{"vulnerability": "CVE-2019-1322", "sightings": [{"uuid": "4fa91eeb-da53-4b09-a7f5-d59d9f3ad4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "ec601848-04b0-4f56-a8c3-838ed74bf345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "exploited", "source": "https://www.exploit-db.com/exploits/47805", "content": "", "creation_timestamp": "2019-12-30T00:00:00.000000Z"}, {"uuid": "c1152f80-0784-4239-b687-09d1000c8b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "MISP/358fa670-50c1-4c52-8331-cef395402dd3", "content": "", "creation_timestamp": "2024-11-14T06:10:03.000000Z"}, {"uuid": "da519088-82b7-4bcc-8b80-e6cc03a80741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971386", "content": "", "creation_timestamp": "2024-12-24T20:28:34.117394Z"}, {"uuid": "5f443eb5-7ca0-4668-b4c8-9ee40e4f42b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "217cea34-c1aa-4b2d-80e3-c946d41eead4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:12.000000Z"}, {"uuid": "ba04b764-7af7-4b0e-b9f9-b631d82832f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/comahawk.rb", "content": "", "creation_timestamp": "2019-12-18T21:51:28.000000Z"}, {"uuid": "c975fcd1-6524-4d4b-973e-4bb121cb845b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:23.000000Z"}, {"uuid": "8175c283-25e6-4779-9809-6889a66247a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lunmkfdkv7c2", "content": "", "creation_timestamp": "2025-07-23T18:11:21.928236Z"}, {"uuid": "ef267462-ff8d-4948-b80b-69b197a6aa51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-1322", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7d1e754a-3c5e-4af9-9573-298a747f6d75", "content": "", "creation_timestamp": "2026-02-02T12:28:06.952275Z"}, {"uuid": "eaefef42-911b-4631-b01d-9f260d54680f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "exploited", "source": "https://t.me/true_secator/387", "content": "Bleeping Computer \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0432 \u043a\u043e\u043d\u0446\u0435 \u044f\u043d\u0432\u0430\u0440\u044f \u043a\u043e\u043b\u043b\u0430\u0431\u043e\u0440\u0430\u0446\u0438\u044f \u0434\u0432\u0443\u0445 \u0440\u0443\u0441\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f Silence \u0438 TA505 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u043b\u0430 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u0432\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0435\u0432\u0440\u043e\u043f\u0435\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u0441\u0444\u0435\u0440\u044b \u0444\u0430\u0440\u043c\u044b \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u0411\u0435\u043b\u044c\u0433\u0438\u0438 \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u0446\u0435\u043d\u0442\u0440\u044b \u0430\u0442\u0430\u043a \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u0434\u0430\u0442\u0441\u043a\u0438\u0445 \u0438 \u0447\u0435\u0448\u0441\u043a\u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u0445. \u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0430\u0442\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c CVE-2019-1405 \u0438 CVE-2019-1322 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft.\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043b\u0438\u0431\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n\u0421\u043b\u0443\u0447\u0430\u0439, \u0432 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0435, \u0440\u044f\u0434\u043e\u0432\u043e\u0439 \u0438 \u043c\u044b \u0431\u044b \u043d\u0435 \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0438 \u043d\u0430 \u043d\u0435\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0435\u0441\u043b\u0438 \u0431\u044b \u043d\u0435 \u043e\u0434\u043d\u043e \u043d\u043e.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0441\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0441\u043a\u0430\u044f \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Group-IB (!).\n\n\u041c\u044b \u0442\u0430\u043a \u043f\u043e\u043d\u0438\u043c\u0430\u0435\u043c, \u0447\u0442\u043e \u043d\u0430 \u0444\u043e\u043d\u0435 \u043d\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0421\u0430\u0447\u043a\u043e\u0432 \u0440\u0435\u0448\u0438\u043b \u0441\u0432\u0430\u043b\u0438\u0442\u044c \u0432 \u0431\u0430\u043d\u0430\u043d\u043e\u0432\u043e-\u043b\u0438\u043c\u043e\u043d\u043d\u044b\u0439 \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440 \u0441\u043f...