{"vulnerability": "CVE-2021-2404", "sightings": [{"uuid": "70864cdc-32c6-452f-8a69-08c2d5ec51b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24041", "type": "seen", "source": "Telegram/n_74gO9NX009X8gwHb-1t49A0wUa0Fdw22AgNR2ljqvHZ9s", "content": "", "creation_timestamp": "2021-12-20T17:29:29.000000Z"}, {"uuid": "b66c7787-2e33-489f-afdf-ae98e5eca041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24043", "type": "seen", "source": "https://t.me/technical_private_cat/189", "content": "\u0427\u0430\u0441\u0442\u044c 2 - \u0442\u0435\u0445 \u0430\u0442\u0430\u043a\u0438\n\n\u0422\u0430\u043a \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c . \u042f \u043f\u0440\u0438\u0432\u0435\u0434\u0443 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0444\u0435\u0440\u0430\u0445 \u0436\u0438\u0437\u043d\u0438 \u0447\u0442\u043e\u0431\u044b \u0431\u044b\u043b\u043e \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0438\u043d\u0438\u043a\u0438.\n\u041f\u0440\u043e\u0439\u0434\u0435\u043c\u0441\u044f \u043f\u043e \u041f\u041e \u043f\u0435\u0440\u0432\u044b\u0439 \u043d\u0430\u0448 \"\u043c\u0443\u0447\u0435\u043d\u0438\u043a\" windows ....\n\u0412\u043e\u043e\u0431\u0449\u0435 \u0432 \u0441\u0430\u043c\u043e\u0439 \u0432\u0435\u043d\u0434\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0433\u043e \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0441\u0435\u0441\u0441\u0438\u0438 rdp.  \u0414\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e\u0442 \u0432\u0430\u043c \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 rdp  .\n\u0414\u0430 \u0435\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0430\u043c , \u043a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u044f\u0434\u0435\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435 . \n\u041d\u043e \u0437\u0434\u0435\u0441\u044c \u043f\u043e\u0441\u0442 \u0447\u0442\u043e\u0431\u044b \u0432\u044b \u043f\u043e\u043d\u044f\u043b\u0438 \u0432 \u043e\u0431\u0449\u0438\u0445 \u0447\u0435\u0440\u0442\u0430\u0445 .\n\n\u0427\u0442\u043e \u043d\u0430 \u0441\u0447\u0435\u0442 \u043b\u0438\u043d\u0443\u043a\u0441? \n\u041d\u0430 \u043b\u0438\u043d\u0443\u043a\u0441 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u044e\u0437\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 \u0434\u043b\u044f \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u0432\u043e\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 , \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b  . \u0412\u043e\u043e\u0431\u0449\u0435 \u0432\u043e\u0442 \u0441\u0441\u044b\u043b\u043a\u0430 \u0441 \u043d\u043e\u0432\u044b\u043c\u0438 cve linux \u0433\u0443\u043b\u044f\u043d\u044c\u0435 \u0432\u044b \u0432\u0435\u0434\u044c \u0443\u043c\u043d\u044b\u0435 \u044e\u0437\u0435\u0440\u044b \u0438 \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f   .\n \u041a\u0441\u0442\u0430\u0442\u0438 \u043a \u0442\u0435\u043c\u0435 \u0432\u043e \u043a\u043b\u0435\u0432\u044b\u0439 \u0441\u0430\u0439\u0442 \u0441 \u0431\u0434 \u0432\u0441\u044f\u043a\u0438\u0445 0 day linux \u0438 \u0432\u0435\u043d\u0434\u044b   . \n\n\u0418\u043d\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0440\u043e\u0443\u0442\u0435\u0440 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0435\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439,  \u0432\u043e\u0442 \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Cisco Small Business  \u0438\u043b\u0438 \u043c\u043e\u0436\u0435\u043c \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043f\u0440\u043e \u043d\u0430\u0448 \u0431\u0435\u0434\u043d\u044b\u0439 \u0441\u0442\u0430\u0440\u0435\u043d\u044c\u043a\u0438\u0439 \u043c\u0438\u043a\u0440\u043e\u0442\u0438\u043a  , \u0432\u043e\u0442 \u0435\u0449\u0435 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439  .  \n\u0415\u0441\u043b\u0438 \u0443\u0436 \u0437\u0430\u0433\u043e\u0432\u0440\u0438\u043b\u0438 \u043f\u0440\u043e \u0441\u0435\u0442\u044c \u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0430\u043a\u0438\u0445 \u043b\u0438\u0431\u043e vpn \u0441\u0440\u0435\u0434  \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u0445.