{"vulnerability": "CVE-2019-8805", "sightings": [{"uuid": "a82759fa-81c8-4011-94a0-56c9a00bdae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-8805", "type": "seen", "source": "Telegram/alIx9qIlpmmGnkg_Ew6NxLKjft95UpukwG8PAcOdsV6HcetL", "content": "", "creation_timestamp": "2024-08-01T22:50:45.000000Z"}, {"uuid": "fcd2caa2-b7f7-4bf3-a6e4-0bdbe10b56a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-8805", "type": "seen", "source": "https://t.me/cyber_hsecurity/1613", "content": "3. \u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a:\n   - \u064a\u0633\u062a\u063a\u0644 \u0627\u0644\u0643\u0648\u062f \u0627\u0644\u0636\u0627\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0644\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0645\u0646 \u062f\u0627\u062e\u0644 \u0627\u0644\u0622\u0644\u0629 \u0627\u0644\u0627\u0641\u062a\u0631\u0627\u0636\u064a\u0629 \u0625\u0644\u0649 \u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0627\u0644\u0645\u0636\u064a\u0641 (host operating system). \u0647\u0630\u0627 \u064a\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0645\u0646 \u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u062f\u064a\u0631 \u0648\u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0636\u0627\u0631\u0629 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632 \u0627\u0644\u0643\u0645\u0628\u064a\u0648\u062a\u0631.\n\n\u0643\u064a\u0641\u064a\u0629 \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 CVE-2024-33352\u061f\n\n\u0644\u062d\u0645\u0627\u064a\u0629 \u0646\u0641\u0633\u0643 \u0645\u0646 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629\u060c \u064a\u062c\u0628 \u0627\u062a\u0628\u0627\u0639 \u0627\u0644\u062e\u0637\u0648\u0627\u062a \u0627\u0644\u062a\u0627\u0644\u064a\u0629:\n\n1. \u062a\u062d\u062f\u064a\u062b BlueStacks:\n   - \u062a\u0623\u0643\u062f \u0645\u0646 \u062a\u062d\u062f\u064a\u062b BlueStacks \u0625\u0644\u0649 \u0623\u062d\u062f\u062b \u0625\u0635\u062f\u0627\u0631 \u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u062a\u0635\u062d\u064a\u062d\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646 \u0627\u0644\u0644\u0627\u0632\u0645\u0629. \u062a\u0642\u0648\u0645 \u0627\u0644\u0634\u0631\u0643\u0629 \u0627\u0644\u0645\u0637\u0648\u0631\u0629 \u0628\u0625\u0635\u062f\u0627\u0631 \u062a\u062d\u062f\u064a\u062b\u0627\u062a \u062f\u0648\u0631\u064a\u0629 \u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629.\n\n2. \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0628\u0631\u0627\u0645\u062c \u0645\u0643\u0627\u0641\u062d\u0629 \u0627\u0644\u0641\u064a\u0631\u0648\u0633\u0627\u062a:\n   - \u0627\u0633\u062a\u062e\u062f\u0645 \u0628\u0631\u0627\u0645\u062c \u0645\u0643\u0627\u0641\u062d\u0629 \u0627\u0644\u0641\u064a\u0631\u0648\u0633\u0627\u062a \u0627\u0644\u0645\u062d\u062f\u062b\u0629 \u0644\u0644\u0643\u0634\u0641 \u0639\u0646 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0636\u0627\u0631\u0629 \u0648\u0645\u0646\u0639\u0647\u0627 \u0645\u0646 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u062f\u0627\u062e\u0644 BlueStacks.\n\n3. \u062a\u062c\u0646\u0628 \u062a\u0646\u0632\u064a\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0645\u0646 \u0645\u0635\u0627\u062f\u0631 \u063a\u064a\u0631 \u0645\u0648\u062b\u0648\u0642\u0629:\n   - \u0642\u0645 \u0628\u062a\u0646\u0632\u064a\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0641\u0642\u0637 \u0645\u0646 \u0645\u062a\u0627\u062c\u0631 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0645\u0648\u062b\u0648\u0642\u0629 \u0645\u062b\u0644 Google Play. \u062a\u062c\u0646\u0628 \u062a\u0646\u0632\u064a\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0645\u0646 \u0645\u0635\u0627\u062f\u0631 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641\u0629 \u0623\u0648 \u0645\u0634\u0628\u0648\u0647\u0629.