{"vulnerability": "CVE-2022-26503", "sightings": [{"uuid": "579291f8-980b-4b9e-be76-46da7615ecf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "seen", "source": "https://t.me/ptswarm/115", "content": "Veeam fixed an Unauth RCE (CVE-2022-26500, CVE-2022-26501) in Veeam Backup &amp; Replication and Local Privilege Escalation (CVE-2022-26503) in Veeam Agent for Microsoft Windows found by our researcher Nikita Petrov.\n\nAdvisory: https://www.veeam.com/kb4288", "creation_timestamp": "2022-03-14T13:38:49.000000Z"}, {"uuid": "32c89350-ce0f-419d-8442-e8201a0c1c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1426", "content": "CVE-2022-26503\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2022-26503) \u0432 Veeam Agent \u0434\u043b\u044f Microsoft Windows \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 LOCAL SYSTEM.\n\u0422\u0430\u043a\u0436\u0435 \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0432\u044b \u043d\u0430\u0439\u0434\u0451\u0442\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0434\u0430\u043d\u043d\u044b\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\nhttps://github.com/sinsinology/CVE-2022-26503\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-28T19:01:36.000000Z"}, {"uuid": "c2fce82b-a725-4b22-afd4-15c11f8829ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "seen", "source": "https://t.me/cibsecurity/39153", "content": "\u203c CVE-2022-26503 \u203c\n\nDeserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T19:26:40.000000Z"}, {"uuid": "cdc69c9c-4ff7-4800-85f5-bebf882ef502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26503", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5706", "content": "#exploit\n1. CVE-2022-0995:\nHeap out-of-bounds write in the watch_queue Linux kernel component\nhttps://github.com/Bonfee/CVE-2022-0995\n\n2. Script for 2FA bypass that replay Citrix credentials\nhttps://github.com/post-cyberlabs/Offensive_tools/tree/main/Citrix\n\n3. ABC-Code Execution for Veeam (CVE-2022-26503 LPE)\nhttps://www.mdsec.co.uk/2022/03/abc-code-execution-for-veeam", "creation_timestamp": "2022-03-30T11:03:01.000000Z"}]}