\n\n\u0415\u0449\u0435 \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 php \u0444\u0430\u0439\u043b\u043e\u0432, \u044d\u0442\u043e  \u043d\u0435 \u0441\u043e\u0432\u0441\u0435\u043c \u0442\u043e, \u043d\u043e \u0438\u0437 \u044d\u0442\u043e\u0439 \u0436\u0435 \u043e\u043f\u0435\u0440\u044b . \n\u0415\u0449\u0435 \u044e\u0437\u0430\u044e\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 vm \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u043d\u0430\u0448\u0435\u0439 \u043b\u044e\u0431\u0438\u043c\u043e\u0439 vmware   \u0443 \u043d\u0435\u0435 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0443 \u043c\u0435\u043d\u044f \u0443\u0436\u0435 \u0431\u044b\u043b \u043f\u043e\u0441\u0442 \u043f\u043e \u044d\u0442\u043e\u0439 \u0442\u0435\u043c\u0435 . \ud83e\udde9\n\u0425\u043e\u0447\u0443 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u0437\u0430\u0431\u0430\u0432\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0442\u0438\u043f\u043e \u0442\u043e rce WhatsAp \u0442\u043e\u0439 \u0441 \u0433\u0438\u0444 ,  \u043f\u043e\u043c\u043d\u044e CVE-2021-24043 :\nWhatsApp \u043c\u043e\u0433 \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 heap, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 RTCP \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430.  \n\u041d\u0443 \u0438 CVE-2021-24042 : \u041b\u043e\u0433\u0438\u043a\u0430 \u0432\u044b\u0437\u043e\u0432\u043e\u0432 \u0434\u043b\u044f WhatsApp \u0434\u043b\u044f Android , WhatsApp \u043c\u043e\u0433 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0432\u043e\u043d\u0438\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 .\n\u0415\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u0442\u0438\u043f\u043e \u044d\u0442\u0438\u0445 \u0445\u0440\u043e\u043c\u0430 \u0438 \u0442\u044b\u043a   .  \n\u0418\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0442\u0438\u043f\u043e CVE-2022-22587 \u0432 iso \u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043d\u0434\u0440\u043e\u0438\u0434\u0430 .\n\u0414\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u0432\u0437\u043b\u043e\u043c\u043e\u0432 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 . \u041f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0432\u0438\u0440\u0443\u0441\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e . \u041f\u043e \u044d\u0442\u043e\u043c\u0443 \u0434\u0443\u043c\u0430\u044e \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043f\u0440\u043e \u0441\u043e\u0432\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438 \u0441 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e.\n \u041f\u0440\u0438\u0432\u0435\u0434\u0443 \u0430-\u043b\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0432\u0435\u0441\u044c\u043c\u0430 \u0447\u0430\u0441\u0442\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438:   \n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0421\u0430\u0448\u0430 \u0440\u0435\u0448\u0430\u0435\u0442 \u0447\u0442\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e A \u0432 \u044d\u0442\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u044e\u0437\u0430\u044e\u0442 vpn fortinet client . \u0421\u0430\u0448\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a vpn \u0438 \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 , \u0442\u0430\u043c \u0421\u0430\u0448\u0430 \u043b\u043e\u043c\u0430\u0435\u0442 \u043b\u0438\u043d\u0443\u043a\u0441 \u0438\u043b\u0438 windows \u0441\u0435\u0440\u0432\u0435\u0440 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u0430\u043a\u0438\u0445 \u043b\u0438\u0431\u043e \u0435\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0432\u0438\u0440\u0443\u0441 \n\n\u0422\u0430\u043a \u043a\u0430\u043a \u0436\u0435 \u043e\u0442 \u0442\u0430\u043a\u0438\u0445 \u0421\u0430\u0448(\u043e\u0439 \u0434\u0430 \u043f\u0440\u043e\u0441\u0442\u044f\u0442 \u043c\u0435\u043d\u044f \u0432\u0441\u0435 \u0421\u0430\u0448\u0438)  \u0437\u0430\u0449\u0438\u0449\u0430\u0442\u044c\u0441\u044f? \n\u0427\u0442\u043e \u043c\u043e\u0433\u0443 \u0441\u043a\u0430\u0437\u0430\u0442\u044c - \u0441\u043b\u0435\u0434\u0438\u0442\u0435 \u0437\u0430 \u043d\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0439\u0442\u0435 \u0438\u0445 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 , \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0435 , \u043e\u0442\u0433\u043e\u0441\u0442\u0438\u0442\u0435\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u0430\u0441\u0442\u043e\u0440\u043e\u0436\u0435\u043d\u043e \u043a \u043b\u044e\u0434\u044f\u043c \u0438\u043b\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435 . \n\u041a\u0430\u043a \u0438\u0442\u043e\u0433 \u043c\u044b \u0432\u0435\u0434\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0443\u0441\u0430, \u043d\u043e \u0438 \u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0435.  \u0418\u0437 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0438 \u043c\u043e\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432\u044b\u0432\u043e\u0434, \u0447\u0442\u043e \u0441\u0442\u043e\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u0432\u043e\u0441\u0442\u043e\u0440\u0436\u0435\u043d\u043d\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u044c\u0441\u044f \u043a\u043e \u0432\u0441\u0435\u043c\u0443 \u0438 \u043c\u0435\u043d\u044c\u0448\u0435 \u0440\u0430\u0441\u0441\u043b\u0430\u0431\u043b\u044f\u0442\u044c\u0441\u044f .\n\n\u0410 \u043d\u0430 \u044d\u0442\u043e\u043c \u0432\u0441\u0435, \u0441\u043f\u0430\u0441\u0438\u0431\u043e \u0437\u0430 \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u0435 \u0434\u043e\u0440\u043e\u0433\u0438\u0435 \u0447\u0435\u0448\u0438\u0440\u0441\u043a\u0438\u0435 \u043a\u043e\u0442\u0438\u043a\u0438\ud83d\udc31\u2764\ufe0f . \n\u0418 \u0437\u0430\u0434\u0443\u043c\u0430\u0439\u0442\u0435\u0441\u044c \u0432\u044b \u043b\u0438 \u0438\u0434\u0435\u0442\u0435 \u0437\u0430 \u0441\u0442\u0440\u0430\u043d\u043e\u0439 \u0447\u0443\u0434\u0435\u0441 \u0438\u043b\u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u0430 \u0447\u0443\u0434\u0435\u0441 \u0438\u0434\u0435\u0442 \u0437\u0430 \u0432\u0430\u043c\u0438\ud83d\udd2e\n#cve #virus", "creation_timestamp": "2022-09-24T08:34:04.000000Z"}, {"uuid": "0b73698c-d52a-483d-ae36-eb3411deb8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24042", "type": "seen", "source": "https://t.me/technical_private_cat/189", "content": "\u0427\u0430\u0441\u0442\u044c 2 - \u0442\u0435\u0445 \u0430\u0442\u0430\u043a\u0438\n\n\u0422\u0430\u043a \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c . \u042f \u043f\u0440\u0438\u0432\u0435\u0434\u0443 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0444\u0435\u0440\u0430\u0445 \u0436\u0438\u0437\u043d\u0438 \u0447\u0442\u043e\u0431\u044b \u0431\u044b\u043b\u043e \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0438\u043d\u0438\u043a\u0438.\n\u041f\u0440\u043e\u0439\u0434\u0435\u043c\u0441\u044f \u043f\u043e \u041f\u041e \u043f\u0435\u0440\u0432\u044b\u0439 \u043d\u0430\u0448 \"\u043c\u0443\u0447\u0435\u043d\u0438\u043a\" windows ....\n\u0412\u043e\u043e\u0431\u0449\u0435 \u0432 \u0441\u0430\u043c\u043e\u0439 \u0432\u0435\u043d\u0434\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0433\u043e \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0441\u0435\u0441\u0441\u0438\u0438 rdp.  \u0414\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e\u0442 \u0432\u0430\u043c \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 rdp  .\n\u0414\u0430 \u0435\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0430\u043c , \u043a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u044f\u0434\u0435\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435 . \n\u041d\u043e \u0437\u0434\u0435\u0441\u044c \u043f\u043e\u0441\u0442 \u0447\u0442\u043e\u0431\u044b \u0432\u044b \u043f\u043e\u043d\u044f\u043b\u0438 \u0432 \u043e\u0431\u0449\u0438\u0445 \u0447\u0435\u0440\u0442\u0430\u0445 .