{"vulnerability": "CVE-2022-3877", "sightings": [{"uuid": "06f56044-a174-4ad4-b6df-50f57a43a19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38775", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10054", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38775\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.\n\ud83d\udccf Published: 2023-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-02T13:30:23.078Z\n\ud83d\udd17 References:\n1. https://www.elastic.co/community/security\n2. https://discuss.elastic.co/t/endpoint-security-8-4-1-security-statement/323753", "creation_timestamp": "2025-04-02T13:33:20.000000Z"}, {"uuid": "68352b7b-b976-4e5b-a39a-7dfd8a043339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38774", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10077", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38774\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.\n\ud83d\udccf Published: 2023-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-02T14:26:51.356Z\n\ud83d\udd17 References:\n1. https://www.elastic.co/community/security\n2. https://discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754", "creation_timestamp": "2025-04-02T14:33:54.000000Z"}, {"uuid": "2c68ec7c-4c85-429c-abf1-6771adf7e6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38773", "type": "seen", "source": "https://t.me/true_secator/3931", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Red Balloon Security \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u043c\u043d\u043e\u0433\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u041f\u041b\u041a Siemens.\n\n\u0418\u043c\u0435\u044e\u0449\u0430\u044f \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 CVE-2022-38773 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u043a\u043e\u0434 \u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430.\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u043e\u0432 Red Balloon Security, \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Siemens Simatic \u0438 Siplus S7-1500.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 SoC Siemens \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 RoT \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u043d\u043d\u0435\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0430\u0441\u0438\u043c\u043c\u0435\u0442\u0440\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u044d\u0442\u0430\u043f\u043e\u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043f\u0435\u0440\u0435\u0434 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c.\n\n\u041d\u0435\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c Root of Trust \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 - \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e Red Balloon, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u041f\u041b\u041a \u0438 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u0443\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u0443\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 100 \u043c\u043e\u0434\u0435\u043b\u044f\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u041f\u041b\u041a. \u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\nSiemens \u043f\u0440\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u0432 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b, \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u043b\u0438\u0448\u044c \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u043c\u0443 \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u0443.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0438 \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435 \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442\u0441\u044f. \n\n\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043d\u043e\u0432\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445, \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0435\u0441\u044f - \u0432 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0441\u0442\u0430\u0434\u0438\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438.", "creation_timestamp": "2023-01-12T16:04:05.000000Z"}, {"uuid": "e8966536-1337-4067-9acd-d8e550693ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38773", "type": "seen", "source": "https://t.me/ics_cert/694", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0632\u06cc\u0645\u0646\u0633\n\n\u0645\u062d\u0642\u0642\u0627\u0646 Red Balloon Security \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627\u0644\u0642\u0648\u0647 \u0648\u0635\u0644\u0647\u200c\u0646\u0634\u062f\u0647 \u062c\u062f\u06cc \u0631\u0627 \u06a9\u0634\u0641 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0628\u0631 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0645\u062f\u0644\u200c\u0647\u0627\u06cc PLC \u0632\u06cc\u0645\u0646\u0633 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f.