{"vulnerability": "CVE-2022-37454", "sightings": [{"uuid": "35e16aff-38f4-48ec-a082-9f3353e26937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15542", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-37454\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.\n\ud83d\udccf Published: 2022-10-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-08T15:03:28.946Z\n\ud83d\udd17 References:\n1. https://csrc.nist.gov/projects/hash-functions/sha-3-project\n2. https://mouha.be/sha-3-buffer-overflow/\n3. https://news.ycombinator.com/item?id=33281106\n4. https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658\n5. https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html\n6. https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html\n7. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/\n8. https://www.debian.org/security/2022/dsa-5267\n9. https://www.debian.org/security/2022/dsa-5269\n10. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/\n11. https://eprint.iacr.org/2023/331\n12. https://news.ycombinator.com/item?id=35050307\n13. https://security.gentoo.org/glsa/202305-02", "creation_timestamp": "2025-05-08T15:24:38.000000Z"}, {"uuid": "cef9d2cd-21d9-4363-8c41-9b87eb4cd1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "Telegram/eexQwt3CW-xNG2P4n7VulXBq--LhzURuGaktZjGnCpKWuKg", "content": "", "creation_timestamp": "2023-03-31T11:34:35.000000Z"}, {"uuid": "a53ee3dc-c15b-4827-b1a2-a287d475f665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/184", "content": "Top Security News for 21/10/2022\n\nLog4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)\nhttps://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/ \n\nExperts spotted a new undetectable PowerShell Backdoor posing as a Windows update\nhttps://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html \n\nCybersecurity Workforce Study released.\nhttps://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released \n\nReverse Engineering the Apple MultiPeer Connectivity Framework\nhttps://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/ \n\nISC StormCast for Friday, October 21st, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8224 \n\nGuLoader Malware Disguised as a Word File Being Distributed in Korea\nhttps://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1 \n\nISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)\nhttps://isc.sans.edu/diary/rss/29172 \n\n5 essential security tips for SMBs\nhttps://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs \n\nGoogle Launches GUAC Open Source Project to Secure Software Supply Chain\nhttps://thehackernews.com/2022/10/google-launches-guac-open-source.html \n\nSHA-3 Buffer Overflow - CVE-2022-37454\nhttps://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-10-21T07:00:29.000000Z"}, {"uuid": "475640b8-f55e-48ff-a67e-99fc601d219f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "seen", "source": "https://t.me/arpsyndicate/155", "content": "#ExploitObserverAlert\n\nCVE-2022-37454\n\nDESCRIPTION: Exploit Observer has 21 entries related to CVE-2022-37454. The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.\n\nFIRST-EPSS: 0.010430000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T18:49:07.000000Z"}, {"uuid": "a0112e0a-6527-48e6-b56e-94a50709aad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "Telegram/qTfPHMKuQHvIJMwnKDqALru-jFambiTFm91bFOPH-MHl8xg", "content": "", "creation_timestamp": "2023-03-09T07:09:21.000000Z"}, {"uuid": "5e8af6c0-cf01-42c4-948c-8308764ead84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4131", "content": "https://craxpro.io/   \n               \nCVE-2022-37454\n \nTry it\n\nAnd also try xss", "creation_timestamp": "2024-04-17T10:33:26.000000Z"}, {"uuid": "e243e6fe-5fba-45f3-8317-82b57759f88d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "seen", "source": "https://t.me/arpsyndicate/1662", "content": "#ExploitObserverAlert\n\nCVE-2022-37454\n\nDESCRIPTION: Exploit Observer has 22 entries related to CVE-2022-37454. The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.\n\nFIRST-EPSS: 0.010150000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T17:12:56.000000Z"}, {"uuid": "72160fa8-494c-4825-b472-7e6fed7bcd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7888", "content": "#Whitepaper\n#cryptography\n\"A Vulnerability in Implementations of SHA-3, SHAKE, EdDSA, and Other NIST-Approved Algorithms (CVE-2022-37454)\", 2023.\n]-> SHA-3 BoF Exploit PoC", "creation_timestamp": "2024-10-11T15:57:30.000000Z"}, {"uuid": "97d0cbcc-13ac-4fd0-b044-f8718dc701dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37454", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7069", "content": "#exploit\n1. Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV\nhttps://github.com/Wh04m1001/ZoneAlarmEoP\n\n2. CVE-2022-37454:\nSHA-3 Buffer Overflow\nhttps://mouha.be/sha-3-buffer-overflow", "creation_timestamp": "2022-10-29T14:21:13.000000Z"}]}