\u0437\u0434\u0438\u0432 \u0441\u0440\u0430\u043d\u044b\u0439 \u0442\u0440\u0430\u043a\u0442\u043e\u0440?  \u041d\u0443, \u0442\u0430\u043c \u0436\u0435 \u0442\u0435\u043f\u043b\u043e, \u0442\u0430\u043c \u043a\u0438\u0442\u0430\u0439\u0447\u043e\u043d\u043e\u043a \u041b\u0438 \u041a\u0443\u0430\u043d \u042e \u0438 \u0418\u0422 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430. \u0418\u043d\u0430\u0447\u0435 \u0437\u0430\u0447\u0435\u043c \u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u0435\u0441\u0441-\u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u043a\u0430\u043a \u0441\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f?\n\n\u0418\u043b\u044c\u044f \u041a\u043e\u043d\u0441\u0442\u0430\u043d\u0442\u0438\u043d\u043e\u0432\u0438\u0447, \u044d\u0442\u043e\u0442 \u0437\u0430\u0448\u043a\u0432\u0430\u0440.", "creation_timestamp": "2020-03-28T10:48:22.000000Z"}, {"uuid": "32d01cc1-74ed-40e1-80ce-24481899bd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "Telegram/tCYt1jrAnr0HhdLEoRjUb9yLDauHlqVwESgmV0ICN8BLJOf6", "content": "", "creation_timestamp": "2025-02-06T02:41:37.000000Z"}, {"uuid": "9a108c56-dbb9-4898-ae85-d426b8bc3076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "https://t.me/arpsyndicate/1145", "content": "#ExploitObserverAlert\n\nCVE-2019-1322\n\nDESCRIPTION: Exploit Observer has 28 entries related to CVE-2019-1322. An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340.\n\nFIRST-EPSS: 0.001140000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T07:23:05.000000Z"}, {"uuid": "b731c166-80e3-487b-832e-6a0dbc872c40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6143", "content": "Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322\nhttps://github.com/apt69/COMahawk", "creation_timestamp": "2019-11-15T19:29:39.000000Z"}, {"uuid": "e36ae2bc-9d4a-478c-b935-fa1827d10325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13227", "type": "seen", "source": "https://t.me/cveNotify/172", "content": "\ud83d\udea8 #CVE-2019-13227\nIn GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary fil... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13227\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-04T14:59:54.000000Z"}, {"uuid": "24d02884-704c-4adf-9f8c-f104a9c405bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "seen", "source": "https://t.me/canyoupwnme/6135", "content": "CVE-2019-1405 and CVE-2019-1322 \u2013 Elevation to SYSTEM via the UPnP Device Host Service and the Update Orchestrator Service\nhttps://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/november/cve-2019-1405-and-cve-2019-1322-elevation-to-system-via-the-upnp-device-host-service-and-the-update-orchestrator-service/", "creation_timestamp": "2019-11-14T15:02:06.000000Z"}, {"uuid": "6218e053-366d-46f9-ba18-9ebd54a5fa2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13229", "type": "seen", "source": "https://t.me/cveNotify/174", "content": "\ud83d\udea8 #CVE-2019-13229\ndeepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create ... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13229\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-04T14:59:55.000000Z"}, {"uuid": "3b5b7fa7-3483-4215-8f10-025c2ec5d001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1322", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/473", "content": "Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322\nhttps://github.com/apt69/COMahawk", "creation_timestamp": "2019-11-16T12:53:34.000000Z"}, {"uuid": "2b10b987-3a57-47bb-aed4-635d9e15e383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13228", "type": "seen", "source": "https://t.me/cveNotify/173", "content": "\ud83d\udea8 #CVE-2019-13228\ndeepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or over... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13228\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-04T14:59:54.000000Z"}, {"uuid": "55c94c89-ecaf-4131-9edd-2c8b7e474d0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13226", "type": "seen", "source": "https://t.me/cveNotify/171", "content": "\ud83d\udea8 #CVE-2019-13226\ndeepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/ in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this ... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13226\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-04T14:59:53.000000Z"}]}