\n\n\u0427\u0442\u043e \u043d\u0430 \u0441\u0447\u0435\u0442 \u043b\u0438\u043d\u0443\u043a\u0441? \n\u041d\u0430 \u043b\u0438\u043d\u0443\u043a\u0441 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u044e\u0437\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 \u0434\u043b\u044f \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u0432\u043e\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 , \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b  . \u0412\u043e\u043e\u0431\u0449\u0435 \u0432\u043e\u0442 \u0441\u0441\u044b\u043b\u043a\u0430 \u0441 \u043d\u043e\u0432\u044b\u043c\u0438 cve linux \u0433\u0443\u043b\u044f\u043d\u044c\u0435 \u0432\u044b \u0432\u0435\u0434\u044c \u0443\u043c\u043d\u044b\u0435 \u044e\u0437\u0435\u0440\u044b \u0438 \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f   .\n \u041a\u0441\u0442\u0430\u0442\u0438 \u043a \u0442\u0435\u043c\u0435 \u0432\u043e \u043a\u043b\u0435\u0432\u044b\u0439 \u0441\u0430\u0439\u0442 \u0441 \u0431\u0434 \u0432\u0441\u044f\u043a\u0438\u0445 0 day linux \u0438 \u0432\u0435\u043d\u0434\u044b   . \n\n\u0418\u043d\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0440\u043e\u0443\u0442\u0435\u0440 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0435\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439,  \u0432\u043e\u0442 \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Cisco Small Business  \u0438\u043b\u0438 \u043c\u043e\u0436\u0435\u043c \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043f\u0440\u043e \u043d\u0430\u0448 \u0431\u0435\u0434\u043d\u044b\u0439 \u0441\u0442\u0430\u0440\u0435\u043d\u044c\u043a\u0438\u0439 \u043c\u0438\u043a\u0440\u043e\u0442\u0438\u043a  , \u0432\u043e\u0442 \u0435\u0449\u0435 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439  .  \n\u0415\u0441\u043b\u0438 \u0443\u0436 \u0437\u0430\u0433\u043e\u0432\u0440\u0438\u043b\u0438 \u043f\u0440\u043e \u0441\u0435\u0442\u044c \u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0430\u043a\u0438\u0445 \u043b\u0438\u0431\u043e vpn \u0441\u0440\u0435\u0434  \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u0445.\n\n\u0415\u0449\u0435 \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 php \u0444\u0430\u0439\u043b\u043e\u0432, \u044d\u0442\u043e  \u043d\u0435 \u0441\u043e\u0432\u0441\u0435\u043c \u0442\u043e, \u043d\u043e \u0438\u0437 \u044d\u0442\u043e\u0439 \u0436\u0435 \u043e\u043f\u0435\u0440\u044b . \n\u0415\u0449\u0435 \u044e\u0437\u0430\u044e\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 vm \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u043d\u0430\u0448\u0435\u0439 \u043b\u044e\u0431\u0438\u043c\u043e\u0439 vmware   \u0443 \u043d\u0435\u0435 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0443 \u043c\u0435\u043d\u044f \u0443\u0436\u0435 \u0431\u044b\u043b \u043f\u043e\u0441\u0442 \u043f\u043e \u044d\u0442\u043e\u0439 \u0442\u0435\u043c\u0435 . \ud83e\udde9\n\u0425\u043e\u0447\u0443 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u0437\u0430\u0431\u0430\u0432\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0442\u0438\u043f\u043e \u0442\u043e rce WhatsAp \u0442\u043e\u0439 \u0441 \u0433\u0438\u0444 ,  \u043f\u043e\u043c\u043d\u044e CVE-2021-24043 :\nWhatsApp \u043c\u043e\u0433 \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 heap, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 RTCP \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430.  \n\u041d\u0443 \u0438 CVE-2021-24042 : \u041b\u043e\u0433\u0438\u043a\u0430 \u0432\u044b\u0437\u043e\u0432\u043e\u0432 \u0434\u043b\u044f WhatsApp \u0434\u043b\u044f Android , WhatsApp \u043c\u043e\u0433 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0432\u043e\u043d\u0438\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 .\n\u0415\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u0442\u0438\u043f\u043e \u044d\u0442\u0438\u0445 \u0445\u0440\u043e\u043c\u0430 \u0438 \u0442\u044b\u043a   .  \n\u0418\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0442\u0438\u043f\u043e CVE-2022-22587 \u0432 iso \u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043d\u0434\u0440\u043e\u0438\u0434\u0430 .