{"vulnerability": "CVE-2023-2858", "sightings": [{"uuid": "217e31a2-37b2-4b91-ab1d-b344064d8047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28581", "type": "seen", "source": "https://t.me/kasperskyb2b/866", "content": "\ud83c\udf4f\ud83d\udcf1  \u0420\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u0432  Android \u0438 iOS \u2014 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u0441\u044f\n\n\u0412\u044b\u0448\u0435\u0434\u0448\u0438\u0435 \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f Android \u0438 iOS \u0441\u0442\u043e\u044f\u0442 \u043f\u0440\u0438\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\nCVE-2023-41064 \u0438 CVE-2023-41061 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 iOS \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u0441\u0432\u0435\u0436\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 16.6 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 NSO Group.  \u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 PassKit  \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b. \u041d\u0430\u0448\u0435\u0434\u0448\u0438\u0435 \u043e\u0434\u043d\u0443 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b CitizenLab \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 BLASTPASS \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c lockdown mode. \u041d\u0443 \u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430-\u043c\u0438\u043d\u0438\u043c\u0443\u043c \u2014 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 16.6.1. \u0422\u0430\u043a\u0436\u0435 \u044d\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 watchOS \u0438 macOS Ventura.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0432 Google \u0437\u0430\u043a\u0440\u044b\u043b\u0438 CVE-2023-35674, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Android Framework, \u043a\u043e\u0442\u043e\u0440\u0430\u044f  \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. Google \u0441\u043a\u0440\u043e\u043c\u043d\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u0432 \u0441\u043d\u043e\u0441\u043a\u0435, \u0447\u0442\u043e \u00ab\u0435\u0441\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439, \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb, \u043d\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439. \n\u0422\u043e \u0436\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0435\u0449\u0451 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 4 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u2014 3 RCE \u0432 System \u0438 \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0443\u044e CVE-2023-28581 \u0432 WLAN-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Qualcomm, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0438\u043c\u0435\u044e\u0449\u0443\u044e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u0439 CVSS 9.8. \n\u0412\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 AOSP \u0438\u043b\u0438 \u0447\u0438\u0441\u0442\u043e\u0433\u043e Google Android \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 11 \u043f\u043e 13 \u0440\u0430\u0434\u043e\u0441\u0442\u043d\u043e \u0431\u0435\u0433\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f, \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0432\u0441\u0435\u0433\u043e \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043c\u0438\u0440\u0435\u043d\u043d\u043e \u0436\u0434\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 \u0441\u0432\u043e\u0435\u0433\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u044e\u0442 \u0438\u0445 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u0447\u0430\u0449\u0435. \ud83d\udd34\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-09-08T09:35:22.000000Z"}, {"uuid": "a29bf275-db48-455e-bcc5-e81319328abe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2858", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1786", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2858\n\ud83d\udd39 Description: NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file\n\ud83d\udccf Published: 2023-05-26T00:00:00\n\ud83d\udccf Modified: 2025-01-15T15:39:36.275Z\n\ud83d\udd17 References:\n1. https://www.wireshark.org/security/wnpa-sec-2023-15.html\n2. https://gitlab.com/wireshark/wireshark/-/issues/19081\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json\n4. https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html\n5. https://www.debian.org/security/2023/dsa-5429\n6. https://security.gentoo.org/glsa/202309-02", "creation_timestamp": "2025-01-15T15:55:16.000000Z"}, {"uuid": "1648110c-01e8-4fad-a291-c9167b8a5956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28581", "type": "seen", "source": "https://t.me/malwaresupport/40", "content": "Android fixes 0-day vulnerability exploited by hackers\n\nSeptember updates for Android fixed 33 vulnerabilities in Google's operating system, including a zero-day issue that is currently being exploited by attackers.