{"vulnerability": "CVE-2021-2116", "sightings": [{"uuid": "41c125d3-4df9-43fb-b8e4-6b0cab9e42de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "MISP/b7fe5ed8-5b1e-4975-835c-ab44ab871d85", "content": "", "creation_timestamp": "2021-07-15T09:46:01.000000Z"}, {"uuid": "7935669a-9461-44ad-a1f1-e10331943584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "MISP/d6b6d679-acd8-4177-aaca-45eb41e2ecb0", "content": "", "creation_timestamp": "2021-07-15T19:53:03.000000Z"}, {"uuid": "74c800e9-7036-4069-936d-4eadd4336812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "e7bf2615-c69a-4e97-8f1f-be84d7256892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "9c562c06-2936-410d-949e-2edd764e477b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "MISP/d27b2507-c214-4bd5-bb3e-55e15ec9e760", "content": "", "creation_timestamp": "2024-11-14T06:09:44.000000Z"}, {"uuid": "ea3b9230-d375-4c17-aef8-dcdc9457ea61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971080", "content": "", "creation_timestamp": "2024-12-24T20:23:57.704622Z"}, {"uuid": "aeb77bcd-34cf-4bbd-b4bd-72b4f00fd301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=557", "content": "", "creation_timestamp": "2021-03-03T04:00:00.000000Z"}, {"uuid": "691c2d60-4be6-4354-b624-fcfbaed9b6dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=560", "content": "", "creation_timestamp": "2021-03-10T04:00:00.000000Z"}, {"uuid": "5d440408-9d2a-4eb5-9a28-d8e6c4bf08c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:51.000000Z"}, {"uuid": "047d3599-be3a-46df-a18d-519d661ac714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "exploited", "source": "https://t.me/cyberbannews_ir/3407", "content": "\u200d \ud83d\uded1\u0631\u0641\u0639 \u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631 \u06a9\u0631\u0648\u0645 \n\n\u0634\u0631\u06a9\u062a \u06af\u0648\u06af\u0644 \u0628\u0647\u200c\u062a\u0627\u0632\u06af\u06cc \u0645\u0631\u0648\u0631\u06af\u0631 \u06a9\u0631\u0648\u0645 \u0631\u0627 \u062a\u0627 \u0646\u0633\u062e\u0647 91.0.4472.114 \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0627\u062f\u0647 \u0648 4 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f \u06a9\u0647 \u06cc\u06a9\u06cc \u0627\u0632 \u0622\u0646\u200c\u0647\u0627 \u0632\u06cc\u0631\u0648\u062f\u06cc \u0628\u0648\u062f\u0647 \u0648 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2021-30554\u00bb \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u06af\u0648\u06af\u0644 \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u0646\u062f \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0641\u0639\u0627\u0644 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u062f\u0631 \u0627\u062e\u062a\u06cc\u0627\u0631 \u062f\u0627\u0631\u0646\u062f \u0648 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0622\u0646 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. \n\n\u0627\u06cc\u0646 \u06cc\u06a9 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0632 \u0646\u0648\u0639 use-after-free \u062f\u0631 \u062a\u0631\u06a9\u06cc\u0628 WebGL (Web Graphics Library) JavaScript API \u0627\u0633\u062a \u06a9\u0647 \u062c\u0647\u062a \u0631\u0646\u062f\u0631\u06cc\u0646\u06af \u06af\u0631\u0627\u0641\u06cc\u06a9\u200c\u0647\u0627\u06cc \u062a\u0639\u0627\u0645\u0644\u06cc 2D \u0648 3D \u0628\u062f\u0648\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u067e\u0644\u0627\u06af\u06cc\u0646\u200c\u0647\u0627 \u0645\u0648\u0631\u062f\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f. \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0646 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u062f\u0631 \u0631\u0627\u06cc\u0627\u0646\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u06a9\u0631\u0648\u0645 \u06af\u0631\u062f\u062f. \n\n\u0646\u0645\u0627\u06cc\u0646\u062f\u06af\u0627\u0646 \u06af\u0648\u06af\u0644 \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0648 \u0644\u06cc\u0646\u06a9\u200c\u0647\u0627 \u062a\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u0627\u06a9\u062b\u0631 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0646\u0633\u062e\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0631\u0627 \u0646\u0635\u0628 \u0646\u06a9\u0646\u0646\u062f\u060c \u0645\u062d\u062f\u0648\u062f \u0634\u0648\u062f. \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0686\u0646\u0627\u0646\u0686\u0647 \u0627\u0634\u06a9\u0627\u0644\u06cc \u062f\u0631 \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u062b\u0627\u0644\u062b \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u06a9\u0647 \u0633\u0627\u06cc\u0631 \u0628\u062e\u0634\u200c\u0647\u0627 \u0628\u0647 \u0631\u0648\u0634 \u0645\u0634\u0627\u0628\u0647 \u0628\u0647 \u0622\u0646 \u0648\u0627\u0628\u0633\u062a\u0647 \u0628\u0627\u0634\u0646\u062f \u0648 \u0647\u0646\u0648\u0632 \u0628\u0631\u0637\u0631\u0641 \u0646\u0634\u062f\u0647 \u0628\u0627\u0634\u062f\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0645\u062d\u062f\u0648\u062f\u06cc\u062a\u200c\u0647\u0627\u06cc \u0645\u0634\u0627\u0628\u0647 \u0627\u0639\u0645\u0627\u0644 \u0634\u0648\u0646\u062f. \n\n\u0627\u06cc\u0646 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0633\u0627\u0644 2021 \u0627\u0632 \u06a9\u0631\u0648\u0645 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a. \u067e\u06cc\u0634\u200c\u062a\u0631 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc CVE-2021-21148\u060c CVE-2021-21166\u060c CVE-2021-21193\u060c CVE-2021-21220 \u0648 CVE-2021-30551 \u0646\u06cc\u0632 \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0631\u0648\u0631\u06af\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f\u0647\u200c\u0627\u0646\u062f. \n\n\u0634\u0634\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u0646\u06cc\u0632 \u0686\u0646\u062f \u0631\u0648\u0632 \u067e\u06cc\u0634 \u0648\u0635\u0644\u0647 \u0634\u062f. \u06af\u0648\u06af\u0644 \u0645\u0631\u0648\u0631\u06af\u0631 \u06a9\u0631\u0648\u0645 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632\u060c \u0645\u06a9 \u0648 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062a\u0627 \u0646\u0633\u062e\u0647 91.0.4472.101 \u0628\u0647 \u0631\u0633\u0627\u0646\u06cc \u06a9\u0631\u062f\u0647 \u0648 \u0628\u0627 \u0631\u0641\u0639 14 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2021-30551\u00bb \u0631\u0627 \u0646\u06cc\u0632 \u0628\u0631\u0637\u0631\u0641 \u0646\u0645\u0648\u062f. \n\n#\u06af\u0648\u06af\u0644 \n\n@cyberbannews_ir", "creation_timestamp": "2021-06-19T11:23:57.000000Z"}, {"uuid": "e72a5777-455e-4f34-bf2f-2953c96c55e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-21166", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b2516fc5-6d22-4f70-b1d9-8cb2e61d9823", "content": "", "creation_timestamp": "2026-02-02T12:28:44.476519Z"}, {"uuid": "9b0a4ed8-7874-4aa6-8892-c5184ff91d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://t.me/arpsyndicate/1304", "content": "#ExploitObserverAlert\n\nCVE-2021-21166\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-21166. Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\nFIRST-EPSS: 0.028370000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T21:01:32.000000Z"}, {"uuid": "7d3c54ca-7f4d-4988-91c2-c64ebaec92e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "exploited", "source": "https://t.me/cKure/4156", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Google fixes second actively exploited Chrome zero-day bug this year.\n\nCVE-2021-21166\n\nhttps://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html?m=1\n\nhttps://www.bleepingcomputer.com/news/security/google-fixes-second-actively-exploited-chrome-zero-day-bug-this-year/", "creation_timestamp": "2021-03-03T05:01:48.000000Z"}, {"uuid": "2441bbfd-b80e-40c0-8447-7f32f667a3ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "Telegram/C-NrZeYM7srXyxTBV99IVMWEIaPck7V1p32RCmIQbixDCfTe", "content": "", "creation_timestamp": "2025-02-06T02:42:28.000000Z"}, {"uuid": "141f4277-9434-4eb0-9243-a1a5e236def2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "Telegram/PpyTR3jHPIjjfJTULyGgpiJ0z-GP6ckwaxe87B8jQoBY9IRb", "content": "", "creation_timestamp": "2025-02-06T02:41:38.000000Z"}, {"uuid": "2917c9ee-3554-481b-b9f2-f196d4ae2f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://t.me/NeKaspersky/554", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0432\u044b\u0448\u043b\u043e \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041f\u0435\u0440\u0432\u043e\u0435 - \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u0435\u0441\u043a\u0442\u043e\u043f\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Chrome, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-21166. \u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0435\u0451 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 7 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u0435\u0449\u0430\u044e\u0442, \u043a\u043e\u0433\u0434\u0430 \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0441\u044f. \n\n\u0412\u0442\u043e\u0440\u043e\u0435 - \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Microsoft Exchange. \u041f\u0430\u0442\u0447 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u0446\u0435\u043b\u044b\u0445 \u0447\u0435\u0442\u044b\u0440\u0435 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442-\u043a\u0438\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0438\u0442 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT Hafnium, \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u043e\u0433\u043b\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c RCE. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430.", "creation_timestamp": "2021-03-03T15:30:55.000000Z"}, {"uuid": "9829378d-aa73-48e5-9945-0b75dde3c6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "exploited", "source": "https://t.me/true_secator/1479", "content": "\u0412\u044b\u0448\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u0435\u0441\u043a\u0442\u043e\u043f\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Chrome 89.0.4389.72, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-21166, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f \u043d\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442 (\u043e\u0431\u0435\u0449\u0430\u044e\u0442 \u043f\u043e\u0437\u0436\u0435, \u043a\u043e\u0433\u0434\u0430 \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0441\u044f), \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043b\u0438\u0448\u044c, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u042d\u043b\u043b\u0438\u0441\u043e\u043d \u0425\u0430\u0444\u043c\u0430\u043d \u0438\u0437 Microsoft. \u041f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u043c, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE. \n\n\u041a\u0440\u043e\u043c\u0435 CVE-2021-21166 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0435\u0449\u0435 7 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u043a\u0443\u0447\u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0445. \u0422\u0435\u043c, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0435\u0441\u043a\u0442\u043e\u043f\u043d\u044b\u0439 Chrome - \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.", "creation_timestamp": "2021-03-03T08:49:41.000000Z"}, {"uuid": "433a87b4-7fa7-41ee-992b-f4ca94e4bc5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "exploited", "source": "https://t.me/true_secator/1926", "content": "\u041e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0434\u043b\u044f \u0441\u0435\u0431\u044f \u043d\u043e\u0432\u0443\u044e \u043f\u0430\u0440\u0430\u0434\u0438\u0433\u043c\u0443: \u0432\u0441\u0435 \u0447\u0430\u0449\u0435 \u043c\u0435\u0436\u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u044b \u043f\u0440\u043e\u0438\u0441\u0442\u0435\u043a\u0430\u044e\u0442 \u0438\u0437 IT-\u043f\u043b\u043e\u0441\u043a\u043e\u0441\u0442\u0438. \u0412\u043e\u0442 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442, \u0441\u0443\u0434\u0438\u0442\u0435 \u0441\u0430\u043c\u0438:\n\n1. \u041f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438 \u0432 \u043b\u0438\u0446\u0435 \u041d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0446\u0435\u043d\u0442\u0440\u0430 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (NCSC) \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u043e\u0437\u043b\u043e\u0436\u0438\u043b\u043e \u0432\u0438\u043d\u0443 \u0437\u0430 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 Microsoft Exchange Server \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ProxyLogon \u043d\u0430 \u041a\u041d\u0420, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u0432 \u0432 \u044d\u0442\u043e\u043c \u0432\u043e\u043f\u0440\u043e\u0441\u0435 \u0441\u0432\u043e\u0438\u0445 \u0441\u043e\u044e\u0437\u043d\u0438\u043a\u043e\u0432: \u0421\u0428\u0410, \u0415\u0421 \u0438 \u041d\u0410\u0422\u041e. \u0410\u043a\u0442\u043e\u0440\u043e\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438 APT Hafnium, \u0430 \u0432\u0441\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438 \u043a\u0440\u0443\u043f\u043d\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0435\u043c. \u041f\u043e\u0434 \u0440\u0430\u0437\u0434\u0430\u0447\u0443 \u043f\u043e\u043f\u0430\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043a\u0430\u043a APT40 \u0438 APT31, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0431\u0432\u0438\u043d\u0438\u043b\u0438 \u0432 \u0441\u0432\u044f\u0437\u044f\u0445 \u0441 \u041c\u0413\u0411 \u041a\u041d\u0420. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0431\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u043e\u0439 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438, APT40 \u0432\u0435\u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u0443 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 \u0438 \u0415\u0421, \u0430 APT31 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u044b\u0432\u0430\u043b\u043e \u0446\u0435\u043b\u0435\u0432\u043a\u0438 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u044f\u0442\u0435\u043b\u0435\u0439. \u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043d\u043e\u0432\u043e\u0433\u043e \u043a \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0431\u0440\u0438\u0442\u0430\u043d\u0446\u044b \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438. \u041d\u043e \u0432\u043e\u0442 \u041c\u0438\u043d\u044e\u0441\u0442 \u0421\u0428\u0410 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0431\u044a\u044f\u0432\u0438\u043b \u0432 \u0440\u043e\u0437\u044b\u0441\u043a 4 \u0433\u0440\u0430\u0436\u0434\u0430\u043d \u041a\u041d\u0420 - \u0447\u043b\u0435\u043d\u043e\u0432 \u0410\u0420\u0422 40, \u0430 3 \u0438\u0437 \u043d\u0438\u0445 - \u0431\u044b\u043b\u0438 \u043e\u0444\u0438\u0446\u0435\u0440\u0430\u043c\u0438 \u041c\u0413\u0411 \u0438 \u0435\u0449\u0435 1 \u0445\u0430\u043a\u0435\u0440-\u043d\u0430\u0435\u043c\u043d\u0438\u043a goodperson \u0438\u043b\u0438 ha0r3n. \u0412\u0441\u0435 \u043e\u043d\u0438, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0421\u0428\u0410, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0441\u0442\u0430\u0432\u043d\u0443\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e Hainan Xiandun \u043a\u0430\u043a \u043f\u0440\u0438\u043a\u0440\u044b\u0442\u0438\u0435. \u041f\u043e\u0441\u043b\u0435 \u0431\u0435\u0441\u0435\u0434 \u0441 \u0440\u0443\u0441\u0441\u043a\u0438\u043c\u0438, \u0432\u043e\u043e\u0434\u0443\u0448\u0435\u0432\u043b\u0451\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0430\u0434 \u043f\u0435\u0440\u0435\u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u043d\u0430 \u0432\u043e\u0441\u0442\u043e\u043a, \u0442\u043e\u043b\u044c\u043a\u043e \u0443\u043f\u0440\u0435\u043a\u0438 \u0411\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u043f\u043e\u0434\u043a\u0440\u0435\u043f\u043b\u044f\u0442\u044c \u043a\u043e\u0440\u043e\u043b\u0435\u0432\u0441\u043a\u0438\u043c\u0438 \u0440\u0435\u0433\u0430\u043b\u0438\u044f\u043c\u0438. \u041d\u0438\u0447\u0435\u0433\u043e \u043d\u043e\u0432\u043e\u0433\u043e, \u043c\u044b \u0443\u0436\u0435 \u043e\u0431 \u044d\u0442\u043e\u043c \u0432\u0430\u0441 \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0438.\n\n2. \u0421\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0439 \u043f\u0438\u043d\u043e\u043a \u043f\u0440\u0438\u043b\u0435\u0442\u0435\u043b \u0418\u0437\u0440\u0430\u0438\u043b\u044e, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0418\u0411 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u043c \u0438 \u0447\u0430\u0441\u0442\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443: NSO Group, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0449\u0430\u044f \u043d\u0430 \u0440\u044b\u043d\u043e\u043a \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0435 \u041f\u041e Pegasus \u0434\u043b\u044f \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0441\u0442\u0430\u043b\u0430 \u0444\u0438\u0433\u0443\u0440\u0430\u043d\u0442\u043e\u043c \u0433\u0440\u043e\u043c\u043a\u043e\u0433\u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u041d\u041a\u041e Forbidden Stories, Amnesty International \u0438 \u0421\u041c\u0418-\u0433\u0438\u0433\u0430\u043d\u0442\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Guardian. \u0421\u0443\u0442\u044c \u043f\u0440\u0435\u0442\u0435\u043d\u0437\u0438\u0439 - \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u041f\u041e \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0437\u0430 \u043f\u0440\u0430\u0432\u043e\u0437\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430\u043c\u0438, \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0434\u0438\u0441\u0441\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438, \u043d\u0435\u0443\u0433\u043e\u0434\u043d\u044b\u043c\u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u0438 \u043f\u0440\u043e\u0447\u0438\u043c\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0434\u0435\u044f\u0442\u0435\u043b\u044f\u043c\u0438 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431 \u0441\u0442\u0440\u0430\u043d, \u0437\u0430\u043a\u0443\u043f\u0438\u0432\u0448\u0438\u0445 \u0441\u043e\u0444\u0442, \u0432\u043e\u043f\u0440\u0435\u043a\u0438 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u0430\u0434\u0430\u0447\u0430\u043c \u043f\u043e \u0431\u043e\u0440\u044c\u0431\u0435 \u0441 \u0442\u0435\u0440\u0440\u043e\u0440\u0438\u0437\u043c\u043e\u043c \u0438 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c\u044e. Pegasus \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u043f\u043e \u0441\u0432\u043e\u0438\u043c \u0422\u0422\u0425 \u0432\u0435\u0441\u0442\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0435 \u0437\u0430 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u0430\u043c\u0438 \u043d\u0430 \u0431\u0430\u0437\u0435 iOS \u0438 Android, \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u0445 \u043a\u0430\u043c\u0435\u0440\u0430\u043c, \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0430\u043c \u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u0430\u043a\u0438\u043c-\u0442\u043e \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0434\u043e\u0441\u0442\u0430\u043b\u0438 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0437 50 000 \u043d\u043e\u043c\u0435\u0440\u043e\u0432, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0438\u0445 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435 \u0432 NSO Group. \u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c,  \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043e \u00ab\u0432 \u0434\u0435\u0441\u044f\u0442\u043a\u0430\u0445 \u0441\u043b\u0443\u0447\u0430\u0435\u0432\u00bb. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u043f\u0438\u0441\u043a\u0443 - \u0441\u043b\u0435\u0434\u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0437\u0430 \u043f\u0440\u0435\u0437\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 2020 \u0433\u043e\u0434\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0424\u0411\u0420 \u0438 \u043d\u0430\u043a\u043e\u043f\u0438\u0432\u0448\u0438\u0445\u0441\u044f \u043f\u0440\u0435\u0442\u0435\u043d\u0437\u0438\u0439 \u043e\u0442 Microsoft, Google, Cisco \u0438 Facebook \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438 \u0443\u0442\u0435\u0447\u043a\u0438 \u043a\u0430\u043a \u0431\u044b \u043d\u0430\u043b\u0438\u0446\u043e. \u0423\u0434\u0438\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 - \u0441\u0438\u043b\u044c\u043d\u044b\u0435 \u043c\u0438\u0440\u0430 \u0434\u0435\u043b\u044f\u0442 \u0441\u0444\u0435\u0440\u044b \u0432\u043b\u0438\u044f\u043d\u0438\u044f.\n\n3. \u041f\u0440\u0438\u043b\u0435\u0442\u0435\u043b\u043e \ud83d\udc46\u0435\u0449\u0435 \u0441 \u043e\u0434\u043d\u043e\u0433\u043e \u0444\u043b\u0430\u043d\u0433\u0430: Microsoft \u0438 Citizen Lab \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Candiru \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u0430 \u043a \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044e DevilsEye, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0448\u0442\u0430\u043c\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f Windows, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u043f\u043e\u0441\u043b\u0435 \u0435\u0433\u043e \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0416\u0435\u0440\u0442\u0432\u0430\u043c\u0438 Candiru, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u0442\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 100 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u043e\u0432, \u043f\u0440\u0430\u0432\u043e\u0437\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u043e\u0432, \u0430\u043a\u0442\u0438\u0432\u0438\u0441\u0442\u043e\u0432, \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0443\u0447\u0435\u043d\u044b\u0445, \u0434\u0438\u043f\u043b\u043e\u043c\u0430\u0442\u043e\u0432 \u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0438\u0441\u0441\u0438\u0434\u0435\u043d\u0442\u044b. Microsoft \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u043e\u0441\u044c DevilsEye \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u043f\u043e\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0430 \u043d\u0430 \u0432\u0442\u043e\u0440\u043e\u043c \u044d\u0442\u0430\u043f\u0435 - \u043f\u043e\u0434 \u0441\u0430\u043c\u0443 \u041e\u0421. \u041a \u043d\u0438\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u0434\u0432\u0430 Chrome zero-days (CVE-2021-21166  \u0438  CVE-2021-30551), \u043e\u0434\u0438\u043d Internet Explorer (CVE-2021-33742) \u0438 \u0434\u0432\u0430 \u0432 \u041e\u0421 Windows (CVE-2021-31979  \u0438  CVE-2021- 33771).