\n\u0414\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u0432\u0437\u043b\u043e\u043c\u043e\u0432 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 . \u041f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0432\u0438\u0440\u0443\u0441\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e . \u041f\u043e \u044d\u0442\u043e\u043c\u0443 \u0434\u0443\u043c\u0430\u044e \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043f\u0440\u043e \u0441\u043e\u0432\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438 \u0441 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e.\n \u041f\u0440\u0438\u0432\u0435\u0434\u0443 \u0430-\u043b\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0432\u0435\u0441\u044c\u043c\u0430 \u0447\u0430\u0441\u0442\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438:   \n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0421\u0430\u0448\u0430 \u0440\u0435\u0448\u0430\u0435\u0442 \u0447\u0442\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e A \u0432 \u044d\u0442\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u044e\u0437\u0430\u044e\u0442 vpn fortinet client . \u0421\u0430\u0448\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a vpn \u0438 \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 , \u0442\u0430\u043c \u0421\u0430\u0448\u0430 \u043b\u043e\u043c\u0430\u0435\u0442 \u043b\u0438\u043d\u0443\u043a\u0441 \u0438\u043b\u0438 windows \u0441\u0435\u0440\u0432\u0435\u0440 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u0430\u043a\u0438\u0445 \u043b\u0438\u0431\u043e \u0435\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0432\u0438\u0440\u0443\u0441 \n\n\u0422\u0430\u043a \u043a\u0430\u043a \u0436\u0435 \u043e\u0442 \u0442\u0430\u043a\u0438\u0445 \u0421\u0430\u0448(\u043e\u0439 \u0434\u0430 \u043f\u0440\u043e\u0441\u0442\u044f\u0442 \u043c\u0435\u043d\u044f \u0432\u0441\u0435 \u0421\u0430\u0448\u0438)  \u0437\u0430\u0449\u0438\u0449\u0430\u0442\u044c\u0441\u044f? \n\u0427\u0442\u043e \u043c\u043e\u0433\u0443 \u0441\u043a\u0430\u0437\u0430\u0442\u044c - \u0441\u043b\u0435\u0434\u0438\u0442\u0435 \u0437\u0430 \u043d\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0439\u0442\u0435 \u0438\u0445 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 , \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0435 , \u043e\u0442\u0433\u043e\u0441\u0442\u0438\u0442\u0435\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u0430\u0441\u0442\u043e\u0440\u043e\u0436\u0435\u043d\u043e \u043a \u043b\u044e\u0434\u044f\u043c \u0438\u043b\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435 . \n\u041a\u0430\u043a \u0438\u0442\u043e\u0433 \u043c\u044b \u0432\u0435\u0434\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0443\u0441\u0430, \u043d\u043e \u0438 \u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0435.  \u0418\u0437 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0438 \u043c\u043e\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432\u044b\u0432\u043e\u0434, \u0447\u0442\u043e \u0441\u0442\u043e\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u0432\u043e\u0441\u0442\u043e\u0440\u0436\u0435\u043d\u043d\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u044c\u0441\u044f \u043a\u043e \u0432\u0441\u0435\u043c\u0443 \u0438 \u043c\u0435\u043d\u044c\u0448\u0435 \u0440\u0430\u0441\u0441\u043b\u0430\u0431\u043b\u044f\u0442\u044c\u0441\u044f .\n\n\u0410 \u043d\u0430 \u044d\u0442\u043e\u043c \u0432\u0441\u0435, \u0441\u043f\u0430\u0441\u0438\u0431\u043e \u0437\u0430 \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u0435 \u0434\u043e\u0440\u043e\u0433\u0438\u0435 \u0447\u0435\u0448\u0438\u0440\u0441\u043a\u0438\u0435 \u043a\u043e\u0442\u0438\u043a\u0438\ud83d\udc31\u2764\ufe0f . \n\u0418 \u0437\u0430\u0434\u0443\u043c\u0430\u0439\u0442\u0435\u0441\u044c \u0432\u044b \u043b\u0438 \u0438\u0434\u0435\u0442\u0435 \u0437\u0430 \u0441\u0442\u0440\u0430\u043d\u043e\u0439 \u0447\u0443\u0434\u0435\u0441 \u0438\u043b\u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u0430 \u0447\u0443\u0434\u0435\u0441 \u0438\u0434\u0435\u0442 \u0437\u0430 \u0432\u0430\u043c\u0438\ud83d\udd2e\n#cve #virus", "creation_timestamp": "2022-09-24T08:34:04.000000Z"}, {"uuid": "221b550a-9866-4c5c-b446-7e284845abde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24043", "type": "seen", "source": "https://t.me/technical_private_cat/192", "content": "Part 2 - tech attacks\n\nSo now about vulnerability attacks. I will give examples of vulnerabilities in different areas of life to have an understanding of what the perpetrators use.