\n\nThe 0-day vulnerability is identified as CVE-2023-35674 and is a flaw in the Android Framework that allows attackers to escalate privileges. Exploiting the bug does not require user interaction or any additional privileges.\n\nThe company\u00a0says that the vulnerability has already been subject to \u201climited, targeted exploitation,\u201d but details about these attacks are not yet known.\n\nThree other privilege escalation issues have also been fixed as part of the Android Framework. The most severe of these \"can result in local escalation of privilege and do not require additional privileges to execute\" or any user interaction.\n\nAdditionally, the September updates fix three critical flaws in the Android System component (CVE-2023-35658, CVE-2023-35673, CVE-2023-35681) and one in closed-source Qualcomm components (CVE-2023-28581).\n\nVulnerabilities in the Android System can lead to remote code execution (RCE) and also do not require additional privileges or user interaction.\n\nIn turn, a bug in Qualcomm components is described as a violation of the integrity of information in the WLAN firmware memory. This vulnerability could allow remote attackers to execute arbitrary code, read sensitive information, or cause system crashes.\n\nAs usual, Google has divided the fixes into two levels: \u00a02023-09-01 and 2023-09-05. Level 2023-09-05 contains all the security fixes from the first set, as well as additional fixes for closed source and third-party kernel components that may not be relevant to all Android devices.\n\nThis month's updates cover versions of Android 11, 12, and 13, and may also affect older, unsupported versions of the OS.\n\nProject: @Redscriptandroidbotnet\n\nPrivate: @vpn809", "creation_timestamp": "2023-09-24T15:30:19.000000Z"}, {"uuid": "7c51a481-cf52-4238-95b8-1fef28722a79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28582", "type": "seen", "source": "https://t.me/ctinow/199192", "content": "https://ift.tt/mp28Gus\nCVE-2023-28582", "creation_timestamp": "2024-03-04T12:32:02.000000Z"}, {"uuid": "fa83530d-ecec-4f51-8da4-6a5389832e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28586", "type": "seen", "source": "https://t.me/ctinow/158820", "content": "https://ift.tt/Kj2h86S\nCVE-2023-28586 | Qualcomm QCA8337 TEE information disclosure", "creation_timestamp": "2023-12-23T14:16:30.000000Z"}, {"uuid": "49d97580-63bc-4f65-bc2c-98b321c7a525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28585", "type": "seen", "source": "https://t.me/ctinow/158817", "content": "https://ift.tt/hq2R19a\nCVE-2023-28585 | Qualcomm QCN9022 TEE Kernel memory corruption", "creation_timestamp": "2023-12-23T13:46:52.000000Z"}, {"uuid": "5e3f314f-21bf-41b0-8010-5a7e2ca0fd3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28580", "type": "seen", "source": "https://t.me/ctinow/158845", "content": "https://ift.tt/AP3nrF5\nCVE-2023-28580 | Qualcomm 8 Gen 1 Mobile Platform WLAN Host memory corruption", "creation_timestamp": "2023-12-23T15:22:01.000000Z"}, {"uuid": "1410d4b2-82b4-4840-bd96-237a11ba76b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28588", "type": "seen", "source": "https://t.me/arpsyndicate/2764", "content": "#ExploitObserverAlert\n\nCVE-2023-28588\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2023-28588. Transient DOS in Bluetooth Host while rfc slot allocation.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-13T07:08:50.000000Z"}, {"uuid": "599e190b-4593-4e61-9bd4-98b6006b7349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28583", "type": "seen", "source": "https://t.me/cibsecurity/74144", "content": "\u203c\ufe0fCVE-2023-28583\u203c\ufe0f\n\nMemory corruption when IPv6 prefix timer objects lifetime expires which are created while Netmgr daemon gets an IPv6 address.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:32:37.000000Z"}, {"uuid": "64e18858-626b-48bc-ba2a-fa0fb506dc29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28583", "type": "seen", "source": "https://t.me/ctinow/171213", "content": "https://ift.tt/PD7oFdi\nCVE-2023-28583 | Qualcomm WSA8835 IPv6 Address memory corruption", "creation_timestamp": "2024-01-22T15:11:38.000000Z"}, {"uuid": "515fcaf2-d6ba-4e73-81f6-7b52c2a99bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28583", "type": "seen", "source": "https://t.me/ctinow/161518", "content": "https://ift.tt/gQcAJPT\nCVE-2023-28583", "creation_timestamp": "2024-01-02T07:26:54.000000Z"}, {"uuid": "5ef8e1ae-2150-4d1c-9460-5626f82b2411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28588", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9817", "content": "#exploit\n1. CVE-2024-0517:\nGoogle Chrome V8 Out-of-Bounds Write Code Execution\nhttps://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution\n\n2. CVE-2023-28588: \nTransient DOS in Bluetooth Host while rfc slot allocation\nhttps://github.com/uthrasri/CVE-2023-28588_Singlefile\n\n3. CVE-2024-22416:\nCSRF in pyload-ng\nhttps://github.com/mindstorm38/ensimag-secu3a-cve-2024-22416?tab=readme-ov-file", "creation_timestamp": "2024-01-20T19:57:37.000000Z"}]}