\n\n\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u043d\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u043b\u0430\u0434\u0430\u0442\u0435\u043b\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043f\u043b\u044e\u0448\u0435\u043a. \u0412 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0436\u0434\u0435\u043c \u043d\u043e\u0432\u044b\u0445 \u0441\u0435\u043d\u0441\u0430\u0446\u0438\u0439. \u0421\u043d\u043e\u0443\u0434\u0435\u043d \u0443\u0436\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u043b\u0441\u044f, \u043d\u0430\u0437\u0432\u0430\u0432 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u00ab\u0438\u0441\u0442\u043e\u0440\u0438\u0435\u0439 \u0433\u043e\u0434\u0430\u00bb: \u043c\u043d\u043e\u0433\u043e\u043e\u0431\u0435\u0449\u0430\u044e\u0449\u0435, \u043d\u0435 \u043f\u0440\u0430\u0432\u0434\u0430 \u043b\u0438.", "creation_timestamp": "2021-07-19T17:26:27.000000Z"}, {"uuid": "45743d89-4a7b-473f-820a-07151520bfaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21165", "type": "seen", "source": "https://t.me/cibsecurity/24634", "content": "\u203c CVE-2021-21165 \u203c\n\nData race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-09T20:52:03.000000Z"}, {"uuid": "5ba186b3-838b-4026-a135-bcc4ac21faa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "Telegram/dbNbjDFzAXXujaZEo4NqFvQSh4r0Q_Vfis9dZu-ufxZBTHg", "content": "", "creation_timestamp": "2021-08-07T16:03:29.000000Z"}, {"uuid": "ce12bc37-aa8d-4fdb-8051-06cfef21c515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21162", "type": "seen", "source": "https://t.me/cibsecurity/24635", "content": "\u203c CVE-2021-21162 \u203c\n\nUse after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-09T20:52:04.000000Z"}, {"uuid": "2ef2e627-9b49-4ae6-a769-c76319082bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://t.me/cibsecurity/24628", "content": "\u203c CVE-2021-21166 \u203c\n\nData race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-09T20:51:54.000000Z"}, {"uuid": "7d2b8d1d-a3e9-4f8c-b7a3-ddb96ba1abe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21163", "type": "seen", "source": "https://t.me/cibsecurity/24623", "content": "\u203c CVE-2021-21163 \u203c\n\nInsufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-09T20:51:46.000000Z"}, {"uuid": "64f20869-02a2-4cb9-8c4e-05eb09988e1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21168", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3541", "content": "#Threat_Research\n1. AppCache Vulnerabilities\n(CVE-2020-6399, CVE-2021-21168)\nhttps://blog.lbherrera.me/posts/appcache-forgotten-tales\n2. WordPress Redirect Hack\nhttps://blog.sucuri.net/2021/06/wordpress-redirect-hack-via-test0-com-default7-com.html", "creation_timestamp": "2021-06-05T13:00:01.000000Z"}, {"uuid": "b86b90b5-becd-4968-8319-eb4bd89f1473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "exploited", "source": "https://t.me/cibsecurity/24423", "content": "\u274c Google Patches Actively-Exploited Flaw in Chrome Browser \u274c\n\nA flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2021-03-03T22:25:12.000000Z"}, {"uuid": "ca1ddca3-fb2c-484b-bc3d-17aab78d6220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2116", "type": "seen", "source": "https://t.me/cibsecurity/22366", "content": "\u203c CVE-2021-2116 \u203c\n\nVulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromise Oracle Application Express Opportunity Tracker. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Application Express Opportunity Tracker, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Express Opportunity Tracker accessible data as well as unauthorized read access to a subset of Oracle Application Express Opportunity Tracker accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:33:34.000000Z"}, {"uuid": "37cba9a6-9bd9-45b4-831d-1e8f4ba0724d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21166", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2865", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 2-8)\n\nCVE-2020-1350 - Exploit SIGRed/Windows DNS Server RCE\nCVE-2021-21972 - VMware vCenter RCE (PoC1, PoC2, PoC3)\nCVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE\nCVE-2021-21166 - Chrome Audio RCE\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nCVE-2021-21315 - Node.JS OS sanitize service Parameters Command Injection\nCVE-2021-23132 - RCE in Joomla core &lt;=3.9.24", "creation_timestamp": "2024-10-14T07:14:24.000000Z"}]}