\nLet's go over the software and our first \"martyr\" windows .....\nGenerally speaking, in the Venda itself the cybercriminals often hijack the rdp session.  For remote access, here is an article  about rdp vulnerabilities.\nYes, there are vulnerabilities not only there , for example some nuclear vulnerabilities and many others . \nBut here is a post to give you an overview.\n\nWhat about linux? \nOn linux mostly use kernel vulnerabilities for different versions of their vulnerabilities, in particular vulnerabilities in the file system. Generally, here is the link with the new Linux cve linux walk you smart users and want to protect yourself.\n By the way, there is a cool site with a database of 0 day linux and windows\n\nSometimes hackers can hack into the router via its vulnerabilities, here is an article about critical vulnerabilities of Cisco Small Business or we can remind about our poor old MikroTik  , here is a collection  of such vulnerabilities.  \nIf we are talking about network, the hackers often use vulnerabilities of some vpn environments in companies.\n\nThere are also different server vulnerabilities for downloading malicious php files , it is not quite the same, but from the same type of vulnerabilities. \nThere are also vulnerabilities in different vm systems e.g. our favorite vmware which has many vulnerabilities and I have already had a post about it. \ud83e\udde9\nI want to touch on funny application vulnerabilities like that rce WhatsAp that with gif  , I remember CVE-2021-24043 :\nWhatsApp could allow reading outside the heap if the user sent a garbled RTCP packet during an established call.  \nWell and CVE-2021-24042 : Call Logic for WhatsApp for Android , WhatsApp could allow writing outside the bounds if the user called an intruder .\nAlso exploit various browser vulnerabilities like these chrome and youk  .  \nOr mobile device vulnerabilities like CVE-2022-22587 in iso  or android vulnerabilities .\nHacks of this kind do not use a single vulnerability. There can be many ways to deliver a virus. For this reason, I think it is worth talking about the combination of social engineering with the technical part.\nHere is a practical example of a very common situation:   \n\nAn intruder Sasha decides to hack company A in this company use a vpn fortinet client. Using social engineering he accesses the vpn and enters the network of the company, there he breaks the linux or windows server of the company through some vulnerabilities and downloads the virus. \n\nSo how to protect yourself from such sashes (oh pardon me all sashes)? \nWhat I can say - keep an eye on new vulnerabilities and if possible remove them from your devices, update your anti-virus, be careful with people or mail. \nAs a result, we lead the work of an attacker not only in writing the virus but also in delivering it.  From this article we can conclude that we should be more enthusiastic about everything and less relaxed .\n\nAnd that's it, thanks for reading it dear Cheshire cats\ud83d\udc31\u2764\ufe0f . \nAnd think about whether you are following Wonderland or Wonderland is following you\ud83d\udd2e\n#cve  #virus", "creation_timestamp": "2022-09-24T08:33:21.000000Z"}, {"uuid": "7e95ef18-7c9b-4908-b00e-dd96676aca15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24042", "type": "seen", "source": "https://t.me/technical_private_cat/192", "content": "Part 2 - tech attacks\n\nSo now about vulnerability attacks. I will give examples of vulnerabilities in different areas of life to have an understanding of what the perpetrators use.