{"vulnerability": "CVE-2023-2174", "sightings": [{"uuid": "f7e6116e-ca29-49f5-8e76-662800648e53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21747", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html", "content": "", "creation_timestamp": "2024-04-18T16:45:00.000000Z"}, {"uuid": "967ba675-3122-47ad-a818-ca5d1ef6e85e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21749", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html", "content": "", "creation_timestamp": "2024-04-18T16:45:00.000000Z"}, {"uuid": "4c4ecc04-abc8-43b7-bb64-a4895da8bc4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html", "content": "", "creation_timestamp": "2024-04-18T16:45:00.000000Z"}, {"uuid": "74241bb3-6f8f-4ad0-853e-d903e1bf40f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21747", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html", "content": "", "creation_timestamp": "2024-12-19T18:03:00.000000Z"}, {"uuid": "85fa0bfa-cb27-4e7c-9e9b-4122296b835a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html", "content": "", "creation_timestamp": "2024-12-19T18:03:00.000000Z"}, {"uuid": "9b67958d-7cfa-42a5-b03d-e084586e146d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-8-exploitation.html", "content": "", "creation_timestamp": "2025-05-28T16:09:15.861000Z"}, {"uuid": "a3dbca2b-b9bb-413f-8dc6-f9c4b0810f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/04/the-windows-registry-adventure-6-kernel.html", "content": "", "creation_timestamp": "2025-04-16T19:34:14.680000Z"}, {"uuid": "85ed0e99-20a2-4795-81ae-b9f6a05580ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21747", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T07:05:54.874000Z"}, {"uuid": "5dc23048-ce5f-455d-b2e9-61280199d0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-21746", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnfsedef6ck2", "content": "", "creation_timestamp": "2025-04-22T13:39:43.599240Z"}, {"uuid": "f5a9632a-88c6-442c-81d1-18d56966451a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T07:05:54.874000Z"}, {"uuid": "a75edeec-fd51-4ac2-a847-d3a48d293209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/119", "content": "\u26a1\ufe0f\u0414\u0435\u0442\u0435\u043a\u0442\u0438\u043c Local Potato \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435\n\n\u041a\u0430\u043a \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043d\u043e\u0432\u0443\u044e LPE \u0438\u0437 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 \u043a\u0430\u0440\u0442\u043e\u0444\u0435\u043b\u044c\u043d\u044b\u0445 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438\u0441\u044c! \u0410 \u043a\u0430\u043a \u0436\u0435 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c?\ud83e\uddd1\u200d\ud83d\udcbb\n\n\u0412 \u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438\u043c\u0435\u0440\u043e\u0432 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f Local Potato, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438, \u043f\u043e \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c\ud83d\udee0\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b:\nhttps://otosection.com/detecting-localpotato-cve-2023-21746-privilege-escalation-attacks-on-windows/\n\n#forensics #soc #windows", "creation_timestamp": "2023-10-11T05:16:52.000000Z"}, {"uuid": "1094d8da-cdb0-4afd-a57d-aa34783854f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-8-exploitation.html", "content": "", "creation_timestamp": "2025-05-28T05:00:00.000000Z"}, {"uuid": "bf16b127-a84a-4d35-b623-a29b8d99b954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21747", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T05:00:00.000000Z"}, {"uuid": "bfd9cf1e-0d65-4806-b320-eb303350d6e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T05:00:00.000000Z"}, {"uuid": "3a1a61e5-77e0-4757-8d00-a426536b9ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/115", "content": "\u26a1\ufe0fCVE-2023-21746: Local Potato\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c  \u0438 \u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0435\u0439 system\ud83d\udcbb\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442:\nhttps://github.com/decoder-it/LocalPotato?ysclid=lnhtdy7ve690377946\n\n#cve #privesc #windows", "creation_timestamp": "2023-10-10T07:43:02.000000Z"}, {"uuid": "9db0ba9e-c075-415b-b9b4-2d18910fab9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2708", "content": "\u0420\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 LocalPotato CVE-2023-21746 \u043d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u043c \u044f\u0437\u044b\u043a\u0435!