{"vulnerability": "CVE-2019-10149", "sightings": [{"uuid": "fccac151-f94e-47d1-b877-13fb1576e78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/05169c98-57e9-42bb-aa57-20b8fb9eb86f", "content": "", "creation_timestamp": "2020-10-22T19:40:57.000000Z"}, {"uuid": "4d942948-68bf-4c9e-ab61-b6f27dac0b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/5ee900f0-23c4-4392-bc19-5080ac002816", "content": "", "creation_timestamp": "2020-06-16T17:27:43.000000Z"}, {"uuid": "a23d3043-c4e1-4770-a257-730726b5c97f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/5ed0a19f-2cac-4365-a134-7f5eac13a7a7", "content": "", "creation_timestamp": "2020-05-29T05:47:50.000000Z"}, {"uuid": "d8d2c683-2db5-4590-9715-9b233b3c7a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/a89db3b8-3802-49fb-9cda-34f33f130e6a", "content": "", "creation_timestamp": "2020-10-09T13:44:20.000000Z"}, {"uuid": "f0b8a778-9373-482d-a8bc-6180e95e1c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/5362d288-c25b-43e5-9311-2ddedfe84549", "content": "", "creation_timestamp": "2020-10-22T19:51:03.000000Z"}, {"uuid": "3b82aeed-82e1-4cf6-b413-86ea4ec95495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/8d121e04-9fcc-48d9-be88-3af090913786", "content": "", "creation_timestamp": "2020-10-22T19:44:03.000000Z"}, {"uuid": "4bd17f39-4795-4010-ac2d-3f68e9ef6055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/c7d9eed5-d71b-4433-8433-3db121149d72", "content": "", "creation_timestamp": "2020-11-21T03:00:05.000000Z"}, {"uuid": "a934370f-a220-4224-aff0-1b6f4beea718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "f39fd08b-1290-4fb7-91b8-34fd0df1b976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46996", "content": "", "creation_timestamp": "2019-06-17T00:00:00.000000Z"}, {"uuid": "09e07d80-948a-4285-a4c9-fb3cacd4146c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://www.exploit-db.com/exploits/47307", "content": "", "creation_timestamp": "2019-08-26T00:00:00.000000Z"}, {"uuid": "7c51a1cd-db67-44dc-9a83-50363c8f40c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "https://msrc.microsoft.com/blog/2019/06/prevent-the-impact-of-a-linux-worm-by-updating-exim-cve-2019-10149/", "content": "", "creation_timestamp": "2019-06-13T05:00:00.000000Z"}, {"uuid": "be75e6b9-865b-4715-b49a-bfaca3cc157c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971200", "content": "", "creation_timestamp": "2024-12-24T20:25:46.782058Z"}, {"uuid": "78bcb4d4-b067-46a1-a077-2ba4d234659a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "2d14633b-95cf-46b9-8f53-e6a969147ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:10.000000Z"}, {"uuid": "6f423280-3503-4321-8f2b-b4f9ecebd158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/5ed0a19f-2cac-4365-a134-7f5eac13a7a7", "content": "", "creation_timestamp": "2025-04-14T00:19:44.000000Z"}, {"uuid": "c88b47cb-1d44-4afe-a220-46fbdb309260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:22.000000Z"}, {"uuid": "f6b820a3-68f2-48d0-9f16-b2bcbc47be5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb", "content": "", "creation_timestamp": "2019-08-23T17:32:40.000000Z"}, {"uuid": "0957c30a-21d8-46ff-9618-6df4221fa449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "Telegram/wG0cDJgGVfJGwd2Zjdu2U-n25YycOJf4cno9rhYGWoiytkA", "content": "", "creation_timestamp": "2025-12-03T15:00:08.000000Z"}, {"uuid": "372b7514-8276-42ab-8780-1d1b8b60ff8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/exim-sahkopostipalvelimen-haavoittuvuuden-avulla-tehdaan-tietomurtoja", "content": "", "creation_timestamp": "2019-06-10T12:11:05.000000Z"}, {"uuid": "0703af6d-8084-4569-851f-9e71ddaf9bc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c8b77fa7-b1fd-4d6b-84d0-79681a29f56b", "content": "", "creation_timestamp": "2026-02-02T12:28:29.861275Z"}, {"uuid": "73c5c567-5570-4b4b-9f39-dd832d24f0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "https://t.me/exploitchallenge/88", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0444\u043e\u0440\u0443\u043c\u043e\u0432 \u0432\u0435\u043b\u0430\u0441\u044c \u043e\u0447\u0435\u043d\u044c \u0434\u043e\u043b\u0433\u043e. \u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0434\u0432\u0438\u0436\u043e\u043a - Xenforo. \u041f\u0435\u0440\u0432\u044b\u043c \u0434\u0435\u043b\u043e\u043c \u0431\u044b\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u044b \u043f\u0440\u043e\u0435\u043a\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0441\u0443\u0436\u0434\u0430\u044e\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0434\u0432\u0438\u0436\u043a\u0430\u043c. \u0417\u0430\u043d\u0438\u043c\u0430\u043b\u0438\u0441\u044c \u043d\u0443\u043b\u043b\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432, \u0433\u0434\u0435 \u0432\u0448\u0438\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u044b. \n\u041e\u0434\u0438\u043d \u0438\u0437 \u0442\u0430\u043a\u0438\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 \u0432\u0438\u0441\u0438\u0442 \u0432 \u0442\u043e\u043f\u0435. \u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f \u0442\u0435\u043d\u0435\u0432\u0438\u043a\u043e\u0432 \u0438\u0441\u043a\u0430\u043b\u0430 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u044b\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b\u0430 \u0441\u0435\u0431\u0435, \u043a\u0440\u0430\u0441\u043d\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u0441\u043e\u0431\u044b\u0442\u0438\u0439. \u0412 \u0430\u0434\u043c\u0438\u043d\u043a\u0435 \u0447\u0442\u043e \u044f \u0432\u0430\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u043b \u0435\u0441\u0442\u044c \u043b\u0438\u0447\u043d\u0430\u044f \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0430, \u0432\u0441\u0435 \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 IP+\u0414\u0410\u0422\u0410 \u0437\u0430\u0445\u043e\u0434\u043e\u0432, \u0432\u0441\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439, \u0444\u0438\u043d\u0433\u0435\u0440\u043f\u0440\u0438\u043d\u0442\u044b, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0432\u0430\u0441 \u043d\u0430 \u0440\u0430\u0437\u043d\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c \u043a \u043e\u0434\u043d\u043e\u0439 \u043b\u0438\u0447\u043d\u043e\u0441\u0442\u0438.\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0434\u043e\u0431\u044b\u043b\u0438 3 \u0444\u043e\u0440\u0443\u043c\u0430, \u0433\u0434\u0435 \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0435\u043b\u043e\u0441\u044c \u043e\u0447\u0435\u043d\u044c \u0434\u043e\u043b\u0433\u043e.\n\u0414\u0432\u0430 \u0444\u043e\u0440\u0443\u043c\u0430 \u043a\u0443\u043f\u0438\u043b\u0438,\u043e\u043a\u043e\u043b\u043e \u043d\u0438\u0445 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u043d\u0443\u0436\u043d\u044b\u0435 \u043b\u044e\u0434\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u0432 \u0434\u0432\u0438\u0436\u043e\u043a. \u041f\u0435\u0440\u0432\u044b\u0439 - \u044d\u043a\u0441\u043f\u0430, \u0412\u0442\u043e\u0440\u043e\u0439 - \u0431\u0445\u0444.\n\u0412\u043e\u0442 \u0442\u0430\u043a \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0441\u043e\u0431\u0438\u0440\u0430\u043b\u0430\u0441\u044c. \u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 \u043e\u0431 \u044d\u0442\u043e\u043c \u043d\u0435 \u0437\u043d\u0430\u043b\u0430. \u0412\u0438\u043d\u043e\u0432\u0430\u0442\u0430 \u043b\u0438\u0448\u044c \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043d\u0435 \u0441\u043b\u0435\u0434\u0438\u0442 \u0437\u0430 \u043a\u043e\u0434\u043e\u043c.\n\u041a\u0442\u043e \u0441\u043e\u0431\u0438\u0440\u0430\u043b? \u0421\u0442\u0440\u0443\u0442\u0443\u0440\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u044b\u0432\u0430\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043f\u043e \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u043c \u043b\u0438\u0447\u043d\u043e\u0441\u0442\u044f\u043c. \u042d\u0442\u043e 50-100 \u0447\u0435\u043b\u043e\u0432\u0435\u043a.\n\u041a\u0442\u043e \u044f? \u0421\u0442\u043e\u044f\u043b \u0440\u044f\u0434\u043e\u043c.\n\u0417\u0430\u0447\u0435\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u043b \u0438 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b? \u042f \u043e\u0434\u0438\u043d \u0438\u0437 \u0432\u0430\u0441.\n\u0427\u0442\u043e \u043d\u0430 \u0440\u0443\u043a\u0430\u0445 \u0443 \u043c\u0435\u043d\u044f? \u041a\u0440\u0438\u0432\u043e\u0439 \u043a\u043e\u0441\u043e\u0439 \u0431\u044d\u043a \u0430\u0434\u043c\u0438\u043d\u043a\u0438 \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f.