\nLet's go over the software and our first \"martyr\" windows .....\nGenerally speaking, in the Venda itself the cybercriminals often hijack the rdp session.  For remote access, here is an article  about rdp vulnerabilities.\nYes, there are vulnerabilities not only there , for example some nuclear vulnerabilities and many others . \nBut here is a post to give you an overview.\n\nWhat about linux? \nOn linux mostly use kernel vulnerabilities for different versions of their vulnerabilities, in particular vulnerabilities in the file system. Generally, here is the link with the new Linux cve linux walk you smart users and want to protect yourself.\n By the way, there is a cool site with a database of 0 day linux and windows\n\nSometimes hackers can hack into the router via its vulnerabilities, here is an article about critical vulnerabilities of Cisco Small Business or we can remind about our poor old MikroTik  , here is a collection  of such vulnerabilities.  \nIf we are talking about network, the hackers often use vulnerabilities of some vpn environments in companies.\n\nThere are also different server vulnerabilities for downloading malicious php files , it is not quite the same, but from the same type of vulnerabilities. \nThere are also vulnerabilities in different vm systems e.g. our favorite vmware which has many vulnerabilities and I have already had a post about it. \ud83e\udde9\nI want to touch on funny application vulnerabilities like that rce WhatsAp that with gif  , I remember CVE-2021-24043 :\nWhatsApp could allow reading outside the heap if the user sent a garbled RTCP packet during an established call.  \nWell and CVE-2021-24042 : Call Logic for WhatsApp for Android , WhatsApp could allow writing outside the bounds if the user called an intruder .\nAlso exploit various browser vulnerabilities like these chrome and youk  .  \nOr mobile device vulnerabilities like CVE-2022-22587 in iso  or android vulnerabilities .\nHacks of this kind do not use a single vulnerability. There can be many ways to deliver a virus. For this reason, I think it is worth talking about the combination of social engineering with the technical part.\nHere is a practical example of a very common situation:   \n\nAn intruder Sasha decides to hack company A in this company use a vpn fortinet client. Using social engineering he accesses the vpn and enters the network of the company, there he breaks the linux or windows server of the company through some vulnerabilities and downloads the virus. \n\nSo how to protect yourself from such sashes (oh pardon me all sashes)? \nWhat I can say - keep an eye on new vulnerabilities and if possible remove them from your devices, update your anti-virus, be careful with people or mail. \nAs a result, we lead the work of an attacker not only in writing the virus but also in delivering it.  From this article we can conclude that we should be more enthusiastic about everything and less relaxed .\n\nAnd that's it, thanks for reading it dear Cheshire cats\ud83d\udc31\u2764\ufe0f . \nAnd think about whether you are following Wonderland or Wonderland is following you\ud83d\udd2e\n#cve  #virus", "creation_timestamp": "2022-09-24T08:33:21.000000Z"}, {"uuid": "cd0e326b-065b-4b3a-b831-cc39b6a913c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24043", "type": "seen", "source": "https://t.me/AnonymusYemenn/3343", "content": "\u062b\u063a\u0631\u0629 \u0628\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0648\u0627\u062a\u0633 \u0627\u0628 \u0639\u0644\u0649 \u0627\u062c\u0647\u0632\u0629 \u0627\u0644\u0627\u064a\u0641\u0648\u0646 \u0648\u0627\u062c\u0647\u0632\u0629 \u0627\u0644\u0627\u0646\u062f\u0631\u0648\u064a\u062f\u060c \u0648\u062a\u0645 \u062a\u0635\u0646\u064a\u0641\u0647\u0627 \u0645\u0646 \u0627\u0644\u0646\u0648\u0639 \u0627\u0644\u062e\u0637\u064a\u0631.