-42d4-8039-297cde60af53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45483", "type": "seen", "source": "https://t.me/cvedetector/21042", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45483 - B&R APROL Missing Authentication for Boot Configuration\", \n  \"Content\": \"CVE ID : CVE-2024-45483 \nPublished : March 25, 2025, 5:15 a.m. | 23\u00a0minutes ago \nDescription : A Missing Authentication for Critical Function vulnerability in the GRUB configuration used B&R APROL <4.4-01\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T06:57:02.000000Z"}, {"uuid": "b749395b-65fb-4270-890c-09714041c696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45484", "type": "seen", "source": "https://t.me/cvedetector/21043", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45484 - B&R APROL Denial-of-Service (DoS) Allocation of Resources Without Limits\", \n  \"Content\": \"CVE ID : CVE-2024-45484 \nPublished : March 25, 2025, 5:15 a.m. | 23\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling vulnerability in the operating system network configuration used in B&R APROL <4.4-00p5\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T06:57:06.000000Z"}, {"uuid": "d64e9bc6-6eb2-4f69-9743-58e765d33d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45482", "type": "seen", "source": "https://t.me/cvedetector/21041", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45482 - B&R APROL SSH Server Untrusted Control Sphere Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45482 \nPublished : March 25, 2025, 5:15 a.m. | 23\u00a0minutes ago \nDescription : An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00p1\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T06:57:02.000000Z"}, {"uuid": "14e8594c-f692-4c36-9c7f-e537ad0f224a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45481", "type": "seen", "source": "https://t.me/cvedetector/21040", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45481 - B&R APROL SSH Server Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45481 \nPublished : March 25, 2025, 5:15 a.m. | 23\u00a0minutes ago \nDescription : An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00p5\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T06:57:01.000000Z"}, {"uuid": "2604b59d-3dac-46b3-ac2e-fb31fd55016d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12386", "content": "\u200aCVE-2024-45488: Flaw in Safeguard for Privileged Passwords Enables Unauthorized Access\n\nhttps://securityonline.info/cve-2024-45488-flaw-in-safeguard-for-privileged-passwords-enables-unauthorized-access/", "creation_timestamp": "2024-09-08T17:47:08.000000Z"}, {"uuid": "ac7cd0c9-6124-47fb-98e7-a5e0731bf442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1582", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769", "creation_timestamp": "2024-10-02T16:38:48.000000Z"}, {"uuid": "16d98d9a-cf31-481a-bb45-3d511513f4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "seen", "source": "https://t.me/cvedetector/4487", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45488 - One Identity Safeguard Privileged Passwords Cookie Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45488 \nPublished : Aug. 30, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This only affects virtual appliance installations (VMware or HyperV). The fixed versions are 7.0.5.1 LTS, 7.4.2, and 7.5.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T04:46:54.000000Z"}, {"uuid": "dc7cd4e5-1207-4838-a03a-44bfb3f16d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "seen", "source": "https://t.me/cvedetector/6113", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45489 - Arc Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45489 \nPublished : Sept. 20, 2024, 5:15 p.m. | 24\u00a0minutes ago \nDescription : Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however, it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T19:45:10.000000Z"}, {"uuid": "396c6339-24fc-42f1-8cb3-9942d4256e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/389", "content": "https://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488/\n\nSkeleton Cookie: Breaking into Safeguard with CVE-2024-45488\n#\u5206\u6790", "creation_timestamp": "2024-09-17T23:21:42.000000Z"}, {"uuid": "973cbb16-66bd-42e2-a496-ea24db34b121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4904", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769", "creation_timestamp": "2024-10-02T16:38:47.000000Z"}, {"uuid": "41653158-bcd3-4d10-920e-859e585188b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/925", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-19T10:18:53.000000Z"}, {"uuid": "91a69fd8-0f12-4782-9e06-d98a1fce902b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3855", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-19T10:18:52.000000Z"}, {"uuid": "b5081203-d54f-4ef9-9d86-09d7be941a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "seen", "source": "https://t.me/true_secator/6220", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437.\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AppOmni \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435\u00a01000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ServiceNow, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0431\u0430\u0437\u044b \u0437\u043d\u0430\u043d\u0438\u0439 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 (KB).