{"vulnerability": "CVE-2021-2402", "sightings": [{"uuid": "a2eedcf9-e5af-45b5-8c25-95263446ebea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "seen", "source": "MISP/47675d15-8a45-40ca-a2f7-c9ccbfd9e565", "content": "", "creation_timestamp": "2024-11-14T06:09:39.000000Z"}, {"uuid": "eb74cd91-f602-457f-8980-a6981186a8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "Telegram/AWt1nG2mWN4kp3pNI2iRVMIPhGdNSu2ixvJ1RIAcT2oi_A", "content": "", "creation_timestamp": "2023-11-22T10:45:53.000000Z"}, {"uuid": "6e56ef40-b2f7-4844-b9e7-b4269144134b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4848", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 PoC / exploit utilities. \n\nCVE-2020-6516 - Chrome\nCVE-2021-24027 - WhatsApp\n\nhttps://github.com/CENSUS/whatsapp-mitd-mitm", "creation_timestamp": "2021-04-14T14:35:18.000000Z"}, {"uuid": "eeda81e0-7003-430f-a42d-931c53abd180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4864", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027).\n\nhttps://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/", "creation_timestamp": "2021-04-15T09:05:10.000000Z"}, {"uuid": "a01dcce3-bc37-420f-aee3-f71375125159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "seen", "source": "https://t.me/orderofsixangles/1340", "content": "\u041a\u043e\u0433\u0434\u0430 \u044f \u043f\u0438\u0441\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u044e \u043f\u0440\u043e man in the disk, \u0442\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0432\u0430\u0442\u0441\u0430\u043f \u0432 external storage \u0445\u0440\u0430\u043d\u0438\u0442 \u043a\u0430\u043a\u0438\u0435-\u0442\u043e \u043c\u0443\u0442\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b ssl session cache. \u041f\u043e \u0438\u043c\u0435\u043d\u0430\u043c \u0444\u0430\u0439\u043b\u043e\u0432 \u044f \u043f\u043e\u043d\u0438\u043c\u0430\u043b, \u0447\u0442\u043e \u0441 \u043d\u0438\u043c\u0438 \u0447\u0442\u043e-\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043f\u0440\u0438\u0434\u0443\u043c\u0430\u0442\u044c, \u043d\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u043e\u0441\u044c \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0432\u043e\u043f\u0440\u043e\u0441 \u0433\u043b\u0443\u0431\u0436\u0435. \n\n\u0425\u043e\u0440\u043e\u0448\u043e, \u0447\u0442\u043e \u0435\u0441\u0442\u044c \u0442\u0435, \u0443 \u043a\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0430\u0448\u043b\u043e\u0441\u044c!)\n\nRemote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)", "creation_timestamp": "2021-04-14T12:01:51.000000Z"}, {"uuid": "da4e1317-36b9-4c84-93d2-0cf0feb2843f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "seen", "source": "https://t.me/antichat/9535", "content": "Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)\nhttps://ift.tt/3sh5EPt\n\nSubmitted April 14, 2021 at 05:17PM by boozeroony\nvia reddit https://ift.tt/2RqKOjO", "creation_timestamp": "2021-04-14T12:15:26.000000Z"}, {"uuid": "8a0699d8-06e2-4520-b939-80bf991d2afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2402", "type": "seen", "source": "https://t.me/cibsecurity/26325", "content": "\u203c CVE-2021-2402 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-21T18:45:19.000000Z"}, {"uuid": "10d91d33-4429-4b86-b3ee-57fe78593b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "seen", "source": "https://t.me/true_secator/1637", "content": "\u0415\u0441\u043b\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u0432\u0435\u0440\u0441\u0438\u044e \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430 WhatsApp \u0434\u043e 2.21.4.18, \u0442\u043e \u043f\u043e\u0441\u043f\u0435\u0448\u0438\u0442\u0435 \u044d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c. \n\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f\u00a0\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Census Labs \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0434\u043b\u044f Android (\u0434\u043e 9-\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 MitM \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0438 \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0412\u0441\u0435, \u0447\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 - \u044d\u0442\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0435 HTML-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 Chrome \u0434\u043b\u044f\u00a0\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430\u00a0\u0432 Android (CVE-2021-24027) \u0438 \u043e\u0431\u0445\u043e\u0434\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043c\u0435\u043d\u043e\u0432 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 (CVE-2020-6516). \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0435\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043a\u043b\u044e\u0447\u0430\u043c \u0441\u0435\u0430\u043d\u0441\u0430 TLS.\n\n\u0417\u0430\u0442\u0435\u043c \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0441\u044c \u043a\u043b\u044e\u0447\u0430\u043c\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0442\u0435\u043c \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443, \u0432\u044b\u0437\u0432\u0430\u0432 \u043f\u0440\u0435\u0434\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u043e\u0448\u0438\u0431\u043a\u0443 \u043d\u0435\u0445\u0432\u0430\u0442\u043a\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0436\u0435\u0440\u0442\u0432\u044b, \u0430 \u0441\u043b\u0435\u0434\u043e\u043c \u0437\u0430 \u043d\u0435\u0439 \u0437\u0430\u043f\u0443\u0441\u043a \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043e\u0442\u043b\u0430\u0434\u043a\u0438. \u041e\u043d, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u00a0\u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u044b \u043a\u043b\u044e\u0447\u0435\u0439 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u043c\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043d\u0430 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0441\u0431\u043e\u0435\u0432 (\u00abcrashlogs.whatsapp.net\u00bb).