{"vulnerability": "CVE-2023-2554", "sightings": [{"uuid": "345858cd-5256-4f49-9981-4c820caebcdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25547", "type": "seen", "source": "https://t.me/kasperskyb2b/464", "content": "\u0414\u0430\u0439\u0434\u0436\u0435\u0441\u0442 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \u043f\u0430\u0442\u0447\u0435\u0439  \ud83e\ude79\ud83e\ude79\ud83e\ude79\u0437\u0430 \u044d\u0442\u0443 \u043d\u0435\u0434\u0435\u043b\u044e:\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e, \u00ab\u043d\u0430 \u0445\u0432\u043e\u0441\u0442\u00bb Microsoft \u0441 \u0435\u0451 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0435\u0439 Patch Tuesday \u00ab\u0443\u043f\u0430\u043b\u0438\u00bb \u043c\u043d\u043e\u0433\u0438\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u0432\u044f\u0442\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0430\u043c \u043f\u043e\u0447\u0442\u0438 \u0446\u0435\u043b\u0438\u043a\u043e\u043c:\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, Office \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043f\u043e\u0447\u0442\u0438 80 \u0437\u0430\u043f\u043b\u0430\u0442\u043e\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0444\u0438\u043a\u0441\u044b \u0434\u043b\u044f  3 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0438 9 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\nAdobe \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 9 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0441\u0442\u043e\u0438\u0442  \u043f\u0430\u0447\u043a\u0430 RCE \u0432 Photoshop (CVE-2023-21574 .. 21578)\n\nApple \u0441\u0440\u043e\u0447\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 iOS \u0438 macOS  \n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c\u0443 opensource \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u043c\u0443 \u043c\u043e\u0434\u0443\u043b\u044e  ClamAV, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0430\u0440\u0441\u0435\u0440\u0435 HFS+ (CVE-2023-20032, CVSS 9.8).\n\nIntel \u0438\u0437\u043e \u0432\u0441\u0435\u0445 \u0441\u0438\u043b \u0440\u0430\u0437\u0432\u043b\u0435\u043a\u0430\u043b\u0430 \u0430\u0434\u043c\u0438\u043d\u043e\u0432, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0430\u0434\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c 31 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u0438 \u0432\u043d\u0438\u043a\u043d\u0443\u0442\u044c \u0432 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0432 \u043a\u0430\u0436\u0434\u043e\u043c. \u041d\u0430 \u0434\u043e\u043b\u044e Software Guard Extensions (SGX) \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 5 CVE.\n\u0410 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2021-39296  \u0441 CVSS 10.0 \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 IPMI lan+. \u0421\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f IMPI \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0430\u0442 \u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a BMC \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0443 Intel, \u043a\u0440\u043e\u043c\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438 \u0441\u043e\u0444\u0442\u0430, \u043d\u0443\u0436\u043d\u044b \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430 \u0447\u0438\u043f\u043e\u0432. \n\nSchneider \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u00ab\u0432\u0441\u0435\u0433\u043e\u00bb 10 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0445\u0441\u044f \u043a \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c EcoStruxture, StruxtureWave, Merten KNX \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0434\u0440\u0443\u0433\u0438\u043c.  \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 StruxtureWave Data Center Expert (CVE-2023-25547..25555, CVSS \u043e\u0442 5.6 \u0434\u043e 8.8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043d\u0435\u0448\u0442\u0430\u0442\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f. \n\nSiemens \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 22 \u043c\u0430\u0441\u0441\u0438\u0432\u043d\u044b\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 80 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445  \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u0441\u043e\u0444\u0442\u0435 COMOS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438/\u0438\u043b\u0438 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438  (CVE-2023-24482, CVSS 10.0).\n\u0421\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043b\u043e\u0445\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0433\u043e (\u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0433\u043e) \u043a\u043b\u044e\u0447\u0430 \u0432 SINUMERIK ONE an\u0438  SINUMERIK MC  (CVSS 9.3).\n\u0426\u0435\u043b\u044b\u0439 \u0431\u0443\u043a\u0435\u0442 \u0444\u0438\u043a\u0441\u043e\u0432 \u0432 Brownfield Connectivity \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0432 \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u0439\u0441\u044f \u00ab\u043f\u043e\u0434 \u043a\u0430\u043f\u043e\u0442\u043e\u043c\u00bb \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435  OpenSSL", "creation_timestamp": "2023-02-19T09:01:50.000000Z"}, {"uuid": "c55f1d4a-dc1c-4d76-b8c7-d2454f3ac812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25548", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25548\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nA CWE-863: Incorrect Authorization vulnerability exists that could allow access to device\ncredentials on specific DCE endpoints not being properly secured when a hacker is using a low\nprivileged user. \n\n Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)\n\n\n\ud83d\udccf Published: 2023-04-18T20:32:42.718Z\n\ud83d\udccf Modified: 2025-03-03T19:17:53.318Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&amp;p_enDocType=Security+and+Safety+Notice&amp;p_File_Name=SEVD-2023-045-02.pdf", "creation_timestamp": "2025-03-03T19:30:51.000000Z"}, {"uuid": "edd2674a-4c63-470e-95eb-73f5ed1e4f69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25549", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6262", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25549\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \n\n\n\n\n\n\nA CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that\nallows for remote code execution when using a parameter of the DCE network settings\nendpoint. \n\n\n\n\n \n\n \n\n Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)\n\n\n\ud83d\udccf Published: 2023-04-18T20:35:42.008Z\n\ud83d\udccf Modified: 2025-03-03T19:14:28.433Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&amp;p_enDocType=Security+and+Safety+Notice&amp;p_File_Name=SEVD-2023-045-02.pdf", "creation_timestamp": "2025-03-03T19:30:57.000000Z"}, {"uuid": "069525b5-5035-4be3-8357-6db284ad71cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25540", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7159", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25540\n\ud83d\udd25 CVSS Score: 6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)\n\ud83d\udd39 Description: \nDell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service.