{"vulnerability": "CVE-2019-13720", "sightings": [{"uuid": "fd0a8837-b089-4d84-80f5-3ec2a4e7203e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "MISP/5dbe8440-9cdc-4af1-acb7-34b902de0b81", "content": "", "creation_timestamp": "2019-11-03T07:42:19.000000Z"}, {"uuid": "347c9054-0811-40c6-800a-5e597ffabd2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "MISP/5dc01e9d-e6e4-4daa-9e72-1cbe0a3b4631", "content": "", "creation_timestamp": "2019-11-04T12:52:20.000000Z"}, {"uuid": "f1329fa5-9d9a-4a79-98b1-ec195f073b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "MISP/1ce13114-7e53-4ed4-9ddc-bddfb51e8523", "content": "", "creation_timestamp": "2020-10-09T14:23:04.000000Z"}, {"uuid": "a9ccde29-16b2-4e12-9357-ae45d02d53bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "37caa019-092e-41b6-b2ff-6df1ef91410d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971555", "content": "", "creation_timestamp": "2024-12-24T20:31:04.206403Z"}, {"uuid": "5ec773b6-86be-44e0-a1f0-1a86dbc654b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:23.000000Z"}, {"uuid": "d7e7ecf9-2b39-45c8-811c-8bda33a6d278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/vakavia-haavoittuvuuksia-chrome-selaimessa", "content": "", "creation_timestamp": "2019-11-01T11:31:20.000000Z"}, {"uuid": "100b3c64-128a-4222-ad3b-22384f9a9d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "MISP/5dc01e9d-e6e4-4daa-9e72-1cbe0a3b4631", "content": "", "creation_timestamp": "2025-04-12T09:34:34.000000Z"}, {"uuid": "24415548-e336-4b16-a549-27558d22fafc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=433", "content": "", "creation_timestamp": "2019-11-01T04:00:00.000000Z"}, {"uuid": "b44298b7-1389-404f-ba7c-d832e034e650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a45f3034-7fa4-41c8-b53d-296ff8185538", "content": "", "creation_timestamp": "2026-02-02T12:27:45.277262Z"}, {"uuid": "3e291c32-29a2-4adc-8df6-c676cbfd1047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/ctinow/17256", "content": "Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium\n\nhttps://ift.tt/2NCL8Xo", "creation_timestamp": "2019-11-01T17:08:19.000000Z"}, {"uuid": "90262c20-8aa1-4a76-a8dc-e96a8e1ce189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://t.me/BitLenta/4075", "content": "\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 Google Chrome. \u0422\u0430\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2019-13720.", "creation_timestamp": "2019-11-01T10:25:51.000000Z"}, {"uuid": "c2fbc699-7d73-4e12-b757-ce5870459549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://t.me/arpsyndicate/1303", "content": "#ExploitObserverAlert\n\nCVE-2019-13720\n\nDESCRIPTION: Exploit Observer has 16 entries related to CVE-2019-13720. Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\nFIRST-EPSS: 0.974200000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T20:57:12.000000Z"}, {"uuid": "a20903f1-c3af-4da7-91e8-437fdf30ecf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "Telegram/i3pktyLoi19Sp9oAOJaktDv-105w7wiWbSzNijKKoL7xEhqd", "content": "", "creation_timestamp": "2025-02-06T02:39:17.000000Z"}, {"uuid": "075f74fe-2bb3-4191-b415-cc6dfef248c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/ctinow/17263", "content": "Google Patches Chrome Zero-Day Under Active Attack The fix addresses CVE-2019-13720, a high-severity, use-after-free vulnerability discovered by Kaspersky Lab researchers.  https://www.darkreading.com/threat-intelligence/google-patches-chrome-zero-day-under-active-attack/d/d-id/1336244?