{"vulnerability": "CVE-2023-21752", "sightings": [{"uuid": "bf12edf2-4d53-49aa-8d0e-b883bc54e299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10605", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2023-21752: PoC for arbitrary file delete vulnerability in Windows Backup service.\n\nhttps://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-01-15T10:42:32.000000Z"}, {"uuid": "acc305a3-8ebb-49c9-ba85-179653d351e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "exploited", "source": "https://t.me/cKure/10704", "content": "CVE-2023-21752; allows a basic user to execute arbitrary code on a host to delete files from [a] specified storage path, from Windows Backup and Restore service.\n\nThe vulnerability is triggered using the Race Condition between temporary file creation and deletion, which takes place following the authentication process.\n\nhttps://cloudsek.com/threatintelligence/cve-2023-21752-privilege-escalation-vulnerability-on-windows-backup-service\n\nhttps://www.infosecurity-magazine.com/news/hackers-exploit-flaw-windows/", "creation_timestamp": "2023-02-23T06:04:54.000000Z"}, {"uuid": "3649fe16-a3b2-4388-9a03-70f34a33b1ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/25", "content": "https://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-01-30T16:43:35.000000Z"}, {"uuid": "2435d4cf-831a-40c5-b7a0-bc61aa9cb6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "exploited", "source": "https://t.me/ckuRED/246", "content": "CVE-2023-21752; allows a basic user to execute arbitrary code on a host to delete files from [a] specified storage path, from Windows Backup and Restore service.\n\nThe vulnerability is triggered using the Race Condition between temporary file creation and deletion, which takes place following the authentication process.\n\nhttps://cloudsek.com/threatintelligence/cve-2023-21752-privilege-escalation-vulnerability-on-windows-backup-service\n\nhttps://www.infosecurity-magazine.com/news/hackers-exploit-flaw-windows/", "creation_timestamp": "2023-02-23T06:04:45.000000Z"}, {"uuid": "c8259e9a-9dcc-49da-a08e-0ba2d3ad0236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "seen", "source": "https://t.me/arpsyndicate/1820", "content": "#ExploitObserverAlert\n\nCVE-2023-21752\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2023-21752. Windows Backup Service Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.030750000\nNVD-IS: 5.2\nNVD-ES: 1.8", "creation_timestamp": "2023-12-16T12:45:00.000000Z"}, {"uuid": "626a7cff-819c-4af4-9883-04d0f384a5fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "seen", "source": "https://t.me/proxy_bar/1284", "content": "CVE-2023-21752\n\u0421\u0432\u0435\u0436\u0430\u0439\u0448\u0430\u044f \u0414\u044b\u0440\u0430 (\u043e\u0442 10 \u044f\u043d\u0432\u0430\u0440\u044f) \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Windows\nLPE \u043e\u0442 \u044e\u0437\u0435\u0440\u0430 \u0434\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u044b\nAbout vuln\nexploit\n\n#windows #exploit #lpe", "creation_timestamp": "2023-01-12T06:15:30.000000Z"}, {"uuid": "913400d1-cda0-449d-99a2-68f8f4ed1407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "Telegram/ZaYZAOQtmgzH1H3gbOVZkvb4uoesQgtbaV_yPeRmQ3kCIr8", "content": "", "creation_timestamp": "2023-01-15T14:30:52.000000Z"}, {"uuid": "ed6a532d-6843-486a-aa4c-41c80692e6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/181124", "content": "{\n  \"Source\": \"arvin_club\",\n  \"Content\": \"CVE-2023-21752 PoC for arbitrary file delete vulnerability in Windows Backup service https://github.com/Wh04m1001/CVE-2023-21752 GitHubGitHub - Wh04m1001/CVE-2023-21752 Contribute to Wh04m1001/CVE-2023-21752 development by creating an account on GitHub.\", \n  \"author\": \"ARVIN\",\n  \"Detection Date\": \"13 Jan 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-01-13T21:10:00.000000Z"}, {"uuid": "e631b822-5507-414f-9b88-7fca92900243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2251", "content": "CVE-2023-21752\nPoC for arbitrary file delete vulnerability in Windows Backup service\n https://system32.ink/news-feed/p/133/", "creation_timestamp": "2023-01-14T06:38:22.000000Z"}, {"uuid": "d0ae9097-6e79-4bf3-9560-668ddd20aa41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "Telegram/Bo5tYOUtsdBAMbfduJyemQF2sSG4nO7l9uufHxEDusCNWCs", "content": "", "creation_timestamp": "2023-02-05T06:39:05.000000Z"}, {"uuid": "bdf133bc-56c4-43d2-bee9-e76bdaab4d06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "Telegram/Gw8Rl0iP5mnAV1DMWzM0BsX5C_PaNBR5T09Ku44Y28qZWKw", "content": "", "creation_timestamp": "2023-02-03T05:32:06.000000Z"}, {"uuid": "6ef08ba7-1c46-4847-be7d-1efcf4a36cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2240", "content": "#exploit\n1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module\nhttps://github.com/Wh04m1001/RazerEoP\n\n2. CVE-2023-21752:\nPoC for arbitrary file delete vulnerability in Windows Backup service\nhttps://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-01-13T14:55:43.000000Z"}, {"uuid": "92bab4b7-806c-4392-a16b-2d071e8177ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/binary_xor/646", "content": "#windows #cve #lpe\n\n[ CVE-2023-21752 ]\n\u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u043b\n\nhttps://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-02-08T23:37:33.000000Z"}, {"uuid": "04c2fd50-e57e-48b5-8bed-782f951ac272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/393", "content": "https://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-01-12T06:49:19.000000Z"}, {"uuid": "107840c9-38c2-43fa-b182-fc9092f72d6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/6361", "content": "CVE-2023-21752\nPoC for arbitrary file delete vulnerability in Windows Backup service\nhttps://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-01-13T20:20:41.000000Z"}, {"uuid": "dc8141cc-a8b6-4089-9aa0-734b76fa7284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21752", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7538", "content": "#exploit\n1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module\nhttps://github.com/Wh04m1001/RazerEoP\n\n2. CVE-2023-21752:\nPoC for arbitrary file delete vulnerability in Windows Backup service\nhttps://github.com/Wh04m1001/CVE-2023-21752", "creation_timestamp": "2023-01-13T11:05:12.000000Z"}]}