{"vulnerability": "CVE-2021-1732", "sightings": [{"uuid": "aa43a3ee-a7e7-41ec-94ab-af24fe29e12d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "d01c1389-f0fd-41c6-84b9-2de090c6380b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "5ac2c89f-36ab-4920-add2-351148f32b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971017", "content": "", "creation_timestamp": "2024-12-24T20:23:06.211144Z"}, {"uuid": "d36bb5d9-9afb-4a0c-8c88-2a1cd1ebdc28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "759bb4e3-e696-4e27-9320-1e04b1b2c9c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:50.000000Z"}, {"uuid": "67649031-fcca-4845-8676-51fe01b456e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:33.000000Z"}, {"uuid": "464ae42e-3ed0-4f72-b8f5-75d4510b7c76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:03.000000Z"}, {"uuid": "19d6fdcb-09f9-44be-b5e2-10042a8f9845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2022_21882_win32k.rb", "content": "", "creation_timestamp": "2022-02-25T22:15:27.000000Z"}, {"uuid": "5c21544e-5cc1-4a5b-9650-6091221973f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://gist.github.com/josephb4224/1d49fcfaa37fb1523b5451314f37b669", "content": "", "creation_timestamp": "2026-03-16T13:31:31.000000Z"}, {"uuid": "c6316186-9029-4b61-85f9-ac32ca49f31a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://gist.github.com/garagon/85a72cafb243e1a793677270ca7fad6d", "content": "", "creation_timestamp": "2026-02-17T13:27:58.000000Z"}, {"uuid": "5797d37e-0230-4310-a8a7-f00159700bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/ckuRED/59", "content": "Pakistan \ud83c\uddf5\ud83c\uddf0 | Zero-Day | Cyber-War: The 32bit version of CVE-2021-1732 was recently uploaded to Virus Total from Pakistan. The 0-day exploit was used by Bitter APT and developed by the US-based offensive company Exodus Intelligence (aka \u201cMoses\u201d).\n\nhttps://www.virustotal.com/gui/file/ee2d53303e2c5a2787dad11e3a0abce5ea0ff9a4219e963e69a4054a11efc628\n\nSource: CP-Research", "creation_timestamp": "2021-11-16T16:22:32.000000Z"}, {"uuid": "83f5f633-96bf-4438-ad4f-f0a8dedba3bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=550", "content": "", "creation_timestamp": "2021-02-10T04:00:00.000000Z"}, {"uuid": "f7cd98ec-fac6-4600-9560-d89f17437710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5037", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-1732 (Proof of Concept)\n\nhttps://github.com/Pai-Po/CVE-2021-1732", "creation_timestamp": "2021-04-24T07:47:59.000000Z"}, {"uuid": "d44d519b-cac6-4b72-a66d-b4d46c46d428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a57b872c-aea7-4dc5-b9c6-f7a429b8887b", "content": "", "creation_timestamp": "2026-02-02T12:28:51.873692Z"}, {"uuid": "fe6b789b-d588-4d68-9775-17eb091c1ccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/cKure/4024", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-1732: Microsoft says that a high-severity Windows zero-day vulnerability\u00a0patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its\u00a0telemetry data.\n\nhttps://www.bleepingcomputer.com/news/security/recently-fixed-windows-zero-day-actively-exploited-since-mid-2020/", "creation_timestamp": "2021-02-20T17:12:19.000000Z"}, {"uuid": "4a04951a-71ff-4846-b6b4-42752673e4b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/cKure/8066", "content": "Pakistan \ud83c\uddf5\ud83c\uddf0 | Zero-Day | Cyber-War: The 32bit version of CVE-2021-1732 was recently uploaded to Virus Total from Pakistan. The 0-day exploit was used by Bitter APT and developed by the US-based offensive company Exodus Intelligence (aka \u201cMoses\u201d).\n\nhttps://www.virustotal.com/gui/file/ee2d53303e2c5a2787dad11e3a0abce5ea0ff9a4219e963e69a4054a11efc628\n\nSource: CP-Research", "creation_timestamp": "2021-11-16T16:22:42.000000Z"}, {"uuid": "a38128a3-5907-4517-8562-5940275a68ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/infobes/305", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html?m=1#click=https://t.co/z6FHjamuUy\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2021-03-29T03:08:41.000000Z"}, {"uuid": "c1063cba-fe3b-44a9-9ae5-fb5f9e5aa27c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/orderofsixangles/1269", "content": "WINDOWS KERNEL ZERO-DAY EXPLOIT (CVE-2021-1732) IS USED BY BITTER APT IN TARGETED ATTACK\n\nhttps://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack/", "creation_timestamp": "2021-02-19T11:58:26.000000Z"}, {"uuid": "be82827e-7195-4d80-9efa-9ee9d85ff58f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/infobes/295", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 8 - 14)\nCVE-2021-26855, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22986, CVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nhttps://mobile.twitter.com/osama_hroot/status/1367258907601698816\nhttps://paper.seebug.org/1495\nCVE-2021-21300 - Git vulnerability\nhttps://t.me/cybersecuritytechnologies/2880\nCVE-2021-26411 - IE mshtml use-after-free\nhttps://t.me/cybersecuritytechnologies/2908", "creation_timestamp": "2021-03-15T04:50:46.000000Z"}, {"uuid": "f959e46c-e563-491c-a3e4-7b3b4991f1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "Telegram/QbKsrVZo62SnFgMaF2CMO5HKDx0dEQUP8BMaXCucwzSM5V8", "content": "", "creation_timestamp": "2025-01-20T22:00:06.000000Z"}, {"uuid": "9cf59cb5-3931-4731-abf5-e028b2d03770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/arpsyndicate/232", "content": "#ExploitObserverAlert\n\nCVE-2021-1732\n\nDESCRIPTION: Exploit Observer has 81 entries related to CVE-2021-1732. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.\n\nFIRST-EPSS: 0.006840000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T07:32:40.000000Z"}, {"uuid": "91d8939d-0293-4cd0-a497-bda786369c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1013", "content": "\u0414\u0430, \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u043e\u0442 \u043f\u043e\u0434\u043f\u0438\u0441\u0447\u0438\u043a\u043e\u0432 \u043f\u0440\u0438\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442\u0441\u044f!!\n\nhttps://github.com/Al1ex/WindowsElevation/tree/master/CVE-2021-1732\n\n\"\u0420\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0445\u043e\u0440\u043e\u0448\u043e, \n\u043f\u0440\u043e\u0431\u043e\u0432\u0430\u043b \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 + \u043a\u0440\u0438\u043f\u0442 \n\u0417\u0431\u0441\"\n\n#git", "creation_timestamp": "2021-04-29T08:36:00.000000Z"}, {"uuid": "432ed35c-27d1-42f8-a277-9e943b6bd597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/true_secator/3129", "content": "\u041d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u044c \u043d\u0430 \u0442\u0435 \u0436\u0435 \u0433\u0440\u0430\u0431\u043b\u0438 \u0432 \u043c\u0438\u0440\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u0430 \u201c\u043b\u0430\u0442\u0430\u0442\u044c \u0434\u044b\u0440\u044b\u201d \u043f\u043e\u0440\u043e\u0439, \u0441\u0442\u043e\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u043e\u0441\u043d\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e. \n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e \u0447\u0435\u043c \u0440\u0435\u0447\u044c, \u0430 \u0432\u043e\u0442 \u043e \u0447\u0435\u043c: \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 Google Project Zero \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2022 \u0433\u043e\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 18 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0430 \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d\u0430 9 \u0438\u0437 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 0-day, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443, \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c, \u0435\u0441\u043b\u0438 \u0431\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0430 4 \u043e\u0448\u0438\u0431\u043a\u0438 2022 \u0433\u043e\u0434\u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u043d\u0443\u043b\u0435\u0432\u044b\u0445 \u0434\u043d\u0435\u0439 2021 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u0430\u043c\u0430\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0438\u0437 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Follina \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Windows, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-30190, \u043f\u043e \u0441\u0443\u0442\u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f MSHTML, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u043a\u0430\u043a CVE-2021-40444.\n\nCVE-2022-21882 \u2014 \u044d\u0442\u043e \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e CVE-2021-1732 .\n\n\u041e\u0448\u0438\u0431\u043a\u0430 iOS IOMobileFrameBuffer (CVE-2022-22587) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0435\u0439 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 Chrome V8 (CVE-2022-1096) \u2014 \u044d\u0442\u043e \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u2014 CVE-2021-30983 \u0438 CVE-2021-30551 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0414\u0440\u0443\u0433\u0438\u043c\u0438 0-day 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f CVE-2022-1364 (Chrome), CVE-2022-22620 (WebKit), CVE-2021-39793 (Google Pixel), CVE-2022-26134 (Atlassian Confluence) \u0438 CVE-2022-26925 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a PetitPotam).