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple", "creation_timestamp": "2019-11-01T18:02:32.000000Z"}, {"uuid": "799e7a75-5a30-4059-8007-c18294b4ad57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://t.me/ctinow/194330", "content": "https://ift.tt/EDHmYWk\nCVE-2019-13720 | Google Chrome prior 78.0.3904.87 WebAudio HTML Page use after free (ID 167066)", "creation_timestamp": "2024-02-27T12:51:54.000000Z"}, {"uuid": "f5825d43-e2ba-48b5-96a7-7652fea9e017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/information_security_channel/32271", "content": "Google Patches Chrome Zero-Day Under Active Attack\nhttps://www.darkreading.com/threat-intelligence/google-patches-chrome-zero-day-under-active-attack/d/d-id/1336244?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nThe fix addresses CVE-2019-13720, a high-severity, use-after-free vulnerability discovered by Kaspersky Lab researchers.", "creation_timestamp": "2019-11-01T17:57:52.000000Z"}, {"uuid": "b10062a4-fe1f-4a17-8853-bb23229abb12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/canyoupwnme/6108", "content": "CVE-2019-13720: Use-After-Free Zero Day in Google Chrome Exploited in the Wild\nhttps://www.tenable.com/blog/cve-2019-13720-use-after-free-zero-day-in-google-chrome-exploited-in-the-wild", "creation_timestamp": "2019-11-01T22:23:33.000000Z"}, {"uuid": "96bf81ad-00df-4600-ad87-b1e545cdd621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/DC8044_Info/453", "content": "CVE-2019-13720: Use-After-Free Zero Day in Google Chrome Exploited in the Wild\nhttps://www.tenable.com/blog/cve-2019-13720-use-after-free-zero-day-in-google-chrome-exploited-in-the-wild", "creation_timestamp": "2019-11-01T23:11:28.000000Z"}, {"uuid": "e75366f3-d173-4bbc-b9f3-8f0a4caa6cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/DC8044_Info/456", "content": "https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/", "creation_timestamp": "2019-11-02T11:11:29.000000Z"}, {"uuid": "482e8ac0-fd12-4d83-9725-8bce6f4b32b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/secinfosex/18", "content": "\u26a0\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435 Google Chrome \u0434\u043e 78.0.3904.87\n\nCVE-2019-13720:  Use-after-free in audio. \n\nGoogle is aware of reports that an exploit for CVE-2019-13720 exists in the wild.\n\n#chrome #exploit #in_the_wild", "creation_timestamp": "2019-11-01T09:39:08.000000Z"}, {"uuid": "f2058d80-ba4e-44f6-a037-451aa1bc1f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "exploited", "source": "https://t.me/secinfosex/20", "content": "\ud83d\udd36 \u041d\u043e\u0432\u044b\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u043e CVE-2019-13720 \u0432 Google Chrome \u043e\u0442 GReAT\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u043e\u043d\u0438 \u043d\u0430 \u0441\u0435\u043d\u0441\u043e\u0440\u0430\u0445 KEP \u0441\u043b\u043e\u0432\u0438\u043b\u0438 0day \u043f\u043e\u0434 Chrome, \u0438 \u0440\u0435\u043f\u043e\u0440\u0442\u043d\u0443\u043b\u0438 \u0435\u0433\u043e \u0433\u0443\u0433\u043b\u0443. \u0422\u043e\u0442 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u043f\u043e\u0434\u043b\u0435\u0447\u0438\u043b \u0431\u0440\u0430\u0443\u0437\u0435\u0440. \n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0438 \u0438\u043c\u044f WizardOpium. \n\u041e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0441 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e APT \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0443 \u0440\u0435\u0431\u044f\u0442 \u0438\u0437 GReAT \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c, \u0432\u0440\u043e\u0434\u0435 \u0438 Lazarus, \u0430 \u0432\u0440\u043e\u0434\u0435 \u0438 DarkHotel. \u041d\u043e \u044d\u0442\u043e \u043d\u0435 \u0442\u043e\u0447\u043d\u043e.