\n\n\n\ud83d\udccf Published: 2023-02-28T16:30:31.210Z\n\ud83d\udccf Modified: 2025-03-11T14:08:27.428Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security", "creation_timestamp": "2025-03-11T14:39:59.000000Z"}, {"uuid": "b1883353-3818-4e32-b174-404723139aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2554", "type": "seen", "source": "https://t.me/cibsecurity/63398", "content": "\u203c CVE-2023-2554 \u203c\n\nExternal Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-06T00:25:16.000000Z"}, {"uuid": "65351bee-2876-4582-96b2-59ee6fa86b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25547", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/709", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u062d\u06cc\u0627\u062a\u06cc StruxureWare Data Center Expert \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u062e\u0637\u0627\u0647\u0627\u06cc\u06cc \u062f\u0631 \u0646\u06af\u0647\u062f\u0627\u0631\u06cc \u0627\u0634\u06cc\u0627 \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u06a9\u0634\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a.  \n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f\n\n BDU:2023-00806\n CVE-2023-25547\n\n \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n - \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0634\u062f\u0647\n - \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u061b\n - \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n - \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u0635\u0646\u0639\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n - \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\n https://download.schneider-electric.com/files\u061fp_doc_ref=sevd-2023-045-02&amp;p_endoctype=security+safety+notice&amp;p_file_name=sevd-2023-045-045-02.02.pdf &amp; _ga=2\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-02-23T17:39:26.000000Z"}, {"uuid": "cb2f84c2-811a-4e55-96f0-0c103fb1857d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25548", "type": "seen", "source": "https://t.me/ics_cert/714", "content": "\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u062d\u06cc\u0627\u062a\u06cc StruxureWare Data Center Expert \u0628\u0647 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0631\u0648\u06cc\u0647 \u0645\u062c\u0648\u0632 \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc\u200c\u0634\u0648\u062f. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f\n\nBDU: 2023-01103\nCVE-2023-25548\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0634\u062f\u0647\n- \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u0635\u0646\u0639\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\nhttps://download.schneider-electric.com/files\u061fp_doc_ref=sevd-2023-045-02&amp;p_endoctype+ security+safety+notice&amp;p_file_name=sevd-2023-045-045-02.02.pdf=2.136363631852\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2024-07-06T04:18:25.000000Z"}, {"uuid": "f888dbd1-56b0-430a-bfb5-d9f533402193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25546", "type": "seen", "source": "https://t.me/cvedetector/5749", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-25546 - Intel UEFI Firmware Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-25546 \nPublished : Sept. 16, 2024, 5:15 p.m. | 14\u00a0minutes ago \nDescription : Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. \nSeverity: 2.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-16T19:32:43.000000Z"}, {"uuid": "9da25209-a611-4b7f-b0cc-2b7ccc2056ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25543", "type": "seen", "source": "https://t.me/ctinow/179825", "content": "https://ift.tt/7TCXeO5\nCVE-2023-25543", "creation_timestamp": "2024-02-06T08:26:52.000000Z"}, {"uuid": "4307960f-1a5c-49f2-b688-b93506e2e451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25547", "type": "seen", "source": "https://t.me/cibsecurity/62398", "content": "\u203c CVE-2023-25547 \u203c\n\nA CWE-863: Incorrect Authorization vulnerability exists that could allow remote code execution on upload and install packages when a hacker is using a low privileged user account. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T00:29:42.000000Z"}, {"uuid": "fcd5208c-9cbd-461c-8527-f0d481d16393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25548", "type": "seen", "source": "https://t.me/cibsecurity/62386", "content": "\u203c CVE-2023-25548 \u203c\n\nA CWE-863: Incorrect Authorization vulnerability exists that could allow access to device credentials on specific DCE endpoints not being properly secured when a hacker is using a low privileged user. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T00:29:24.000000Z"}, {"uuid": "a6bc3f30-68d4-4c96-897e-9a016de55a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25542", "type": "seen", "source": "https://t.me/cibsecurity/61527", "content": "\u203c CVE-2023-25542 \u203c\n\nDell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-06T12:26:56.000000Z"}, {"uuid": "0fd1dd28-4baf-4180-b41f-56da05058041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25544", "type": "seen", "source": "https://t.me/cibsecurity/59236", "content": "\u203c CVE-2023-25544 \u203c\n\nDell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T18:33:36.000000Z"}, {"uuid": "c469ff5f-d7e5-4de7-bca4-c2862803ae93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25540", "type": "seen", "source": "https://t.me/cibsecurity/59129", "content": "\u203c CVE-2023-25540 \u203c\n\nDell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-28T20:27:58.000000Z"}]}