{"vulnerability": "CVE-2023-25355", "sightings": [{"uuid": "dc214de6-b3cd-4c79-bb4b-8b5f1a6be2c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25355", "type": "seen", "source": "https://t.me/cibsecurity/61396", "content": "\u203c CVE-2023-25355 \u203c\n\nCoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-04T16:30:55.000000Z"}, {"uuid": "2af9fd6c-68af-41f4-9bb5-10382f579dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25355", "type": "seen", "source": "Telegram/u8qFNnGbmdhDbRieM14DKohWAZiXdZjBzXfZcPy9kpGgbAw", "content": "", "creation_timestamp": "2023-03-09T09:30:40.000000Z"}, {"uuid": "d8b49e3c-ff1d-41a0-8624-2b3566ec8baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25355", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7892", "content": "#exploit\n1. CVE-2023-25355/25356:\nVulnerabilities in CoreDial sipXcom sipXopenfire\nhttps://seclists.org/fulldisclosure/2023/Mar/5\n\n2. CVE-2023-21768:\nWindows 11 22H2 LPE\nhttps://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768\nhttps://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768", "creation_timestamp": "2023-03-09T11:05:16.000000Z"}]}