\n\n\u0627\u0644\u062e\u0644\u0627\u0635\u0629:\n\n\u062a\u0639\u062a\u0628\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 CVE-2024-33352 \u0641\u064a BlueStacks \u062a\u0647\u062f\u064a\u062f\u064b\u0627 \u062e\u0637\u064a\u0631\u064b\u0627 \u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u0633\u062a\u063a\u0644\u0647 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0644\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0648\u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0636\u0627\u0631\u0629 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632 \u0627\u0644\u0643\u0645\u0628\u064a\u0648\u062a\u0631. \u0645\u0646 \u0627\u0644\u0645\u0647\u0645 \u0623\u0646 \u062a\u0643\u0648\u0646 \u0639\u0644\u0649 \u062f\u0631\u0627\u064a\u0629 \u0628\u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0648\u062a\u062a\u062e\u0630 \u0627\u0644\u0625\u062c\u0631\u0627\u0621\u0627\u062a \u0627\u0644\u0644\u0627\u0632\u0645\u0629 \u0644\u062d\u0645\u0627\u064a\u0629 \u0646\u0641\u0633\u0643\u060c \u0645\u062b\u0644 \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0648\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0628\u0631\u0627\u0645\u062c \u0645\u0643\u0627\u0641\u062d\u0629 \u0627\u0644\u0641\u064a\u0631\u0648\u0633\u0627\u062a \u0648\u062a\u062c\u0646\u0628 \u062a\u0646\u0632\u064a\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0645\u0646 \u0645\u0635\u0627\u062f\u0631 \u063a\u064a\u0631 \u0645\u0648\u062b\u0648\u0642\u0629.\n\n\nhttps://github.com/mmiszczyk/CVE-2024-33352\n\nABO TURAB:\n### CVE-2019-8805: \u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0641\u064a \u0625\u0637\u0627\u0631 \u0639\u0645\u0644 Apple EndpointSecurity\n\n#### \u0645\u0642\u062f\u0645\u0629:\n\u0627\u0644\u0645\u0642\u0627\u0644\u0629 \u062a\u062a\u0646\u0627\u0648\u0644 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0625\u0637\u0627\u0631 \u0639\u0645\u0644 EndpointSecurity \u0627\u0644\u062e\u0627\u0635 \u0628\u0634\u0631\u0643\u0629 Apple\u060c \u062a\u064f\u0639\u0631\u0641 \u0628\u0627\u0633\u0645 CVE-2019-8805. \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u0632\u064a\u0627\u062f\u0629 \u0635\u0644\u0627\u062d\u064a\u0627\u062a\u0647\u0645 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645\u060c \u0645\u0645\u0627 \u064a\u0645\u0646\u062d\u0647\u0645 \u0627\u0644\u0642\u062f\u0631\u0629 \u0639\u0644\u0649 \u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0643\u0645\u0633\u0624\u0648\u0644 \u0627\u0644\u0646\u0638\u0627\u0645.\n\n#### \u0627\u0644\u0646\u0642\u0627\u0637 \u0627\u0644\u0631\u0626\u064a\u0633\u064a\u0629:\n\n1. \u0645\u0627 \u0647\u064a \u0627\u0644\u062b\u063a\u0631\u0629 (CVE-2019-8805):\n   - \u062a\u0639\u0631\u064a\u0641: CVE-2019-8805 \u0647\u064a \u062b\u063a\u0631\u0629 \u0641\u064a \u0625\u0637\u0627\u0631 \u0639\u0645\u0644 EndpointSecurity \u0627\u0644\u062e\u0627\u0635 \u0628\u0646\u0638\u0627\u0645 macOS\u060c \u0648\u0627\u0644\u062a\u064a \u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a.\n   - \u0643\u064a\u0641 \u062a\u0639\u0645\u0644: \u0627\u0644\u062b\u063a\u0631\u0629 \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u062c\u0627\u0648\u0632 \u0642\u064a\u0648\u062f \u0627\u0644\u0623\u0645\u0627\u0646 \u0648\u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0623\u0639\u0644\u0649 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645\u060c \u0645\u0645\u0627 \u064a\u0645\u0643\u0646\u0647\u0645 \u0645\u0646 \u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0628\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0627\u0644\u0645\u0633\u0624\u0648\u0644.