\n\nCVE-2022-38773\u060c \u06a9\u0647 \u062f\u0627\u0631\u0627\u06cc \u062f\u0631\u062c\u0647 \u0628\u0646\u062f\u06cc \u0628\u0627 \u0634\u062f\u062a \u0645\u062a\u0648\u0633\u0637 \u0627\u0633\u062a\u060c \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc Secure Boot \u0631\u0627 \u062f\u0648\u0631 \u0628\u0632\u0646\u062f\u060c \u06a9\u062f \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0646\u0646\u062f\u0647 \u0648 \u062f\u0627\u062f\u0647 \u0647\u0627 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u062f.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0645\u062d\u0642\u0642\u0627\u0646 Red Balloon Security\u060c \u0627\u06cc\u0646 \u062e\u0637\u0627 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0645\u0634\u06a9\u0644\u0627\u062a \u0645\u0639\u0645\u0627\u0631\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u067e\u0631\u062f\u0627\u0632\u0646\u062f\u0647 \u0647\u0627\u06cc Siemens Simatic \u0648 Siplus S7-1500 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0633\u06cc\u0633\u062a\u0645 SoC \u0633\u0641\u0627\u0631\u0634\u06cc \u0632\u06cc\u0645\u0646\u0633 RoT \u0631\u0627 \u062f\u0631 \u0637\u0648\u0644 \u0641\u0631\u0622\u06cc\u0646\u062f \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0627\u06cc\u062c\u0627\u062f \u0646\u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u0628\u0627\u0639\u062b \u0639\u062f\u0645 \u0628\u0631\u0631\u0633\u06cc \u0627\u0645\u0636\u0627\u06cc \u0646\u0627\u0645\u062a\u0642\u0627\u0631\u0646 \u0628\u0631\u0627\u06cc \u062a\u0645\u0627\u0645 \u0645\u0631\u0627\u062d\u0644 \u0628\u0648\u062a\u200c\u0644\u0648\u062f\u0631 \u0648 \u0633\u0641\u062a\u200c\u0627\u0641\u0632\u0627\u0631 \u0642\u0628\u0644 \u0627\u0632 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u0639\u062f\u0645 \u0627\u06cc\u062c\u0627\u062f Root of Trust \u062f\u0631 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u06cc\u06a9 \u0628\u0648\u062a \u0644\u0648\u062f\u0631 \u0648 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0627\u0635\u0644\u0627\u062d \u0634\u062f\u0647 \u0631\u0627 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u0646\u062f - \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0648 \u062f\u0648\u0631 \u0632\u062f\u0646 \u0639\u0645\u0644\u06a9\u0631\u062f\u0647\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0648 \u0628\u0631\u0631\u0633\u06cc \u06cc\u06a9\u067e\u0627\u0631\u0686\u06af\u06cc \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647.\n\n\u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 PLC\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0631\u0627 \u0631\u0645\u0632\u06af\u0634\u0627\u06cc\u06cc \u06a9\u0646\u062f \u0648 \u0645\u06cc\u0627\u0646\u200c\u0627\u0641\u0632\u0627\u0631 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u0642\u0627\u0628\u0644 \u0628\u0648\u062a\u200c\u067e\u0630\u06cc\u0631 \u062e\u0648\u062f \u0631\u0627 \u062f\u0631 \u0628\u06cc\u0634 \u0627\u0632 100 \u0645\u062f\u0644 \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f.\n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0633\u062a\u0644\u0632\u0645 \u062f\u0633\u062a\u0631\u0633\u06cc \u0641\u06cc\u0632\u06cc\u06a9\u06cc \u0628\u0647 PLC \u0647\u062f\u0641 \u0627\u0633\u062a. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u0645\u062d\u0642\u0642\u0627\u0646 \u062e\u0627\u0637\u0631\u0646\u0634\u0627\u0646 \u06a9\u0631\u062f\u0646\u062f\u060c \u06cc\u06a9 \u0647\u06a9\u0631 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc RCE \u062f\u06cc\u06af\u0631\u06cc \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0645\u062e\u0631\u0628 \u0631\u0648\u06cc \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f.\n\n\u0632\u06cc\u0645\u0646\u0633 \u0628\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f \u0648 \u062a\u0648\u0635\u06cc\u0647 \u06a9\u0631\u062f \u06a9\u0647 \u0627\u0642\u062f\u0627\u0645\u0627\u062a\u06cc \u0627\u0646\u062c\u0627\u0645 \u0634\u0648\u062f \u062a\u0627 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u0634\u0648\u062f \u06a9\u0647 \u0641\u0642\u0637 \u067e\u0631\u0633\u0646\u0644 \u0645\u0648\u0631\u062f \u0627\u0639\u062a\u0645\u0627\u062f \u0628\u0647 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u0641\u06cc\u0632\u06cc\u06a9\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0631\u0646\u062f.