{"vulnerability": "CVE-2020-1504", "sightings": [{"uuid": "841caad6-6e33-4274-a975-9580a13cafd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1504", "type": "seen", "source": "https://t.me/anwar1213xx/979", "content": "\u062b\u063a\u0631\u0627\u062a \u0644\u0625\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0648\u064a\u0646\u062f\u0648\u0632 :\n\n\u0643\u0644 \u0645\u0646 \u064a\u0633\u062a\u062e\u062f\u0645 \u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0648\u064a\u0646\u062f\u0648\u0632 \u0623\u0648 \u062d\u0632\u0645\u0629 \u062a\u0637\u0628\u064a\u0642\u0627\u062a Microsoft Office \u064a\u062c\u0628 \u0639\u0644\u064a\u0647 \u0623\u0646 \u064a\u062d\u062f\u062b\u0647\u0645\u060c \u064a\u0648\u062c\u062f \u062a\u062d\u062f\u064a\u062b\u0627\u062a \u0635\u062f\u0631\u062a \u0644\u062a\u0631\u0642\u064a\u0639 120 \u062b\u063a\u0631\u0629 \u0645\u0646\u0647\u0645 18 \u062b\u063a\u0631\u0629 \u062f\u0631\u062c\u0629 \u062e\u0637\u0648\u0631\u062a\u0647\u0645 \u0645\u0635\u0646\u0641\u0647 \u0643\u0640 \"\u062d\u0631\u062c\u0629\" \u06482 \u0628\u0627\u0644\u0641\u0639\u0644 \u064a\u062a\u0645 \u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0645 \u0628\u0634\u0643\u0644 \u0643\u0628\u064a\u0631\n\u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u062a\u0639\u0631\u0636 \u062c\u0647\u0627\u0632\u0643 \u0644\u0644\u0625\u062e\u062a\u0631\u0627\u0642 \u0641\u064a \u0627\u0644\u062d\u0627\u0644\u0627\u062a \u0627\u0644\u062a\u0627\u0644\u064a\u0629:\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1525 \u0648 CVE-2020-1585 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062a\u0634\u063a\u064a\u0644 \u0645\u0644\u0641 \u0641\u064a\u062f\u064a\u0648.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1548 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062a\u0634\u063a\u064a\u0644 \u0645\u0644\u0641 \u0635\u0648\u062a.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1560 \u0648 CVE-2020-1574 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062a\u0634\u063a\u064a\u0644 \u0645\u0644\u0641 \u0635\u0648\u0631\u0629.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1483 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u0649 \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0625\u0630\u0627 \u0642\u0645\u062a \u0628\u0633\u062a\u062e\u062f\u0645 \u062a\u0637\u0628\u064a\u0642 Microsoft Outlook \u0641\u064a \u0625\u0633\u062a\u0644\u0627\u0645 \u0627\u0644\u0631\u0633\u0627\u0626\u0644.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1567 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0625\u0630\u0627 \u062d\u0627\u0648\u0644\u062a \u0623\u0646 \u062a\u0642\u0648\u0645 \u0628\u062a\u062d\u0631\u064a\u0631 edit \u0644\u0635\u0641\u062d\u0629 HTML.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1380 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0625\u0630\u0627 \u062d\u0627\u0648\u0644\u062a \u062a\u0641\u062a\u062d \u0645\u0648\u0642\u0639 \u0645\u0639\u064a\u0646 \u0639\u0644\u0649 \u0645\u062a\u0635\u0641\u062d Internet Explorer 11.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1472 \u0627\u0644\u0645\u0648\u062c\u0648\u062f\u0629 \u0641\u0649 \u0645\u0643\u0648\u0646 NetLogon \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u0649 \u0631\u0641\u0639 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u062e\u062a\u0631\u0642 \u0648\u062a\u0633\u0645\u062d \u0644\u0647 \u0628\u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0641\u064a \u062d\u0627\u0644\u0629 \u0645\u0627 \u0625\u0630\u0627 \u0643\u0627\u0646 \u0645\u062a\u0635\u0644 \u0639\u0644\u0649 Domain Controller (DC) \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0641\u0649 \u0627\u0644\u063a\u0627\u0644\u0628 \u062f\u0627\u062e\u0644 \u0627\u0644\u0645\u0624\u0633\u0633\u0627\u062a.