\n\n2. \u0643\u064a\u0641 \u064a\u062a\u0645 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629:\n   - \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0645\u062d\u0644\u064a: \u064a\u062c\u0628 \u0623\u0646 \u064a\u0643\u0648\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0642\u0627\u062f\u0631\u064b\u0627 \u0639\u0644\u0649 \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641. \u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u062d\u062f\u062b \u0630\u0644\u0643 \u0625\u0630\u0627 \u0643\u0627\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0642\u062f \u062d\u0635\u0644 \u0628\u0627\u0644\u0641\u0639\u0644 \u0639\u0644\u0649 \u0648\u0635\u0648\u0644 \u0645\u062d\u062f\u0648\u062f \u0625\u0644\u0649 \u0627\u0644\u062c\u0647\u0627\u0632.\n   - \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629: \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u064a\u0633\u062a\u063a\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0636\u0627\u0631\u0629 \u0628\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0623\u0639\u0644\u0649\u060c \u0645\u0645\u0627 \u064a\u0645\u0646\u062d\u0647 \u0627\u0644\u0633\u064a\u0637\u0631\u0629 \u0627\u0644\u0643\u0627\u0645\u0644\u0629 \u0639\u0644\u0649 \u0627\u0644\u062c\u0647\u0627\u0632.\n\n3. \u0623\u0645\u062b\u0644\u0629 \u0628\u0633\u064a\u0637\u0629:\n   - \u0645\u062b\u0627\u0644 1: \u0644\u0646\u0641\u062a\u0631\u0636 \u0623\u0646 \u0647\u0646\u0627\u0643 \u0645\u0648\u0638\u0641\u064b\u0627 \u064a\u064f\u062f\u0639\u0649 \u0623\u062d\u0645\u062f \u064a\u0639\u0645\u0644 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632 macOS. \u0623\u062d\u0645\u062f \u064a\u0641\u062a\u062d \u0645\u0631\u0641\u0642 \u0628\u0631\u064a\u062f \u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a \u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0628\u0631\u0646\u0627\u0645\u062c \u0636\u0627\u0631. \u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c \u064a\u0633\u062a\u063a\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 CVE-2019-8805 \u0644\u0632\u064a\u0627\u062f\u0629 \u0635\u0644\u0627\u062d\u064a\u0627\u062a\u0647\u060c \u0645\u0645\u0627 \u064a\u0645\u0646\u062d \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0627\u0644\u0642\u062f\u0631\u0629 \u0639\u0644\u0649 \u0627\u0644\u062a\u062d\u0643\u0645 \u0627\u0644\u0643\u0627\u0645\u0644 \u0641\u064a \u062c\u0647\u0627\u0632 \u0623\u062d\u0645\u062f.\n   - \u0645\u062b\u0627\u0644 2: \u0633\u0627\u0631\u0629 \u062a\u0642\u0648\u0645 \u0628\u062a\u0646\u0632\u064a\u0644 \u062a\u0637\u0628\u064a\u0642 \u0645\u0646 \u0645\u0635\u062f\u0631 \u063a\u064a\u0631 \u0645\u0648\u062b\u0648\u0642. \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u062a\u0633\u062a\u063a\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 CVE-2019-8805. \u0628\u0645\u062c\u0631\u062f \u062a\u062b\u0628\u064a\u062a \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u060c \u064a\u062a\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0645\u0646 \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u062d\u0633\u0627\u0633\u0629 \u0648\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0643\u0645\u0633\u0624\u0648\u0644.\n\n4. \u0643\u064a\u0641 \u062a\u062d\u0645\u064a \u0646\u0641\u0633\u0643:\n   - \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0646\u0638\u0627\u0645: \u062a\u0623\u0643\u062f \u062f\u0627\u0626\u0645\u064b\u0627 \u0645\u0646 \u0623\u0646 \u0646\u0638\u0627\u0645 macOS \u0645\u062d\u062f\u062b \u0625\u0644\u0649 \u0622\u062e\u0631 \u0625\u0635\u062f\u0627\u0631\u060c \u062d\u064a\u062b \u064a\u062a\u0645 \u0625\u0635\u0644\u0627\u062d \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0627\u0644\u062a\u062d\u062f\u064a\u062b\u0627\u062a \u0627\u0644\u062c\u062f\u064a\u062f\u0629.