\n\n\u062f\u0631 \u0647\u0645\u0627\u0646 \u0632\u0645\u0627\u0646\u060c \u0633\u0627\u0632\u0646\u062f\u0647 \u0628\u0647 \u0637\u0648\u0631 \u062c\u062f\u0627\u06af\u0627\u0646\u0647 \u0628\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0627\u0637\u0644\u0627\u0639 \u062f\u0627\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0646\u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0628\u0627 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0645\u06cc\u0627\u0646\u200c\u0627\u0641\u0632\u0627\u0631 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f \u0648 \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u0647\u06cc\u0686 \u0627\u0635\u0644\u0627\u062d\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0631\u06cc\u0632\u06cc \u0646\u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0633\u062e\u062a\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u062c\u062f\u06cc\u062f\u06cc \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0634\u06a9\u0644 \u0628\u0631\u062e\u06cc \u0627\u0632 \u067e\u0631\u062f\u0627\u0632\u0646\u062f\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0631\u0633\u06cc\u062f\u06af\u06cc \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0628\u0642\u06cc\u0647 \u062f\u0631 \u062f\u0633\u062a \u062a\u0648\u0633\u0639\u0647 \u0647\u0633\u062a\u0646\u062f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-01-27T19:06:21.000000Z"}, {"uuid": "9afbbd2a-af17-457f-ba04-3925a2bd0e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38773", "type": "seen", "source": "https://t.me/ctinow/86561", "content": "Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)\n\nhttps://ift.tt/RKkymf7", "creation_timestamp": "2023-01-12T17:08:05.000000Z"}, {"uuid": "bb5c8d0e-4364-42bf-a40c-7b1d9f58e893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38779", "type": "seen", "source": "https://t.me/cibsecurity/58674", "content": "\u203c CVE-2022-38779 \u203c\n\nAn open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T02:17:31.000000Z"}, {"uuid": "42d656ec-7505-4228-9a27-770435931912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3877", "type": "seen", "source": "https://t.me/crackcodes/1979", "content": "#exploit\n1. CVE-2020-9854:\n\"Unauthd\" - three logic bugs ftw\nhttps://objective-see.org/blog/blog_0x4D.html\n\n2. CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:\nVulnerabilities in Passwordstate\nhttps://www.modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html", "creation_timestamp": "2022-12-24T17:39:19.000000Z"}, {"uuid": "7383ce7f-1a4c-4a7c-a1f9-b75277175f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38773", "type": "seen", "source": "https://t.me/cibsecurity/56224", "content": "\u203c CVE-2022-38773 \u203c\n\nAffected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T14:28:29.000000Z"}, {"uuid": "8486b0a2-ab06-4172-8c56-044d038f4cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38777", "type": "seen", "source": "https://t.me/cibsecurity/57813", "content": "\u203c CVE-2022-38777 \u203c\n\nAn issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-09T00:25:17.000000Z"}, {"uuid": "d87be515-db68-4d2b-9c5d-1c7fa55f4372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38778", "type": "seen", "source": "https://t.me/cibsecurity/57816", "content": "\u203c CVE-2022-38778 \u203c\n\nA flaw (CVE-2022-38900) was discovered in one of Kibana\u00e2\u20ac\u2122s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-09T00:25:21.000000Z"}, {"uuid": "96ccf865-b2a4-41ba-a30a-1a0760407214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3877", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7411", "content": "#exploit\n1. CVE-2020-9854:\n\"Unauthd\" - three logic bugs ftw\nhttps://objective-see.org/blog/blog_0x4D.html\n\n2. CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:\nVulnerabilities in Passwordstate\nhttps://www.modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html", "creation_timestamp": "2022-12-23T22:31:07.000000Z"}, {"uuid": "6ab79090-f024-4cfc-8b6f-a58bc8947677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3877", "type": "seen", "source": "https://t.me/cibsecurity/54846", "content": "\u203c CVE-2022-3877 \u203c\n\nA vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216246 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:32.000000Z"}, {"uuid": "03846574-6445-42ac-b346-18b48489c28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38770", "type": "seen", "source": "https://t.me/cibsecurity/49747", "content": "\u203c CVE-2022-38770 \u203c\n\nThe mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch other users' data upon a successful login request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T02:25:51.000000Z"}, {"uuid": "502802cb-945d-4005-8104-5ac7ebbaf27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38771", "type": "seen", "source": "https://t.me/cibsecurity/49745", "content": "\u203c CVE-2022-38771 \u203c\n\nThe mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T02:25:49.000000Z"}]}