\u00a0\u0418\u0434\u0435\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 MitM \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u0442 \u0441\u0431\u043e\u0440 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443, \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439  \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e Census Labs \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c\u0438 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u0432 \u00ab\u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435\u00bb, \u043d\u043e \u043c\u044b \u0442\u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0441\u043d\u043e \u043f\u043e\u043c\u043d\u0438\u043c \u043a\u0430\u043a \u0440\u0430\u043d\u0435\u0435 \u0432\u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WhatsApp \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043b\u044f\u00a0\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e\u00a0\u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0438 \u043f\u0440\u0430\u0432\u043e\u0437\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u043e\u0432.", "creation_timestamp": "2021-04-16T15:19:10.000000Z"}, {"uuid": "2042613a-a101-4f49-ba4f-976d3da310c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24029", "type": "seen", "source": "https://t.me/cibsecurity/24933", "content": "\u203c CVE-2021-24029 \u203c\n\nA packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to v2021.03.15.00.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-16T01:29:28.000000Z"}, {"uuid": "605af921-df29-409d-aac9-3fea29b32db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24021", "type": "seen", "source": "https://t.me/cibsecurity/30030", "content": "\u203c CVE-2021-24021 \u203c\n\nAn improper neutralization of input vulnerability [CWE-79] in FortiAnalyzer versions 6.4.3 and below, 6.2.7 and below and 6.0.10 and below may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the column settings of Logview in FortiAnalyzer, should the attacker be able to obtain that POST request, via other, hypothetical attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-06T14:37:52.000000Z"}, {"uuid": "b6fb448f-9b8f-4193-839a-49663bdba480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3126", "content": "Remote exploitation of a man-in-the-disk vulnerability\nin WhatsApp on the Android platform (CVE-2021-24027)\nhttps://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027\n]-&gt; PoC and tools for exploiting CVE-2020-6516 (Chrome) and CVE-2021-24027 (WhatsApp):\nhttps://github.com/CENSUS/whatsapp-mitd-mitm", "creation_timestamp": "2021-04-15T05:00:40.000000Z"}, {"uuid": "7d561a44-13fa-4193-acb9-96da5859b834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/1189", "content": "Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)\nResearch: https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/\nPoC: https://github.com/CENSUS/whatsapp-mitd-mitm", "creation_timestamp": "2021-09-01T12:55:38.000000Z"}, {"uuid": "0999fa1b-55d6-4912-833c-f016493305bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/2986", "content": "Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)\nResearch: https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/\nPoC: https://github.com/CENSUS/whatsapp-mitd-mitm", "creation_timestamp": "2021-04-14T23:15:34.000000Z"}, {"uuid": "cb1adf5d-ba90-442b-a14d-3bd18854d263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "exploited", "source": "https://t.me/SecLabNews/10057", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 CENSUS \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WhatsApp \u0434\u043b\u044f Android, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 Man-in-the-Disk (MitD). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2021-24027, \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u0442\u044c \u043e \u043d\u0435\u0439 \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u0443\u044e \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c WhatsApp \u0438 \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0445\u0441\u044f \u043d\u0430 \u043a\u0430\u0440\u0442\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b TLS \u0434\u043b\u044f \u0441\u0435\u0430\u043d\u0441\u043e\u0432 TLS 1.3 \u0438 TLS 1.2, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u00ab\u0447\u0435\u043b\u043e\u0432\u0435\u043a \u043f\u043e\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435\u00bb (man-in-the-middle, MitM) \u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f WhatsApp, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u043a\u043b\u044e\u0447\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Noise, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435\u0441\u044f \u0434\u043b\u044f \u0441\u043a\u0432\u043e\u0437\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n https://www.securitylab.ru/news/519017.php", "creation_timestamp": "2021-04-17T15:46:10.000000Z"}, {"uuid": "7a77efce-8dea-4e68-a345-d657fea87784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "exploited", "source": "https://t.me/thebugbountyhunter/5310", "content": "Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027) https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/", "creation_timestamp": "2021-04-14T14:24:26.000000Z"}, {"uuid": "2c01366f-745a-4434-b843-01ec3058050b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/4103", "content": "#threatleak \n\nhttps://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/\n@Arvin_club", "creation_timestamp": "2021-04-14T15:46:01.000000Z"}, {"uuid": "3f71fc64-eb35-4e1e-8c8e-d50bc09b00ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3279", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (April 1-30)\n\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-28310 - Win32k EoP Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-26411 - IE mshtml UAF\nhttps://t.me/cybersecuritytechnologies/2908\nCVE-2021-22204 - DjVu improper neutralization of user data\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156\nCVE-2021-28480/28482 - MS Exchange Server RCE\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange", "creation_timestamp": "2024-04-30T17:11:44.000000Z"}, {"uuid": "0be72084-ffd4-4b7e-8942-3d55db6a0a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24027", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3159", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 12-18)\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1647 - MS Defender RCE Vulnerability\nhttps://www.anquanke.com/post/id/231625\nCVE-2021-28310 - Win32k Elevation of Privilege Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28480/28481/28482/28483 - MS Exchange Server RCE Vulnerability\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156", "creation_timestamp": "2021-04-19T11:01:18.000000Z"}]}