{"vulnerability": "CVE-2021-28310", "sightings": [{"uuid": "1ec195fc-91a2-42ed-818a-6c4f6e21c7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "06faa5f4-5611-4a9a-8c35-193f6a71cc7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "22844708-1059-4b26-b28a-e7bee3fdb777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "MISP/6b1740e7-18a3-413b-9e29-d17c5873e90f", "content": "", "creation_timestamp": "2024-11-14T06:08:28.000000Z"}, {"uuid": "f032d8a4-e1e4-41a4-b0b6-b819c6e271da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971012", "content": "", "creation_timestamp": "2024-12-24T20:23:02.022122Z"}, {"uuid": "e41cc921-eb79-4ea6-8ff6-7b67d5f8af0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=567", "content": "", "creation_timestamp": "2021-04-14T04:00:00.000000Z"}, {"uuid": "63d5beea-463c-4588-bee5-eda9183e5796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:54.000000Z"}, {"uuid": "1b6ecec4-1ffd-4f45-8592-91d94e15be93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:59.000000Z"}, {"uuid": "e2740b96-ccd9-4adc-972b-42bd3b63e1a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "exploited", "source": "https://t.me/cKure/4840", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Microsoft today\u00a0issued fixes for 114 vulnerabilities as part of its monthly security update release, which this month addressed 19 critical flaws, four critical Microsoft Exchange Server bugs found by the National Security Agency (NSA), and one zero-day bug in Desktop Window Manager.\n\u00a0\nCVE-2021-28310, a Win32k elevation of privilege vulnerability, is the only CVE under active attack patched this month.\n\nYesterday's patches also addressed four critical remote code execution vulnerabilities in Microsoft Exchange Server:\u00a0CVE-2021-28480,\u00a0CVE-2021-28481,\u00a0CVE-2021-28482, and\u00a0CVE-2021-28483. All of these were discovered by the NSA and affect Exchange Server versions 2013 through 2019.\nCVE-2021-28480 and CVE-2021-28481 have a CVSS score of 9.8 and require no authorization or user interaction to exploit.", "creation_timestamp": "2021-04-14T04:19:35.000000Z"}, {"uuid": "f529d53e-9457-48ae-bfab-1f652fa2b272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_11/21", "content": "", "creation_timestamp": "2021-04-15T06:06:29.000000Z"}, {"uuid": "b5039c4c-76a1-4886-890a-3288d9034f47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-28310", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1925c31f-13c3-421e-bbdc-3727798c7018", "content": "", "creation_timestamp": "2026-02-02T12:28:52.432091Z"}, {"uuid": "ceabd8d9-814d-4a22-9811-e7fe918c692e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "exploited", "source": "https://t.me/ctinow/31797", "content": "Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild\n\nhttps://ift.tt/3mIXTR0", "creation_timestamp": "2021-04-13T19:42:24.000000Z"}, {"uuid": "2af83460-470b-4f1a-8948-5e26e70d051c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "exploited", "source": "https://t.me/ctinow/31796", "content": "Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild\n\nhttps://ift.tt/3mIXTR0", "creation_timestamp": "2021-04-13T19:42:23.000000Z"}, {"uuid": "8852cc2a-1f4a-4445-93f9-c2b2d3440f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://t.me/haccking/100048", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u043a\u043e\u043d \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 (CVE-2021-28310)", "creation_timestamp": "2021-07-03T10:00:13.000000Z"}, {"uuid": "ae156b94-b778-44f5-afbd-70a3fed182a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "Telegram/9EDnIy-4FOSypMMwATTdDd3rvd3kuw-0OoilnQFY3m4FKio", "content": "", "creation_timestamp": "2021-04-14T16:46:11.000000Z"}, {"uuid": "4fdbbeda-e262-4f28-a58c-15774f066d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3279", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (April 1-30)\n\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-28310 - Win32k EoP Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-26411 - IE mshtml UAF\nhttps://t.me/cybersecuritytechnologies/2908\nCVE-2021-22204 - DjVu improper neutralization of user data\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156\nCVE-2021-28480/28482 - MS Exchange Server RCE\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange", "creation_timestamp": "2024-04-30T17:11:44.000000Z"}, {"uuid": "d5df1821-4bda-45b7-a420-d7afdf237df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://t.me/theninjaway1337/782", "content": "Vulnerabilidade in\u00e9dita \u00e9 encontrada no Desktop Window Manager do Windows 10\n\nA\u00a0Kaspersky\u00a0acaba de emitir um alerta a respeito de uma nova vulnerabilidade cr\u00edtica encontrada por seus pesquisadores no Desktop Window Manager, componente essencial do Windows respons\u00e1vel por renderizar as janelas que usamos no sistema operacional. O bug foi encontrado acidentalmente por especialistas da companhia em fevereiro deste ano enquanto eles estudavam outra falha conhecida; este novo problema foi ent\u00e3o encaminhado \u00e0\u00a0Microsoft\u00a0e catalogado pelo c\u00f3digo CVE-2021-28310.\n\nhttps://canaltech.com.br/seguranca/vulnerabilidade-inedita-e-encontrada-no-desktop-window-manager-do-windows-10-182687/\n\n#zeroday #windows #lpe", "creation_timestamp": "2021-04-14T22:21:53.000000Z"}, {"uuid": "1a3cc8a9-9780-448b-bb69-5283df6a5fd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://t.me/haccking/6460", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u043a\u043e\u043d \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 (CVE-2021-28310)", "creation_timestamp": "2021-07-03T12:00:10.000000Z"}, {"uuid": "87c92f98-9abd-42d9-897d-b65dd8fc6035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3154", "content": "#Threat_Research\n1. Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310)\nhttps://securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898\n2. Bugs in a Popular Third-Party Ethernet/IP Protocol Stack (CVE-2021-27478, CVE-2021-27482, CVE-2021-27498, CVE-2021-27500)\nhttps://www.claroty.com/2021/04/15/blog-research-fuzzing-and-pring\n3. New Vulnerability Affecting Container Engines CRI-O/Podman (CVE-2021-20291)\nhttps://unit42.paloaltonetworks.com/cve-2021-20291", "creation_timestamp": "2021-04-18T14:31:16.000000Z"}, {"uuid": "86e1ee20-96f1-4c01-b5ab-15112e412b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/3124", "content": "#Threat_Research\n1. Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild\nhttps://securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898\n]-> Malicious Payloads that abuses Win32k Elevation of Privilege Vulnerability:\nhttps://github.com/Rafael-Svechinskaya/IOC_for_CVE-2021-28310\n2. From 0 to RCE: Cockpit CMS (PoCs)\nhttps://swarm.ptsecurity.com/rce-cockpit-cms", "creation_timestamp": "2021-04-14T20:51:33.000000Z"}, {"uuid": "a620da29-adcf-45de-b32b-330d256d1aba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28310", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3159", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 12-18)\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1647 - MS Defender RCE Vulnerability\nhttps://www.anquanke.com/post/id/231625\nCVE-2021-28310 - Win32k Elevation of Privilege Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28480/28481/28482/28483 - MS Exchange Server RCE Vulnerability\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156", "creation_timestamp": "2021-04-19T11:01:18.000000Z"}]}