\n\u0627\u0644\u062b\u063a\u0631\u0627\u0629 CVE-2020-1494 \u0648 CVE-2020-1495 \u0648 CVE-2020-1496 \u0648 CVE-2020-1504 \u0648 CVE-2020-1498 \u0645\u0645\u0643\u0646 \u0623\u0646 \u064a\u062a\u0633\u0628\u0628\u0648 \u0641\u0649 \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0627\u0646 \u0641\u062a\u062d\u062a \u0645\u0644\u0641 Excel sheet \u0639\u0644\u0649 \u0627\u0644\u0627\u0635\u062f\u0627\u0631 \u0627\u0644\u0645\u0635\u0627\u0628 \u0645\u0646 Microsoft Excel.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1571 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u0649 \u0631\u0641\u0639 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u062e\u062a\u0631\u0642 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0625\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0645\u0633\u0624\u0648\u0644 \u0639\u0646 \u062a\u0646\u0635\u064a\u0628 \u0646\u0633\u062e\u0629 \u0627\u0644\u0648\u064a\u0646\u062f\u0648\u0632 \u0646\u0641\u0633\u0647\u0627\n\nThe Yemeni ghost\nMy pride is crazy", "creation_timestamp": "2021-10-08T16:50:51.000000Z"}, {"uuid": "82637736-96f1-415b-adb7-3d4a189dd788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15048", "type": "seen", "source": "https://gist.github.com/sankethj/249a775d52cb74d54393c86738922910", "content": "", "creation_timestamp": "2025-10-07T03:56:54.000000Z"}, {"uuid": "c74afe6a-609d-4953-920e-0d4b7011378e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1504", "type": "exploited", "source": "Telegram/t56b3Q9Pzy6RNlSuP7aXlCGnrtD_6yp__frASOXq_ro", "content": "", "creation_timestamp": "2021-10-08T16:50:48.000000Z"}, {"uuid": "8c2240b4-7c55-4070-93b3-4f28e50f4baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15046", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1395", "content": "#exploit\nCVE-2020-15046:\nSupermicro IPMI WEBGUI\n(X10DRH-iT motherboards with Bios 2.0a and IPMI firmware 03.40 web interface) - CSRF\nhttps://www.totalpentest.com/post/supermicro-ipmi-webgui-cross-site-request-forgery", "creation_timestamp": "2022-06-08T21:37:47.000000Z"}, {"uuid": "b61ad3e4-0a5f-4ea4-9546-5e91c6838b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15048", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1749", "content": "#Offensive_security\n1. Collection of various techniques to bypass Linux Kernel Address Space Layout Randomization (KASLR) and retrieve the kernel base virtual address on x86/x86_64 architectures as an unprivileged local user\nhttps://github.com/bcoles/kasld\n2. Espressif ESP32: Bypassing Flash Encryption (CVE-2020-15048)\nhttps://raelize.com/blog/espressif-systems-esp32-bypassing-flash-encryption", "creation_timestamp": "2023-02-25T05:56:12.000000Z"}, {"uuid": "ad2c0698-7a0e-4f0f-be70-29d41e47176a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15048", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1764", "content": "#Red_Team_Tactics\n1. Bypassing Flash Encryption by leveraging a design weakness (CVE-2020-15048) in combination with EMFI\nhttps://raelize.com/posts/espressif-systems-esp32-bypassing-flash-encryption\n2. Run as SYSTEM using Evil-WinRM\nhttps://malicious.link/post/2020/run-as-system-using-evil-winrm", "creation_timestamp": "2024-05-08T02:57:25.000000Z"}]}