{"vulnerability": "CVE-2022-33318", "sightings": [{"uuid": "3faeedf6-a65c-4f37-9080-38adf1fe18a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33318", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/178", "content": "Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami.\n\nhttps://www.zerodayinitiative.com/advisories/ZDI-22-1041/", "creation_timestamp": "2022-08-05T12:35:50.000000Z"}, {"uuid": "b5381aad-9dca-4448-96e3-96e97549cfe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33318", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10040", "content": "Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami.\n\nhttps://www.zerodayinitiative.com/advisories/ZDI-22-1041/", "creation_timestamp": "2022-08-05T12:35:56.000000Z"}, {"uuid": "7165f6fc-8349-4177-a5be-b6d8a5f375cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33318", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/442", "content": "CVE-2022-33318 : Paracosme -ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server.\nhttps://github.com/0vercl0k/paracosme", "creation_timestamp": "2022-08-29T07:30:46.000000Z"}, {"uuid": "36489317-f251-4c18-bead-5a4956d40402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33318", "type": "published-proof-of-concept", "source": "https://t.me/wireshark_hacking/610", "content": "Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami.\n\nhttps://www.zerodayinitiative.com/advisories/ZDI-22-1041/", "creation_timestamp": "2022-08-21T20:27:09.000000Z"}, {"uuid": "ba201fc3-ea9e-4a7a-b82e-dcffe3f8f1df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33318", "type": "seen", "source": "https://t.me/cibsecurity/46689", "content": "\u203c CVE-2022-33318 \u203c\n\nDeserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T20:12:13.000000Z"}, {"uuid": "c59381b3-b5a2-4cc1-99c0-ee97e567df87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33318", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6653", "content": "#exploit\n1. CVE-2022-20006:\nLock Screen Bypass Exploit of Android Devices\nhttps://medium.com/maverislabs/lock-screen-bypass-exploit-of-android-devices-cve-2022-20006-604958fcee3a\n\n2. The Journey of Hunting In-the-Wild Windows LPE 0day\nhttps://www.blackhat.com/us-22/briefings/schedule/#the-journey-of-hunting-in-the-wild-windows-lpe-day-26988\n\n3. CVE-2022-33318:\nParacosme - RCE in ICONICS Genesis64\nhttps://github.com/0vercl0k/paracosme", "creation_timestamp": "2022-08-23T15:18:01.000000Z"}]}