\n\u0421\u043f\u0438\u0441\u043e\u043a \u0441\u043b\u0438\u0442\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u043e\u0432 : \u044d\u043a\u0441\u043f\u0430, \u0431\u0445\u0444, \u0434\u0430\u0440\u0441\u0435\u043b\u043b\u0435\u0440, \u043f\u0440\u043e\u0431\u0438\u0432(\u0442\u0443\u0442 \u0431\u044b\u043b\u043e \u0432\u0435\u0441\u0435\u043b\u043e, \u043f\u043e 0day \u0443\u0441\u043f\u0435\u043b \u0441\u043b\u0438\u0442\u044c \u043a\u0442\u043e-\u0442\u043e \u0435\u0449\u0435), \u043f\u0440\u043e\u043c\u0430\u0440\u043a\u0435\u0442, \u043f\u0440\u043e\u043a\u0430\u0440\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043f\u043e\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0434\u044b\u0440\u044b. \nhttps://www.shodan.io/host/185.162.130.141 \u043f\u0440\u043e\u043c\u0430\u0440\u043a\u0435\u0442 \u043f\u0440\u043e\u043a\u0440\u0434 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0438\u043c\u0435\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-10149. \u041c\u043e\u0436\u0435\u0442\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f. \u0422\u043e\u0436\u0435 \u043a\u0441\u0442\u0430\u0442\u0438 \u0443\u043a\u0440\u0430\u0438\u043d\u0446\u044b.", "creation_timestamp": "2019-07-18T00:26:51.000000Z"}, {"uuid": "f3442567-db90-4ecc-894f-3111af006f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5295", "content": "https://www.openwall.com/lists/oss-security/2019/06/05/4\nCVE-2019-10149 : New RCE vulnerability impacts SMTP MTA Exim vulnerability lets attackers run commands as root on remote email servers.\nVery dangerous vulnerability in Exim installations running ver 4.87 to 4.91.", "creation_timestamp": "2019-06-06T17:46:00.000000Z"}, {"uuid": "528f5e6e-e48d-49c1-94ec-88160081bb50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "https://t.me/antichat/5458", "content": "Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)\nhttps://blogs.technet.microsoft.com/msrc/2019/06/14/prevent-the-impact-of-a-linux-worm-by-updating-exim-cve-2019-10149/", "creation_timestamp": "2019-06-17T14:45:16.000000Z"}, {"uuid": "21a05677-3a45-4df7-ad41-00bf9d31593b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5448", "content": "https://glitchwitch.io/blog/2019-06/exploiting-cve-2019-10149", "creation_timestamp": "2019-06-17T04:42:56.000000Z"}, {"uuid": "246501cb-fb0f-481b-a2ef-f273e5524095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5575", "content": "https://securityaffairs.co/wordpress/87523/hacking/cve-2019-10149-wizard-vulnerability.html", "creation_timestamp": "2019-06-25T03:02:57.000000Z"}, {"uuid": "c8708531-c2c0-43d5-b243-574f1b0448ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://t.me/information_security_channel/38212", "content": "NSA warns that Russian hackers exploiting the Exim vulnerability (CVE-2019-10149) since at least last August. The APT hacker group linked with the attack is Sandworm Team. Sandworm Team is known to be active since 2009, and the group mainly targets Ukrainian entities associated with energy, industrial control systems, SCADA, government, and media. Hackers Exploiting Exim [\u2026]\nThe post Russian APT Hackers Exploiting Exim Vulnerability Since 2019 \u2013 NSA Warns (https://gbhackers.com/exim-vulnerability/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-05-30T05:15:22.000000Z"}, {"uuid": "3daf47db-740e-448a-9b00-8a35c3417882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://t.me/ctinow/13786", "content": "The WatchBog botnet has been spotted by @polarply exploiting the 12-day old Jira CVE-2019-11581 and Exim CVE-2019-10149 vulnerabilities to install miners on vulnerable Linux machines. http://twitter.com/BleepinComputer/status/1153350120072781824", "creation_timestamp": "2019-07-22T19:08:51.000000Z"}, {"uuid": "f8fd3dab-b5f5-4129-960a-73476e5f0227", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "Telegram/P5LDm3S4VTfGYBgu3ytMcEur8FEGyy2Co8KdeMUu5EMrSc8", "content": "", "creation_timestamp": "2025-04-11T23:00:05.000000Z"}, {"uuid": "702bde73-920b-402c-9536-e38af20dee20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://t.me/true_secator/619", "content": "\u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u043d\u0430\u0437\u0430\u0434 \u0410\u041d\u0411 \u0432 \u0441\u0432\u043e\u0435\u043c \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0442\u0432\u0438\u0442\u0442\u0435\u0440\u0435, \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u043e\u043c \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u0430\u043c, \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u043b\u043e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u0441\u0434\u0435\u043b\u0430\u043d\u043d\u043e\u0435 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0440\u0443\u0441\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0437 \u0413\u0420\u0423 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0410\u041d\u0411 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e APT Sandworm Team \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-10149 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exim, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0441 \u0440\u0443\u0442\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438. \u041f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442 \u043d\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0432\u043e\u0434\u0438\u043b \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u043f\u043e\u0437\u0438\u0446\u0438\u0438 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f (\u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u044b BleepingComputer \u0441\u043c\u043e\u0433\u043b\u0438 \u0440\u0430\u0437\u0434\u043e\u0431\u044b\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u0435\u0446 \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0443 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e).\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 \u043d\u0430\u0447\u0430\u043b\u043e \u043c\u0430\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exim \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u0430 \u0434\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 TTPs, \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043e \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 Sandworm Team \u043a \u043a\u0438\u0431\u0435\u0440\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0434\u0432\u0430 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0434\u043e\u043c\u0435\u043d, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043f\u043e \u0438\u0445 \u043c\u043d\u0435\u043d\u0438\u044e, \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u044d\u0442\u043e\u0439 APT. \n\n\u0410\u041d\u0411 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0438 \u043f\u0440\u044f\u043c\u043e \u043e\u0431\u0432\u0438\u043d\u044f\u0435\u0442 \u0413\u043b\u0430\u0432\u043d\u044b\u0439 \u0446\u0435\u043d\u0442\u0440 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 (\u0413\u0426\u0421\u0422) \u0413\u0420\u0423 aka \u0432/\u0447 74455 \u0432 \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 Sandworm Team. \n\n\u041a\u0443\u0447\u043d\u043e \u043f\u043e\u0448\u043b\u043e. \u0417\u0430 \u0442\u0440\u0438 \u0434\u043d\u044f - \u0442\u0440\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0431\u0432\u0438\u043d\u0435\u043d\u0438\u044f \u0413\u0420\u0423 \u0432 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 (2 \u043e\u0442 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u0438 1 \u043e\u0442 \u0410\u041d\u0411). \u0413\u0440\u0435\u0442\u0430 \u0422\u0443\u043d\u0431\u0435\u0440\u0433 \u043f\u0440\u043e\u0442\u0443\u0445\u043b\u0430, \u043a\u043e\u0440\u043e\u043d\u0430\u0432\u0438\u0440\u0443\u0441 \u043a\u043e\u043d\u0447\u0430\u0435\u0442\u0441\u044f, \u0437\u043d\u0430\u0447\u0438\u0442 \u043d\u0430\u0434\u043e \u043f\u043e\u0434\u0432\u0435\u0437\u0442\u0438 \u043d\u043e\u0432\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 \u043c\u0438\u0440\u043e\u0432\u043e\u043c\u0443 \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0443.", "creation_timestamp": "2020-05-28T18:58:53.000000Z"}, {"uuid": "1be91e5d-1a6c-4d74-bbbc-7bdebf69d1fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/29", "content": "CVE-2019-10149 Exim\u90f5\u7bb1\u670d\u52d9\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2019-10149_Exim%E9%83%B5%E7%AE%B1%E6%9C%8D%E5%8B%99%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:55.000000Z"}, {"uuid": "df23abea-91d2-4a2e-b960-5a5fd63ae127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/482", "content": "#exploit\n1. CVE-2019-11157:\nPlundervolt - Software-based Fault injection attacks against Intel SGX\nhttps://www.plundervolt.com\nhttps://github.com/KitMurdock/plundervolt\n\n2. CVE-2019-1388:\nWindows Certificate Dialog\u00a0EoP\nhttps://github.com/jas502n/CVE-2019-1388\n\n3. CVE-2019-10149:\nA flaw was found in Exim 4.87 - 4.91. Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to RCE\nhttps://github.com/Diefunction/CVE-2019-10149", "creation_timestamp": "2024-10-14T20:57:38.000000Z"}, {"uuid": "415d6fc7-82f3-4f1e-8b53-9481fd0b3b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "https://t.me/canyoupwnme/5645", "content": "Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)\nhttps://blogs.technet.microsoft.com/msrc/2019/06/14/prevent-the-impact-of-a-linux-worm-by-updating-exim-cve-2019-10149/", "creation_timestamp": "2019-06-17T16:35:16.000000Z"}, {"uuid": "64306eea-a4af-4077-8ebe-51d87a9c877b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://t.me/SecLabNews/5152", "content": "\u041f\u043e \u043c\u0435\u043d\u044c\u0448\u0435\u0439 \u043c\u0435\u0440\u0435 \u0434\u0432\u0435 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u043e\u043c Exim \u0432 \u0446\u0435\u043b\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u041f\u041e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2019-10149), \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a \u00abReturn of the WIZard\u00bb. \u0412 \u0445\u043e\u0434\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438 \u0431\u044d\u043a\u0434\u043e\u0440 \u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0448\u0435\u043b\u043b-\u0441\u043a\u0440\u0438\u043f\u0442\u0430, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0433\u043e SSH \u043a\u043b\u044e\u0447 \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0421\u0430\u043c \u0441\u043a\u0440\u0438\u043f\u0442 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0432 \u0441\u0435\u0442\u0438 Tor, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0447\u0435\u043c\u0443 \u0435\u0433\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0432\u044b\u044f\u0441\u043d\u0438\u0442\u044c. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 \u041e\u0421 Red Hat Enterprise Linux (RHEL), Debian, openSUSE \u0438 Alpine Linux.     \n\u041e\u0431\u0437\u043e\u0440 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 10 \u043f\u043e 16 \u0438\u044e\u043d\u044f 2019 \u0433\u043e\u0434\u0430", "creation_timestamp": "2019-06-17T14:36:38.000000Z"}, {"uuid": "5e7502b2-6e5f-47d4-8581-559738ff9e93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "exploited", "source": "https://t.me/SecLabNews/5845", "content": "\u041a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u0439 \u0431\u043e\u0442\u043d\u0435\u0442 WatchBog \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 web-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Pastebin \u0434\u043b\u044f C&amp;C-\u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439. \u0414\u0430\u043d\u043d\u044b\u0439 \u0431\u043e\u0442\u043d\u0435\u0442 \u0435\u0449\u0435 \u0441 2018 \u0433\u043e\u0434\u0430 \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 Linux-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b Monero, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u0438\u044e\u043b\u0435 \u043d\u044b\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0433\u043e\u0434\u0430 \u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u043a\u043e\u0434 \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep \u0432 Windows. \u0411\u043e\u0442\u043d\u0435\u0442 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u0430\u043a CVE-2018-1000861 (\u0432 Jenkins), CVE-2019-11581 (Jira), CVE-2019-10149 (Exim) \u0438 CVE-2019-0192 (Sol).    \n\u041a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u0439 \u0431\u043e\u0442\u043d\u0435\u0442 WatchBog \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 Pastebin \u043a\u0430\u043a C&amp;C-\u0441\u0435\u0440\u0432\u0435\u0440", "creation_timestamp": "2019-09-13T14:05:15.000000Z"}, {"uuid": "eb1c733c-3cdc-4065-9bee-06f9b7237ab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10149", "type": "seen", "source": "MISP/5ee900f0-23c4-4392-bc19-5080ac002816", "content": "", "creation_timestamp": "2026-05-04T11:17:18.000000Z"}]}