\n\u0648\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0627 \u064a\u062d\u062a\u0627\u062c \u0627\u0644\u0627 \u0627\u0646 \u064a\u0642\u0648\u0645 \u0627\u0644\u0645\u062e\u062a\u0631\u0642 \u0628\u062c\u0639\u0644 \u0627\u0644\u0636\u062d\u064a\u0629 \u064a\u062a\u062c\u0627\u0648\u0628 \u0645\u0639\u0647 \u0627\u064a \u064a\u0631\u062f \u0639\u0644\u0649 \u0631\u0633\u0627\u0626\u0644\u0629 \u0627\u0648 \u0627\u062a\u0635\u0627\u0644\u0627\u062a\u0647, \u0648\u064a\u062a\u0645 \u0639\u0628\u0631\u0647\u0627 \u0633\u062d\u0628 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0645\u0646 \u062c\u0647\u0627\u0632 \u0627\u0644\u0636\u062d\u064a\u0629\n \u0642\u0645 \u0628\u062a\u062d\u062f\u064a\u062b \u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0648\u0627\u062a\u0633 \u0627\u0628 \u0639\u0644\u0649 \u0627\u0644\u0641\u0648\u0631.\n\n\u0627\u0644\u0645\u0635\u062f\u0631\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-24043", "creation_timestamp": "2022-02-03T17:08:15.000000Z"}, {"uuid": "1cc1e0fa-e936-4a0f-ac98-2debc6ceec50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24045", "type": "seen", "source": "https://t.me/cibsecurity/33890", "content": "\u203c CVE-2021-24045 \u203c\n\nA type confusion vulnerability could be triggered when resolving the \"typeof\" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T00:13:30.000000Z"}, {"uuid": "bad61f6a-6fa3-4228-9934-d04450222d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24043", "type": "seen", "source": "https://t.me/cibsecurity/36698", "content": "\u203c CVE-2021-24043 \u203c\n\nA missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an out-of-bounds heap read if a user sent a malformed RTCP packet during an established call.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T14:28:24.000000Z"}, {"uuid": "47c91052-2368-45db-8ca7-6b281275b4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24044", "type": "seen", "source": "https://t.me/cibsecurity/35643", "content": "\u203c CVE-2021-24044 \u203c\n\nBy passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-15T07:20:03.000000Z"}, {"uuid": "afc5ef61-440a-4fd1-ad49-5aeb3965674f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24042", "type": "seen", "source": "https://t.me/cibsecurity/34959", "content": "\u203c CVE-2021-24042 \u203c\n\nThe calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T22:38:37.000000Z"}, {"uuid": "b937f242-49f9-4756-bb02-32ec135b78d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24043", "type": "seen", "source": "Telegram/KN6-ELUgRwE2Dzy8do9nq1IoSVzw0GrallsMJAsj8BexnVs", "content": "", "creation_timestamp": "2022-02-03T17:08:21.000000Z"}, {"uuid": "eea18bbe-8946-4935-b009-61d2da595992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24041", "type": "seen", "source": "https://t.me/cibsecurity/33511", "content": "\u203c CVE-2021-24041 \u203c\n\nA missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T22:22:26.000000Z"}, {"uuid": "f80d9b4a-bafc-407f-98f2-3bd5b579c338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24040", "type": "seen", "source": "https://t.me/cibsecurity/28698", "content": "\u203c CVE-2021-24040 \u203c\n\nDue to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-11T02:30:56.000000Z"}, {"uuid": "79f48bd3-f159-46bd-8956-04071220cbc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2404", "type": "seen", "source": "https://t.me/cibsecurity/26338", "content": "\u203c CVE-2021-2404 \u203c\n\nVulnerability in the PeopleSoft Enterprise HCM Candidate Gateway product of Oracle PeopleSoft (component: e-mail notification). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Candidate Gateway. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM Candidate Gateway accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM Candidate Gateway accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-21T18:48:26.000000Z"}, {"uuid": "465fab55-14d6-4932-8bf8-0ee7eac87d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24043", "type": "seen", "source": "https://t.me/HackerOne/3278", "content": "https://nvd.nist.gov/vuln/detail/CVE-2021-24043", "creation_timestamp": "2022-02-05T04:34:04.000000Z"}]}