\n   - \u0627\u0644\u062d\u0630\u0631 \u0639\u0646\u062f \u062a\u0646\u0632\u064a\u0644 \u0627\u0644\u0628\u0631\u0627\u0645\u062c: \u0644\u0627 \u062a\u0642\u0645 \u0628\u062a\u0646\u0632\u064a\u0644 \u0623\u0648 \u062a\u062b\u0628\u064a\u062a \u0628\u0631\u0627\u0645\u062c \u0645\u0646 \u0645\u0635\u0627\u062f\u0631 \u063a\u064a\u0631 \u0645\u0648\u062b\u0648\u0642\u0629.\n   - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u062d\u0645\u0627\u064a\u0629: \u062a\u062b\u0628\u064a\u062a \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632\u0643 \u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u0633\u0627\u0639\u062f \u0641\u064a \u0627\u0643\u062a\u0634\u0627\u0641 \u0648\u0625\u064a\u0642\u0627\u0641 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0636\u0627\u0631\u0629.\n\n#### \u062e\u0644\u0627\u0635\u0629:\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2019-8805 \u0641\u064a \u0625\u0637\u0627\u0631 \u0639\u0645\u0644 Apple EndpointSecurity \u062a\u064f\u0638\u0647\u0631 \u0643\u064a\u0641 \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0644\u0632\u064a\u0627\u062f\u0629 \u0635\u0644\u0627\u062d\u064a\u0627\u062a\u0647\u0645 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645. \u0645\u0646 \u0627\u0644\u0645\u0647\u0645 \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0646\u0638\u0627\u0645 \u0628\u0627\u0646\u062a\u0638\u0627\u0645 \u0648\u0627\u0644\u062d\u0630\u0631 \u0639\u0646\u062f \u062a\u0646\u0632\u064a\u0644 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0644\u062d\u0645\u0627\u064a\u0629 \u0646\u0641\u0633\u0643 \u0645\u0646 \u0647\u0630\u0647 \u0627\u0644\u0647\u062c\u0645\u0627\u062a.\n\nALSED404:\n\u062a\u0645 \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0639\u0627\u0644\u064a\u0629 \u0627\u0644\u062e\u0637\u0648\u0631\u0629 (CVE-2024-6242) \u0641\u064a \u0623\u062c\u0647\u0632\u0629 Rockwell Automation ControlLogix 1756.\n\n\u0642\u062f \u064a\u0624\u062f\u064a \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0625\u0644\u0649 \u0625\u0635\u062f\u0627\u0631 \u0623\u0648\u0627\u0645\u0631 CIP \u063a\u064a\u0631 \u0645\u0635\u0631\u062d \u0628\u0647\u0627\u060c \u0645\u0645\u0627 \u064a\u0624\u062b\u0631 \u0639\u0644\u0649 \u062a\u0643\u0648\u064a\u0646\u0627\u062a \u0627\u0644\u062c\u0647\u0627\u0632 \u0648\u0645\u0634\u0627\u0631\u064a\u0639 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645.\n\u0627\u0642\u0631\u0623: https://thehackernews.com/2024/08/critical-flaw-in-rockwell-automation.html\n\nThe Smart Shadow:\n\u0646\u0638\u0631\u0629 \u0639\u0627\u0645\u0629 \u0639\u0644\u0649 \u0627\u0644\u062a\u0642\u0631\u064a\u0631\n\u0627\u0644\u062a\u0642\u0631\u064a\u0631 \u0627\u0644\u0630\u064a \u0623\u0634\u0631\u062a \u0625\u0644\u064a\u0647 \u064a\u062a\u062d\u062f\u062b \u0639\u0646 \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u062a\u0637\u0628\u064a\u0642 kafka-ui\u060c \u0648\u0647\u064a \u0648\u0627\u062c\u0647\u0629 \u0645\u0633\u062a\u062e\u062f\u0645 \u0644\u0625\u062f\u0627\u0631\u0629 Apache Kafka. \u0627\u0644\u062a\u0642\u0631\u064a\u0631 \u064a\u0648\u0636\u062d \u0646\u0648\u0639\u064a\u0646 \u0645\u0646 \u0627\u0644\u062b\u063a\u0631\u0627\u062a:\n\n1. GHSL-2023-229: \u062b\u063a\u0631\u0629 XSS (Cross-Site Scripting)\n2. GHSL-2023-230: \u062b\u063a\u0631\u0629 \u0623\u062e\u0631\u0649 \u0644\u0645 \u064a\u062a\u0645 \u062a\u062d\u062f\u064a\u062f \u0646\u0648\u0639\u0647\u0627 \u0628\u0634\u0643\u0644 \u0648\u0627\u0636\u062d \u0641\u064a \u0627\u0644\u0639\u0646\u0648\u0627\u0646\n\n### GHSL-2023-229: \u062b\u063a\u0631\u0629 XSS\n\u062b\u063a\u0631\u0629 XSS \u062a\u062d\u062f\u062b \u0639\u0646\u062f\u0645\u0627 \u064a\u062a\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0645\u0646 \u062d\u0642\u0646 \u0634\u064a\u0641\u0631\u0629 JavaScript \u0636\u0627\u0631\u0629 \u0641\u064a \u0635\u0641\u062d\u0629 \u0648\u064a\u0628\u060c \u0648\u0627\u0644\u062a\u064a \u064a\u062a\u0645 \u062a\u0646\u0641\u064a\u0630\u0647\u0627 \u0641\u064a \u0645\u062a\u0635\u0641\u062d \u0627\u0644\u0636\u062d\u064a\u0629.\n\n#### \u0627\u0644\u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u0636\u0639\u064a\u0641\u0629 (Vulnerable method):\n\u0644\u0646\u0641\u062a\u0631\u0636 \u0623\u0646 \u0644\u062f\u064a\u0646\u0627 \u0637\u0631\u064a\u0642\u0629 \u0641\u064a \u0627\u0644\u0643\u0648\u062f \u062a\u0639\u0631\u0636 \u0645\u062f\u062e\u0644\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0645\u0628\u0627\u0634\u0631\u0629 \u0641\u064a \u0635\u0641\u062d\u0629 HTML \u062f\u0648\u0646 \u062a\u0646\u0642\u064a\u0629:", "creation_timestamp": "2024-12-13T19:00:22.000000Z"}, {"uuid": "4bd26034-4880-4410-955c-b34493f550d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-8805", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/573", "content": "#exploit\n1. CVE-2024-41003:\nLinux Kernel Vulnerability in the eBPF verifier register limit tracking\nhttps://github.com/google/security-research/security/advisories/GHSA-hfqc-63c7-rj9f\n\n2. CVE-2023-52251,\nCVE-2023-25194,\nCVE-2024-32030:\n3 ways to get RCE in Kafka UI\nhttps://github.blog/security/vulnerability-research/3-ways-to-get-remote-code-execution-in-kafka-ui\n\n3. CVE-2019-8805:\nApple EndpointSecurity Privilege Escalation\nhttps://blog.securelayer7.net/applied-endpointsecurity-framework-previlege-escalation\n]-&gt; PoC: https://github.com/securelayer7/CVE-2019-8805", "creation_timestamp": "2024-07-24T14:14:49.000000Z"}, {"uuid": "3543ab9a-b5e9-41de-833f-6f246010afe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-8805", "type": "seen", "source": "https://t.me/thebugbountyhunter/8960", "content": "CVE-2019-8805: Apple EndpointSecurity framework Privilege Escalation\n\nhttps://blog.securelayer7.net/applied-endpointsecurity-framework-previlege-escalation/", "creation_timestamp": "2024-07-24T09:39:46.000000Z"}, {"uuid": "42ec653a-ef76-4c78-827c-41b0a80d7047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-8805", "type": "seen", "source": "https://t.me/ctinow/176831", "content": "https://ift.tt/xBoQG8F\nCVE-2019-8805 | Apple macOS up to 10.15.0 System Extensions input validation (HT210722)", "creation_timestamp": "2024-01-31T15:41:36.000000Z"}, {"uuid": "8c5e6c0e-4606-4582-a0f9-5fb456cfc9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-8805", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10876", "content": "#exploit\n1. CVE-2024-41003:\nLinux Kernel Vulnerability in the eBPF verifier register limit tracking\nhttps://github.com/google/security-research/security/advisories/GHSA-hfqc-63c7-rj9f\n\n2. CVE-2023-52251,\nCVE-2023-25194,\nCVE-2024-32030:\n3 ways to get RCE in Kafka UI\nhttps://github.blog/security/vulnerability-research/3-ways-to-get-remote-code-execution-in-kafka-ui\n\n3. CVE-2019-8805:\nApple EndpointSecurity Privilege Escalation\nhttps://blog.securelayer7.net/applied-endpointsecurity-framework-previlege-escalation\n]-&gt; PoC: https://github.com/securelayer7/CVE-2019-8805", "creation_timestamp": "2024-07-24T12:51:30.000000Z"}]}