{"vulnerability": "CVE-2022-37955", "sightings": [{"uuid": "c171ec95-da60-4a01-9fae-b272ce6c406a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37955", "type": "published-proof-of-concept", "source": "Telegram/e4b8xasECNPaTnr4JYTMaXGSrfygZGtChMYE0rnSQ6-ZfqI", "content": "", "creation_timestamp": "2023-02-19T21:50:11.000000Z"}, {"uuid": "2bcaf4e4-7803-4143-8dde-fc2c5c503638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37955", "type": "seen", "source": "https://t.me/TopCyberTechNews/310", "content": "Top Security News for 29/04/2023\n\nWhy Your Detection-First Security Approach Isn't Working\nhttps://thehackernews.com/2023/04/why-your-detection-first-security.html \n\nCVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)\nhttps://www.reddit.com/r/netsec/comments/131mes1/cve202237955_vulnerability_in_microsoft_windows/ \n\nAttacks On PaperCut Servers Tied To Ransomware Groups\nhttps://packetstormsecurity.com/news/view/34561/Attacks-On-PaperCut-Servers-Tied-To-Ransomware-Groups.html \n\nChinese Alloy Taurus Updates PingPull Malware\nhttps://www.reddit.com/r/netsec/comments/131qxn8/chinese_alloy_taurus_updates_pingpull_malware/ \n\nWhat\u2019s now being traded in the C2C markets. CISA would like comments on its software self-attestation form. And in Russia\u2019s hybrid war, are there cyber war crimes, or real hacktivists?\nhttps://thecyberwire.com/podcasts/daily-podcast/1812/notes \n\nState of DNS Rebinding in 2023\nhttps://www.reddit.com/r/netsec/comments/132ewi3/state_of_dns_rebinding_in_2023/ \n\nThe UN's new cybercrime treaty raises human rights concerns. How China's new counter-espionage law could impact cyber business.\nhttps://thecyberwire.com/newsletters/policy-briefing/5/82 \n\nCISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments\nhttps://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html \n\nLockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities\nhttps://www.malwarebytes.com/blog/news/2023/04/lockbit-and-cl0p-are-actively-exploiting-papercut-vulnerabilities \n\nBreach roundup. Hackers steal more than hearts.\nhttps://thecyberwire.com/podcasts/privacy-briefing/517/notes \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-04-29T07:00:05.000000Z"}, {"uuid": "c372429c-7ae0-423a-ba20-daccc5e18c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37955", "type": "seen", "source": "Telegram/OWl6iEtSW_1w8mnvb1kVToU_wZ1-mGDUaQutMvvBsw1QX6o", "content": "", "creation_timestamp": "2023-02-16T18:57:50.000000Z"}, {"uuid": "24df6ab1-4e93-4cc0-b24f-a702be2eb8c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37955", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8205", "content": "#exploit\n1. CVE-2023-21707:\nMicrosoft Exchange Powershell Remoting Deserialization leading to RCE\nhttps://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707\n\n2. CVE-2022-37955: \nVulnerability in MS Windows Group Policy Updates Leads to Improper Link Resolution Before File Access\nhttps://herolab.usd.de/security-advisories/usd-2022-0034\n]-> https://decoder.cloud/2023/02/16/eop-via-arbitrary-file-write-overwite-in-group-policy-client-gpsvc-cve-2022-37955", "creation_timestamp": "2023-04-29T12:53:42.000000Z"}, {"uuid": "81b22a8d-d059-49cc-968d-73ca7c24149a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37955", "type": "seen", "source": "https://t.me/cibsecurity/49693", "content": "\u203c CVE-2022-37955 \u203c\n\nWindows Group Policy Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T22:25:54.000000Z"}]}