\n\nLocalPotato CVE-2023-21746 Windows LPE\n\n\u041f\u043e\u0441\u043b\u0435 \u043e\u0431\u0448\u0438\u0440\u043d\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u044b \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \"LocalPotato\", \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u0438\u044f NTLM \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435/\u0437\u0430\u043f\u0438\u0441\u044c \u0444\u0430\u0439\u043b\u043e\u0432. \u0421\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u0444\u0430\u0439\u043b \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u043d\u0430\u043c \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u043e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0434\u043e SYSTEM.\n\n\u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u0431\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0438 \u0442\u043e, \u043a\u0430\u043a \u043e\u043d \u0431\u044b\u043b \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d. \u0414\u0430\u043d\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0434\u043b\u044f Red&amp;Blue Team!", "creation_timestamp": "2023-02-15T12:36:57.000000Z"}, {"uuid": "66abb9ce-4dcf-4ce8-bbd5-98f46147473f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4617", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJust localpotato.exe and CVE-2023-21746\nURL\uff1ahttps://github.com/ShiroiBoushi/Privesc-Flipper-Zero\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-25T18:11:38.000000Z"}, {"uuid": "c175ef49-89ba-46f7-bfbc-66d250af55ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21743", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5995", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21743\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft SharePoint Server Security Feature Bypass Vulnerability\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:14:39.154Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21743", "creation_timestamp": "2025-02-28T21:37:22.000000Z"}, {"uuid": "e9b8a7c6-6d35-4e54-979f-89d05fc6ba42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5994", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21742\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft SharePoint Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:14:44.865Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21742", "creation_timestamp": "2025-02-28T21:37:21.000000Z"}, {"uuid": "8bbdaf00-9821-4e01-b8f7-7f4551a63d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21745", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5997", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21745\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Exchange Server Spoofing Vulnerability\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:14:28.522Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21745", "creation_timestamp": "2025-02-28T21:37:23.000000Z"}, {"uuid": "b0590e71-59d2-425a-849f-9a14fa465806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21744", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5996", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21744\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft SharePoint Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:14:33.586Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21744", "creation_timestamp": "2025-02-28T21:37:23.000000Z"}, {"uuid": "35b0a69b-3c2a-4496-8212-03d991e4f2c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4130", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21742 Poc\nURL\uff1ahttps://github.com/ohnonoyesyes/CVE-2023-21742\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-07T23:56:21.000000Z"}, {"uuid": "2954bd14-c779-4dd4-9c49-576b466eb014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21748", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11544", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21748\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Windows Kernel Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-12T03:55:10.252Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21748", "creation_timestamp": "2025-04-12T04:51:22.000000Z"}, {"uuid": "bc83fff9-05d7-43b8-8620-566aef5074b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "seen", "source": "https://t.me/poxek/2707", "content": "LocalPotato CVE-2023-21746 Windows LPE\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 Windows \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 Potato ;)\n\n\u0410\u0442\u0430\u043a\u0430 LocalPotato - \u044d\u0442\u043e \u0442\u0438\u043f \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u0438\u044f NTLM, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e. \u042d\u0442\u0430 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e \u0447\u0438\u0442\u0430\u0442\u044c/\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n#CVE #POC", "creation_timestamp": "2023-02-12T10:40:25.000000Z"}, {"uuid": "ccf0eb50-bc30-493c-aa09-948e2079f905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "seen", "source": "https://t.me/YouPentest/6605", "content": "\u200aLocalPotato (CVE-2023-21746) | Windows Privilege Escalation | TryHackMe\n\nhttps://www.youtube.com/watch?v=I_ry5ausJEs", "creation_timestamp": "2023-02-27T09:45:30.000000Z"}, {"uuid": "77c6b96b-2601-4fb8-9b2b-f19c9484ebec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "seen", "source": "Telegram/wXJFleV8vEaWRjyjght-R7V6rgaHTWmrrJG5mADAecKVQmw", "content": "", "creation_timestamp": "2023-04-09T15:26:50.000000Z"}, {"uuid": "8a2b35b5-4f5a-4e6e-9aac-90aaab1e8c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/179", "content": "\u26a1\ufe0f\u0414\u0435\u0442\u0435\u043a\u0442\u0438\u043c Local Potato \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435\n\n\u041a\u0430\u043a \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043d\u043e\u0432\u0443\u044e LPE \u0438\u0437 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 \u043a\u0430\u0440\u0442\u043e\u0444\u0435\u043b\u044c\u043d\u044b\u0445 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438\u0441\u044c! \u0410 \u043a\u0430\u043a \u0436\u0435 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c?\ud83e\uddd1\u200d\ud83d\udcbb\n\n\u0412 \u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438\u043c\u0435\u0440\u043e\u0432 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f Local Potato, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438, \u043f\u043e \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c\ud83d\udee0\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b:\nhttps://otosection.com/detecting-localpotato-cve-2023-21746-privilege-escalation-attacks-on-windows/\n\n#forensics #soc #windows", "creation_timestamp": "2023-10-11T05:16:52.000000Z"}, {"uuid": "5e433f3a-c16d-4261-9e83-2029e671bcb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/175", "content": "\u26a1\ufe0fCVE-2023-21746: Local Potato\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c  \u0438 \u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0435\u0439 system\ud83d\udcbb\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442:\nhttps://github.com/decoder-it/LocalPotato?ysclid=lnhtdy7ve690377946\n\n#cve #privesc #windows", "creation_timestamp": "2023-10-10T07:43:02.000000Z"}, {"uuid": "eeb673c1-44d4-4bd3-9baa-d249e25ebdd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_wise/279", "content": "PoC Exploit for Windows NTLM Privilege Escalation Flaw (CVE-2023-21746) Published \n\nhttps://securityonline.info/poc-exploit-for-windows-ntlm-privilege-escalation-flaw-cve-2023-21746-published/", "creation_timestamp": "2024-02-17T01:16:52.000000Z"}, {"uuid": "47ad6272-59d7-47fb-9b44-1505333c658a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "seen", "source": "Telegram/YrcJwFF7LRTjg7mgQwAEoX7-6-7JVVBbOdwyqXnUuY7Sxg", "content": "", "creation_timestamp": "2023-04-17T11:58:07.000000Z"}, {"uuid": "2af44647-efc3-478f-9f45-9713b1c969d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "Telegram/7KZzqoHSC2ET3kKIXyhd8Cd9c4dqPjnm9soixVWwCixPZj8", "content": "", "creation_timestamp": "2023-04-15T08:50:14.000000Z"}, {"uuid": "94fa77ee-8360-479b-a4c7-4f4f93f33e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1307", "content": "\u0418 \u043d\u0430\u043a\u043e\u043d\u0435\u0446 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u0440\u0442\u043e\u0448\u043a\u0430 \u0434\u043b\u044f CVE-2023-21746 (Windows LPE)\n\nBlog: https://www.localpotato.com/localpotato_html/LocalPotato.html\n\nPoC: https://github.com/decoder-it/LocalPotato\n\n#git #lpe #pentest #redteam", "creation_timestamp": "2023-02-10T20:55:05.000000Z"}, {"uuid": "600da34c-9137-4c29-aef3-5374ffd56abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "Telegram/gnkQwx6inJSxhqUKKh9yJweYNoXpm03GxseVPx7LcWy13fU", "content": "", "creation_timestamp": "2023-02-10T20:56:13.000000Z"}, {"uuid": "16a1bffb-50d8-48ca-81d6-2f92264d24ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "seen", "source": "https://t.me/RespaldoHackingTeam/657", "content": "#exploit\n1. CVE-2022-46697:\nOut-of-bounds access in IOMobileFrameBuffer\nhttps://github.com/antoniozekic/Proof-of-concepts/tree/main/CVE-2022-46697\n\n2. CVE-2022-38053, CVE-2023-21742, CVE-2023-21717:\nSharePoint Webpart Property Traversal\nhttps://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-sharepoint-webpart-property-traversal-cve-2022-38053-cve-2023-21742-bc6931698a5f\n\n3. CVE-2023-23398:\nMicrosoft Excel Spoofing\nhttps://packetstormsecurity.com/files/171752/Microsoft-Excel-Spoofing.html", "creation_timestamp": "2023-04-13T07:13:01.000000Z"}, {"uuid": "78da15d0-6a44-4abf-9798-aefc7f89a736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2174", "type": "seen", "source": "https://t.me/cibsecurity/69514", "content": "\u203c CVE-2023-2174 \u203c\n\nThe BadgeOS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_badgeos_log_entries function in versions up to, and including, 3.7.1.