\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0442\u0430\u043a, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u043c \u043f\u0443\u0442\u0435\u043c \u043b\u0438\u0431\u043e \u0441\u043d\u043e\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0435 \u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u042d\u0442\u043e \u0432\u0441\u0435\u0433\u0434\u0430 \u0433\u0440\u043e\u043c\u043a\u043e \u0438 \u0431\u043e\u043b\u044c\u043d\u043e, \u043d\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u0445\u043e\u0440\u043e\u0448\u043e \u043a\u043e\u0433\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b 0-day \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u043d\u0435\u0443\u0434\u0430\u0447\u0430 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u0434\u043b\u044f \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430 \u044d\u0442\u043e \u043f\u043e\u0434\u0430\u0440\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0437\u043d\u0430\u0442\u044c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 \u0432\u0435\u043a\u0442\u043e\u0440 \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0427\u0442\u043e\u0431\u044b \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u043d\u0430\u043b\u0438\u0437 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0447\u0438\u043d \u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0432\u043e\u0437\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a, \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f.", "creation_timestamp": "2022-07-04T20:00:05.000000Z"}, {"uuid": "8493a4ba-e60e-4d85-a954-e804f45912b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "Telegram/hn4EqhtjYBF3uW2imvaMvPSRNA6Id6rUWGxMt_qX0IYHBA", "content": "", "creation_timestamp": "2021-03-20T14:08:15.000000Z"}, {"uuid": "d896e078-a309-4e46-9732-7dc7778fed4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/534", "content": "CVE-2021-1732 Microsoft Windows 10 Privilege Escalation\n\n#CVE-2021-1732 #PrivilegeEscalation #Exploit #InfoSec\n#Hacking #CyberSecurity #cve #windows\n\nhttps://reconshell.com/cve-2021-1732-microsoft-windows-10-privilege-escalation/", "creation_timestamp": "2021-03-09T21:01:58.000000Z"}, {"uuid": "46f9bc71-bf3d-47b1-8751-b010f59617f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/true_secator/2574", "content": "\u041c\u044b \u0443\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043a\u043b\u0438\u0435\u043d\u0442\u044b Microsoft \u0441\u0442\u0430\u043b\u0438 \u0437\u0430\u043b\u043e\u0436\u043d\u0438\u043a\u0430\u043c\u0438 \u0442\u0440\u0443\u0434\u043d\u043e\u0433\u043e \u0432\u044b\u0431\u043e\u0440\u0430: \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u0439 PatchTuesday (\u0438 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u0442\u044c\u0441\u044f \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 L2TP, VPN, ReFS \u0438 Hyper-V) \u0438\u043b\u0438 \u0436\u0435 \u043e\u0442\u043a\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438. \u0410 \u0432\u044b\u0431\u043e\u0440 \u0432\u0441\u0435 \u0436\u0438 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0441\u0434\u0435\u043b\u0430\u0442\u044c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u00a0RyeLv \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 CVE-2022-21882, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432 Windows 10 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Win32k.sys.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Win32k \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u043c PatchTuesday \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u0440\u0430\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0CVE-2021-1732. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u043c\u043e\u0433\u0443\u0442 \u043b\u0435\u0433\u043a\u043e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043c\u043e\u0447\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c\u0441\u044f \u043f\u043e \u0441\u0435\u0442\u0438, \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u0420\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0443\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CERT/CC \u0423\u0438\u043b\u043b \u0414\u043e\u0440\u043c\u0430\u043d\u043d.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u043d\u0435\u0435 \u0443\u0436\u0435 \u043f\u043e\u043f\u0430\u0434\u0430\u043b\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0414\u0436\u0438\u043b\u0430 \u0414\u0430\u0431\u0430\u0445\u0430, \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0430\u00a0Piiano, \u0440\u0435\u0448\u0438\u0432\u0448\u0438\u043c \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443\u00a0\u043f\u043e\u0441\u043b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f Microsoft \u0443\u043c\u0435\u043d\u044c\u0448\u0438\u0442\u044c \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u044f\u00a0\u043f\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u044f \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043e\u043a. \u0418 \u044d\u0442\u043e \u0432\u0441\u0435 \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e CVE-2021-1732 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c APT Bitter (\u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0430\u044f \u043f\u0440\u043e\u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0430\u044f \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d\u0443 \u0438 \u041a\u0438\u0442\u0430\u044e, \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0441\u0442\u043e\u0438\u0442 \u0418\u043d\u0434\u0438\u044f) \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0432\u0448\u0438\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2022 \u0433\u043e\u0434\u0430, \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u044d\u0442\u043e \u043f\u043e\u0441\u043a\u043e\u0440\u0435\u0435, \u043f\u043e\u043c\u043d\u044f \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u043f\u0440\u0435\u0434\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u0430 CVE-2022-21882.", "creation_timestamp": "2022-01-31T17:10:00.000000Z"}, {"uuid": "a7ed0425-3b5d-4e4d-a451-bdce8c4bc776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/true_secator/1419", "content": "\u0427\u0443\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0435 \u0441\u0443\u0442\u043e\u043a \u043d\u0430\u0437\u0430\u0434 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u0412\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 56 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 11 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u043c\u0438.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 CVE-2021-1732, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u044f\u0434\u0440\u0435 Windows \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0430 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0432\u043b\u044f\u043b\u0430\u0441\u044c 0-day \u0438 \u043a\u0430\u0441\u0430\u043b\u0430\u0441\u044c \u0432\u0441\u0435\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows 10.\n\n\u0410 \u0443\u0436\u0435 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043d\u043e\u0447\u044c\u044e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f DBAPPSecurity \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2020 \u0433\u043e\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 CVE-2021-1732 \u0438 \u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 APT Bitter \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u0422\u0430\u043a\u0436\u0435 \u043a\u0438\u0442\u0430\u0439\u0446\u044b \u0434\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 PoC. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 - \"\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u0430 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432\u0435\u0441\u044c\u043c\u0430 \u0441\u043b\u043e\u0436\u0435\u043d\". \n\nAPT Bitter - \u044d\u0442\u043e \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0430\u044f \u043f\u0440\u043e\u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0430\u044f \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d\u0443 \u0438 \u041a\u0438\u0442\u0430\u044e. \u0418\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u0442\u0430\u043a\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0446\u0435\u043b\u0435\u0439, \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0437\u0430 \u043d\u0435\u0439 \u0441\u0442\u043e\u0438\u0442 \u0418\u043d\u0434\u0438\u044f.", "creation_timestamp": "2021-02-10T09:42:00.000000Z"}, {"uuid": "135b3cd7-86e7-4b47-87cb-1d9420dd29aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/35", "content": "CVE-2021-1732 Windows Win32k \u672c\u5730\u63d0\u6b0a\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-1732_Windows_Win32k_%E6%9C%AC%E5%9C%B0%E6%8F%90%E6%AC%8A%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:55.000000Z"}, {"uuid": "db65602b-f3a1-4e5b-b10c-ab6fb60fca44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3546", "content": "#Whitepaper\n\"Windows Win32k Elevation Of Privilege Vulnerability\", 2021.\n\n// Whitepaper called Windows Win32k EoP Vulnerability. It details exploitation and an overview of CVE-2021-1732", "creation_timestamp": "2022-05-26T04:37:35.000000Z"}, {"uuid": "018d5d23-965d-4e31-bd77-63a56c1d2ab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "Telegram/FfPIxdPyjBiUDhNNcRj-n9-EuZtgku9viGhLClinR3ejLTdr", "content": "", "creation_timestamp": "2022-01-05T22:34:26.000000Z"}, {"uuid": "4eb2bf82-04e3-44b2-8b5b-e82c7cede387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/BlueRedTeam/1663", "content": "#exploit\n1. CVE-2022-21882:\nwin32k LPE bypass CVE-2021-1732\nhttps://github.com/KaLendsi/CVE-2022-21882\n// tested on windows 20h2 19042\n\n2. Technical Analysis of CVE-2022-22583:\nBypassing macOS System Integrity Protection (SIP)\nhttps://perception-point.io/technical-analysis-of-cve-2022-22583-bypassing-macos-system-integrity-protection\n\n@BlueRedTeam", "creation_timestamp": "2023-04-04T19:41:45.000000Z"}, {"uuid": "a9a937d0-7caf-4ce4-adcc-e6a51a0af57f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3007", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2022-06-01T02:33:44.000000Z"}, {"uuid": "f01e0f91-c1e0-4728-8b6c-e1ad4bb67c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3219", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 19-25)\nCVE-2021-3156 Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 Win kernel 0-day\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-22204 Improper neutralization of user data in DjVu\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-26415 Win Installer EoP\nhttps://t.me/cybersecuritytechnologies/3186\nCVE-2021-3493 OverlayFS PE\nhttps://t.me/cybersecuritytechnologies/3164\nCVE-2021-26413 Win Installer