{"vulnerability": "CVE-2023-28581", "sightings": [{"uuid": "1648110c-01e8-4fad-a291-c9167b8a5956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28581", "type": "seen", "source": "https://t.me/malwaresupport/40", "content": "Android fixes 0-day vulnerability exploited by hackers\n\nSeptember updates for Android fixed 33 vulnerabilities in Google's operating system, including a zero-day issue that is currently being exploited by attackers.\n\nThe 0-day vulnerability is identified as CVE-2023-35674 and is a flaw in the Android Framework that allows attackers to escalate privileges. Exploiting the bug does not require user interaction or any additional privileges.\n\nThe company\u00a0says that the vulnerability has already been subject to \u201climited, targeted exploitation,\u201d but details about these attacks are not yet known.\n\nThree other privilege escalation issues have also been fixed as part of the Android Framework. The most severe of these \"can result in local escalation of privilege and do not require additional privileges to execute\" or any user interaction.\n\nAdditionally, the September updates fix three critical flaws in the Android System component (CVE-2023-35658, CVE-2023-35673, CVE-2023-35681) and one in closed-source Qualcomm components (CVE-2023-28581).\n\nVulnerabilities in the Android System can lead to remote code execution (RCE) and also do not require additional privileges or user interaction.\n\nIn turn, a bug in Qualcomm components is described as a violation of the integrity of information in the WLAN firmware memory. This vulnerability could allow remote attackers to execute arbitrary code, read sensitive information, or cause system crashes.\n\nAs usual, Google has divided the fixes into two levels: \u00a02023-09-01 and 2023-09-05. Level 2023-09-05 contains all the security fixes from the first set, as well as additional fixes for closed source and third-party kernel components that may not be relevant to all Android devices.\n\nThis month's updates cover versions of Android 11, 12, and 13, and may also affect older, unsupported versions of the OS.\n\nProject: @Redscriptandroidbotnet\n\nPrivate: @vpn809", "creation_timestamp": "2023-09-24T15:30:19.000000Z"}, {"uuid": "217e31a2-37b2-4b91-ab1d-b344064d8047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28581", "type": "seen", "source": "https://t.me/kasperskyb2b/866", "content": "\ud83c\udf4f\ud83d\udcf1  \u0420\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u0432  Android \u0438 iOS \u2014 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u0441\u044f\n\n\u0412\u044b\u0448\u0435\u0434\u0448\u0438\u0435 \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f Android \u0438 iOS \u0441\u0442\u043e\u044f\u0442 \u043f\u0440\u0438\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\nCVE-2023-41064 \u0438 CVE-2023-41061 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 iOS \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u0441\u0432\u0435\u0436\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 16.6 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 NSO Group.  \u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 PassKit  \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b. \u041d\u0430\u0448\u0435\u0434\u0448\u0438\u0435 \u043e\u0434\u043d\u0443 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b CitizenLab \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 BLASTPASS \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c lockdown mode. \u041d\u0443 \u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430-\u043c\u0438\u043d\u0438\u043c\u0443\u043c \u2014 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 16.6.1. \u0422\u0430\u043a\u0436\u0435 \u044d\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 watchOS \u0438 macOS Ventura.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0432 Google \u0437\u0430\u043a\u0440\u044b\u043b\u0438 CVE-2023-35674, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Android Framework, \u043a\u043e\u0442\u043e\u0440\u0430\u044f  \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. Google \u0441\u043a\u0440\u043e\u043c\u043d\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u0432 \u0441\u043d\u043e\u0441\u043a\u0435, \u0447\u0442\u043e \u00ab\u0435\u0441\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439, \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb, \u043d\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439. \n\u0422\u043e \u0436\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0435\u0449\u0451 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 4 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u2014 3 RCE \u0432 System \u0438 \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0443\u044e CVE-2023-28581 \u0432 WLAN-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Qualcomm, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0438\u043c\u0435\u044e\u0449\u0443\u044e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u0439 CVSS 9.8. \n\u0412\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 AOSP \u0438\u043b\u0438 \u0447\u0438\u0441\u0442\u043e\u0433\u043e Google Android \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 11 \u043f\u043e 13 \u0440\u0430\u0434\u043e\u0441\u0442\u043d\u043e \u0431\u0435\u0433\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f, \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0432\u0441\u0435\u0433\u043e \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043c\u0438\u0440\u0435\u043d\u043d\u043e \u0436\u0434\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 \u0441\u0432\u043e\u0435\u0433\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u044e\u0442 \u0438\u0445 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u0447\u0430\u0449\u0435. \ud83d\udd34\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-09-08T09:35:22.000000Z"}]}