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete the plugin's log entries.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T12:12:49.000000Z"}, {"uuid": "b1b4c050-cf7f-4bee-9588-1b306b4ee4a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21743", "type": "seen", "source": "https://t.me/cibsecurity/56291", "content": "\u203c CVE-2023-21743 \u203c\n\nMicrosoft SharePoint Server Security Feature Bypass Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:35:11.000000Z"}, {"uuid": "1b9ddc34-76e9-4aea-b18d-096c4fea435e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "seen", "source": "https://t.me/cibsecurity/56274", "content": "\u203c CVE-2023-21744 \u203c\n\nMicrosoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21742.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:34:48.000000Z"}, {"uuid": "c4b2d263-9c7e-46fc-9a2c-0cea6d9a6941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "seen", "source": "https://t.me/cibsecurity/56254", "content": "\u203c CVE-2023-21746 \u203c\n\nWindows NTLM Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:28:44.000000Z"}, {"uuid": "9a6a3864-cd8f-4414-b71c-2ffd8382cb29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "seen", "source": "https://t.me/xakep_ru/14977", "content": "\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u043a\u0430\u0440\u0442\u043e\u0448\u043a\u0430. \u0418\u0441\u0441\u043b\u0435\u0434\u0443\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Windows #\u0441\u0442\u0430\u0442\u044c\u0438 #\u043f\u043e\u0434\u043f\u0438\u0441\u0447\u0438\u043a\u0430\u043c\n\n\u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u0440\u0435\u0447\u044c \u043f\u043e\u0439\u0434\u0435\u0442 \u043e\u0431\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (LPE) \u0432\u00a0\u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 Windows. \u0411\u0430\u0433 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0441\u0432\u044f\u0437\u0430\u043d \u0441\u00a0NTLM-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043e\u00a0\u0442\u043e\u043c, \u043a\u0430\u043a\u00a0\u043e\u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0435\u043d\u0430, \u0430\u00a0\u043f\u043e\u0442\u043e\u043c \u043f\u0435\u0440\u0435\u0439\u0434\u0435\u043c \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043a\u00a0\u0440\u0430\u0437\u0431\u043e\u0440\u0443 CVE-2023-21746.\n\nhttps://xakep.ru/2023/11/14/local-potato/", "creation_timestamp": "2023-11-14T14:08:04.000000Z"}, {"uuid": "d610b1f2-01b1-4c83-97cd-9d3a91530427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21744", "type": "seen", "source": "https://t.me/cibsecurity/56274", "content": "\u203c CVE-2023-21744 \u203c\n\nMicrosoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21742.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:34:48.000000Z"}, {"uuid": "83b3ae36-bd51-43ce-8b67-ff5e3691b737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21746", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7732", "content": "#exploit\n1. CVE-2021-45335, CVE-2021-45336, CVE-2021-45337:\nEoP from Everyone through Avast Sandbox to System AmPPL\nhttps://the-deniss.github.io/posts/2023/02/09/elevation-of-privileges-from-everyone-through-avast-av-sandbox-to-system-amppl.html\n\n2. CVE-2023-21746:\nThe LocalPotato attack - type of NTLM reflection attack that targets local authentication\nhttps://github.com/decoder-it/LocalPotato", "creation_timestamp": "2023-02-14T04:50:02.000000Z"}, {"uuid": "709c8944-e459-4bbb-8f0b-fab2596ceca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21742", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8083", "content": "#exploit\n1. CVE-2022-46697:\nOut-of-bounds access in IOMobileFrameBuffer\nhttps://github.com/antoniozekic/Proof-of-concepts/tree/main/CVE-2022-46697\n\n2. CVE-2022-38053, CVE-2023-21742, CVE-2023-21717:\nSharePoint Webpart Property Traversal\nhttps://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-sharepoint-webpart-property-traversal-cve-2022-38053-cve-2023-21742-bc6931698a5f\n\n3. CVE-2023-23398:\nMicrosoft Excel Spoofing\nhttps://packetstormsecurity.com/files/171752/Microsoft-Excel-Spoofing.html", "creation_timestamp": "2023-04-09T13:17:01.000000Z"}]}