\n\n2. Tenable\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Google Cloud, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f  \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044e\u044e \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Google Cloud.\n\n\u041e\u043d\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u043b\u0430 \u043d\u0430 Google Composer. Google \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0438 \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Varonis\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u043e\u0431 \u0430\u0442\u0430\u043a\u0435 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c SOQL (Salesforce Object Query Language), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445 Salesforce \u0447\u0435\u0440\u0435\u0437 API Aura \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 \u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043c\u0435\u0441\u044f\u0446 \u0441\u043f\u0443\u0441\u0442\u044f.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AmberWolf \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 Skeleton Cookie (CVE-2024-45488), \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 PAM Safeguard for Privileged Passwords \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 One Identity.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u044f\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f 8.0.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437\u00a0CVE-2024-8190, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 0-day \u0432 Ivanti Cloud Service Appliance (CSA).\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u0440\u0430\u0437 Horizon3 \u043d\u0435\u043a\u043e\u0441\u044f\u0447\u0438\u043b\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u043e\u0435\u00a0\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0432 \u0431\u043b\u043e\u0433\u0435 \u0441 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043f\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 Ivanti (CVE-2024-29847). \n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 CVE-2023-28324, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Summoning Team \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e Horizon3 \u0432 \u0441\u043f\u0435\u0448\u043a\u0435 \u043f\u044b\u0442\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0442\u044c \u0441\u0435\u0431\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043e\u043d\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0443 \u0441\u0435\u0431\u044f \u0432 \u0431\u043b\u043e\u0433\u0435.\n\n6. \u0411\u0438\u0437\u043e\u043d\u044b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE\u20112024\u20117965 (\u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0438\u043c\u043f\u043b\u0435\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u0432\u00a0V8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432\u00a0\u0440\u0435\u043d\u0434\u0435\u0440\u0435\u0440\u0435 Google\u00a0Chrome, \u043f\u043e\u043a\u0430\u0437\u0430\u0432 \u043a\u0430\u043a \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c (PoC).", "creation_timestamp": "2024-09-18T17:40:04.000000Z"}, {"uuid": "e043661b-59be-4ef7-a178-389df46ce78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "seen", "source": "Telegram/7gCCrXcF7kplbW8vCcSuolSiDuLcYtPRKYzfdVi7ua9f0qw", "content": "", "creation_timestamp": "2024-09-23T08:30:38.000000Z"}, {"uuid": "d536a163-ea65-46e4-9dd9-319a5b821f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11202", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769\n\n4. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519", "creation_timestamp": "2024-11-01T03:20:06.000000Z"}, {"uuid": "03abccc2-937f-4316-b10d-98358ef0385c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "exploited", "source": "https://t.me/xakep_ru/16487", "content": "\u0411\u0440\u0430\u0443\u0437\u0435\u0440 Arc \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 bug bounty \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Arc, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f The Browser Company, \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0438 \u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b bug bounty, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0437\u0430 \u044d\u0442\u043e \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u044f. \u041a \u044d\u0442\u043e\u043c\u0443 \u0448\u0430\u0433\u0443 \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u0434\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45489, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Arc.\n\nhttps://xakep.ru/2024/10/02/arc-bug-bounty/", "creation_timestamp": "2024-10-02T14:39:58.000000Z"}, {"uuid": "7d4e8ce6-3266-49d5-b9ed-025099ea162e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3188", "content": "https://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488/\n\nSkeleton Cookie: Breaking into Safeguard with CVE-2024-45488\n#\u5206\u6790", "creation_timestamp": "2024-09-17T16:55:31.000000Z"}, {"uuid": "84eead48-b7f5-4a8b-a99c-b1a302213012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4454", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-18T04:12:48.000000Z"}, {"uuid": "acad88c8-4a66-4309-abfd-427b4bab16c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45488", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11147", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-17T19:18:17.000000Z"}]}