Spoofing\nhttps://t.me/cybersecuritytechnologies/3176\nCVE-2016-7836 SKYSEA Client View Arbitrary Code Exec\nhttps://www.virusbulletin.com/virusbulletin/2020/05/vb2019-paper-apt-cases-exploiting-vulnerabilities-regionspecific-software\nCVE-2021-27905 Apache Solr SSRF\nhttps://t.me/cybersecuritytechnologies/3213", "creation_timestamp": "2021-04-26T11:02:21.000000Z"}, {"uuid": "976952b1-675e-4168-b954-74dc644f1844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2911", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 8 - 14)\nCVE-2021-26855, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22986, CVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nhttps://mobile.twitter.com/osama_hroot/status/1367258907601698816\nhttps://paper.seebug.org/1495\nCVE-2021-21300 - Git vulnerability\nhttps://t.me/cybersecuritytechnologies/2880\nCVE-2021-26411 - IE mshtml use-after-free\nhttps://t.me/cybersecuritytechnologies/2908", "creation_timestamp": "2021-03-15T11:00:37.000000Z"}, {"uuid": "359e0e3e-bd05-4330-a670-f886fd320162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/2679", "content": "#exploit\nCVE-2021-1732:\nWindows kernel zero-day exploit is used by BITTER APT in targeted attack\nhttps://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack\n]-> Exploit: https://github.com/KaLendsi/CVE-2021-1732-Exploit\n]-> PoC & Exp report: https://bbs.pediy.com/thread-266362.htm\n// all versions win10 are affected", "creation_timestamp": "2024-10-09T19:13:31.000000Z"}, {"uuid": "9150dccf-49eb-4c93-9602-ab52938cb95b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2815", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (feb 1-28)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-21972 - VMware vCenter RCE\nhttps://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477\nhttps://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC\nhttps://github.com/NS-Sp4ce/CVE-2021-21972\nhttps://github.com/yaunsky/CVE-2021-21972\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-25646 - Apache Druid <=0.20.1 RCE\nhttps://t.me/cybersecuritytechnologies/2639\nCVE-2020-27932 - A type confusion in MacOS 10.15.7\nhttps://t.me/cybersecuritytechnologies/2383\nCVE-2021-24074, CVE-2021-24094, CVE-2021-24086 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday", "creation_timestamp": "2021-03-03T05:37:03.000000Z"}, {"uuid": "8ddea511-8ffa-4a81-888c-f8783fee0d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5293", "content": "#exploit\n1. CVE-2022-21882:\nwin32k LPE bypass CVE-2021-1732\nhttps://github.com/KaLendsi/CVE-2022-21882\n// tested on windows 20h2 19042\n\n2. Technical Analysis of CVE-2022-22583:\nBypassing macOS System Integrity Protection (SIP)\nhttps://perception-point.io/technical-analysis-of-cve-2022-22583-bypassing-macos-system-integrity-protection", "creation_timestamp": "2022-01-28T12:07:13.000000Z"}, {"uuid": "1bb29a90-c692-40de-9bb5-e55009740656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "published-proof-of-concept", "source": "https://t.me/club31337/784", "content": "https://github.com/Al1ex/WindowsElevation/tree/master/CVE-2021-1732", "creation_timestamp": "2024-11-09T02:11:51.000000Z"}, {"uuid": "1e8cd540-645e-450f-bc9e-146bf91eb685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2759", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 15-21)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1647 - MS Defender RCE Vulnerability\nhttps://www.anquanke.com/post/id/231625\nCVE-2020-10759 - Dazed Blesbok\nhttps://t.me/cybersecuritytechnologies/1243\nCVE-2021-21976 - VMware Post-Auth RCE in vSphere Replication\nCVE-2021-3177 - Python 3 Buffer Overflow\nhttps://t.me/cybersecuritytechnologies/2740\nCVE-2020-8625 - A vulnerability in BIND's GSSAPI\nhttps://kb.isc.org/docs/cve-2020-8625\nCVE-2021-20655\nhttps://jvn.jp/en/jp/JVN58774946/index.html\nCVE-2021-1366 - A vulnerability in the interprocess communication channel of Cisco AnyConnect Secure Client\nhttps://www.coresecurity.com/core-labs/articles/analysis-cisco-anyconnect-posture-hostscan-local-privilege-escalation-cve-2021", "creation_timestamp": "2021-02-22T14:45:11.000000Z"}, {"uuid": "be982a0e-d610-4ae1-93ca-5277e925f463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1732", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2708", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 8-14)\nCVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT in targeted attack\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2020-2037 - Palo Alto PAN-OS vulnerability\nhttps://t.me/cybersecuritytechnologies/2687\nCVE-2021-24074, CVE-2021-24086, CVE-2021-24094 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE vulnerability\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-21017 - Acrobat Reader DC\u00a0a heap-based buffer overflow vulnerability\nhttps://threatpost.com/critical-adobe-windows-flaw/163789\nCVE-2020-24581 - D-Link DSL-2888A AU_2.31_V1x - RCE\nhttps://t.me/cybersecuritytechnologies/2670", "creation_timestamp": "2021-02-15T11:00:19.000000Z"}]}