\n\n\u0412\u043f\u0440\u043e\u0447\u0435\u043c \u0432\u043f\u043e\u043b\u043d\u0435 \u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043f\u043e\u0447\u0435\u043c\u0443 - \u0432\u0435\u0434\u044c \u043f\u043e\u0441\u043b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043b\u0435\u0442, \u0443 APT \u0433\u0440\u0443\u043f\u043f \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u0430\u044f \u043f\u0440\u0438\u0432\u044b\u0447\u043a\u0430 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u043e\u0436\u043d\u044b\u0439 \u0441\u043b\u0435\u0434 \u0434\u043b\u044f \u0443\u0441\u043b\u043e\u0436\u043d\u0435\u043d\u0438\u044f \u0430\u0442\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u043a \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435. \n \nhttps://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/\n\n#chrome #exploit #in_the_wild #wizardopium #lazarus #darkhotel #GReAT", "creation_timestamp": "2019-11-02T10:59:34.000000Z"}, {"uuid": "8a00b3c3-cef2-459e-961c-aff4186d91fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://t.me/secinfosex/27", "content": "\u041f\u043e\u043c\u043d\u0438\u0442\u0435 \u0442\u043e\u0442 0-day \u0432 Google Chrome, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 GReAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0437\u0432\u0430\u043b\u0438 \u0432\u0441\u0435 \u044d\u0442\u043e WizardOpium? \n\n\u0422\u0430\u043a \u0432\u043e\u0442. \u0412\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0442\u0430\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \n\n* CVE-2019-13720 \u0432 Google Chrome\n* CVE-2019-1458 \u0432 win32k.sys\n\n\u0421\u0431\u0435\u0436\u0430\u0442\u044c \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0445\u0440\u043e\u043c\u0430 \u0432 \u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u043b\u0430 CVE-2019-1458 \u0432 win32k.sys, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u043f\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c GDI \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432\u0430\u043c\u0438 (\u043a\u043b\u0430\u0441\u0441\u0438\u043a\u0430 sandbox escaping \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043b\u0435\u0442, \u043f\u043e\u0447\u0438\u0442\u0430\u0439\u0442\u0435 \u0440\u0430\u0437\u0431\u043e\u0440\u044b \u043f\u043e\u0441\u043b\u0435 pwn2own, \u0438 j00ru).\n\nGReAT \u0437\u0430\u044f\u0432\u043b\u044f\u044e\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u0445\u043e\u0436 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 Volodya aka BuggyCorp. \n\u042d\u0442\u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0434\u0430\u0432\u043d\u0435\u043d\u044c\u043a\u043e \u043f\u0440\u043e\u0434\u0430\u0435\u0442 \u0437\u0435\u0440\u043e\u0434\u0435\u0438 \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u0438\u0446\u0430\u043c, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0434\u0440\u044e\u0447\u0438\u0442 win32k.sys \u0438 \u043f\u0440\u0438 \u043b\u044e\u0431\u043e\u043c \u0443\u0434\u043e\u0431\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u0431\u0435\u0433\u0430\u0435\u0442 \u043f\u0440\u044f\u043c\u043e \u0432 \u044f\u0434\u0440\u043e.\n\n* https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/\n* https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458\n* https://www.zdnet.com/article/mysterious-hacker-has-been-selling-windows-0-days-to-apt-groups-for-three-years/\n\n#wizardopium #volodya #0day", "creation_timestamp": "2019-12-11T07:30:18.000000Z"}, {"uuid": "998f88ed-389c-40fb-960c-014ba7247614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13720", "type": "seen", "source": "https://t.me/cibsecurity/7837", "content": "\ud83d\udd74 Google Patches Chrome Zero-Day Under Active Attack \ud83d\udd74\n\nThe fix addresses CVE-2019-13720, a high-severity, use-after-free vulnerability discovered by Kaspersky Lab researchers.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2019-11-01T18:04:14.000000Z"}]}