{"vulnerability": "CVE-2023-2933", "sightings": [{"uuid": "c20d4eaf-81d9-4b0e-a540-3ce5b26ad6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "2f0fa7b9-f536-4a57-8271-4bb5ebf4ed0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971810", "content": "", "creation_timestamp": "2024-12-24T20:34:20.463428Z"}, {"uuid": "fbf66262-8d40-45ee-a5d2-020b9537e882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/296", "content": "CVE-2023-29336 exploit demo video.\n\nhttps://youtu.be/fDgq8FyXVvU", "creation_timestamp": "2023-06-09T16:51:34.000000Z"}, {"uuid": "6d8938c7-2a8d-4234-a9b8-f43f1fb14342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:42.000000Z"}, {"uuid": "efbbbaf1-e048-49b7-bff3-f71e62dc9fc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lq433m6un72e", "content": "", "creation_timestamp": "2025-05-26T21:02:15.304764Z"}, {"uuid": "157d2436-0d10-4f7f-9d4f-be27b395400c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-29330", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1086", "content": "", "creation_timestamp": "2023-08-10T04:00:00.000000Z"}, {"uuid": "b427420c-fb0b-4d81-8cc9-56df92df4f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1023", "content": "", "creation_timestamp": "2023-05-10T04:00:00.000000Z"}, {"uuid": "0b45e2f6-5fda-47b0-ad9e-913f003b89c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fe98d2c9-f512-4f9d-82bc-7bf85cc8d3b4", "content": "", "creation_timestamp": "2026-02-02T12:26:59.963761Z"}, {"uuid": "f77ab1c6-78ba-49e3-bf84-e44f7d64bdd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/cKure/11091", "content": "CVE-2023-29336 (Win32k Elevation of Privilege Vulnerability). PoC released for the bug exploited in attacks.\n\nhttps://blog.avast.com/avast-patches-microsoft-vulnerability\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336\n\nhttps://www.bleepingcomputer.com/news/security/poc-released-for-windows-win32k-bug-exploited-in-attacks/", "creation_timestamp": "2023-06-09T16:49:38.000000Z"}, {"uuid": "aa416549-e431-4966-b31f-c3cc35289c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11092", "content": "CVE-2023-29336 exploit demo video.\n\nhttps://youtu.be/fDgq8FyXVvU", "creation_timestamp": "2023-06-09T16:51:42.000000Z"}, {"uuid": "3a18b05f-b53b-4cce-b39f-282c4bba16c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/ckuRED/295", "content": "CVE-2023-29336 (Win32k Elevation of Privilege Vulnerability). PoC released for the bug exploited in attacks.\n\nhttps://blog.avast.com/avast-patches-microsoft-vulnerability\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336\n\nhttps://www.bleepingcomputer.com/news/security/poc-released-for-windows-win32k-bug-exploited-in-attacks/", "creation_timestamp": "2023-06-09T16:49:28.000000Z"}, {"uuid": "f12e2906-c459-474c-9a6a-f40565c2a2d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29330", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5804", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29330\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Teams Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-08-08T17:08:17.120Z\n\ud83d\udccf Modified: 2025-02-27T21:09:16.622Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29330", "creation_timestamp": "2025-02-27T21:26:13.000000Z"}, {"uuid": "5444952b-ccfe-41f0-922d-8eb96bcb89ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4815", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-29336\nURL\uff1ahttps://github.com/ayhan-dev/p0ropc\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-27T18:03:32.000000Z"}, {"uuid": "678eb72a-4805-496c-bf3b-b90248d7c045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/2082", "content": "Analysis of CVE-2023-29336 Win32k Privilege Escalation Vulnerability (with POC)\n\nhttps://www.numencyber.com/cve-2023-29336-win32k-analysis/\n\n#expdev #reverse #windows #poc", "creation_timestamp": "2023-09-20T10:10:18.000000Z"}, {"uuid": "ab4d0eb9-21fb-4035-9e8f-b67124dc1da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17676", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29336\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Win32k Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2023-05-09T17:03:03.549Z\n\ud83d\udccf Modified: 2025-05-27T15:56:09.811Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336", "creation_timestamp": "2025-05-27T16:53:07.000000Z"}, {"uuid": "5435fed2-eaa3-4426-9808-d0e88e91126b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29330", "type": "seen", "source": "https://t.me/kasperskyb2b/792", "content": "\ud83d\udcbb\ud83d\udfe1 \u0418\u0437 87 \u043f\u0430\u0442\u0447\u0435\u0439 Microsoft, \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430 \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0432\u043e\u043a\u0440\u0443\u0433 CVE-2023-36884. \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u0430\u043a RCE  \u0432 Office \u0438 Windows HTML, \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043f\u0435\u0440\u0435\u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows Search. \u0415\u0451 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c MotW, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0444\u0438\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439. \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Office (ADV230003), \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0435\u0440\u0432\u0430\u0442\u044c \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438 RomCom.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 CVE-2023-38180 (CVSS 7.5) \u0432 .NET \u0438 Visual Studio, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a DoS. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043d\u0435 \u043f\u0440\u0438\u0432\u0451\u043b \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0442\u043e \u0438 \u043a\u0430\u043a \u044d\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u044d\u0442\u043e\u0442 \u0431\u0430\u0433.\n\n\u0412\u0441\u0435\u0433\u043e Microsoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 23 RCE, 18 EoP, 3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 10 \u2014 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 8 DoS \u0438 12 spoofing. \n\n\u0418\u0437 \u0448\u0435\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0434\u0432\u0435 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a Teams (CVE-2023-29330 \u0438 -29328) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0435\u0441\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0430 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0442\u0441\u044f \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0441\u0442\u0440\u0435\u0447\u0435. \u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f RCE \u0432 Outlook, \u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0440\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437  Microsoft Message Queuing (CVE-2023-36911, -36910, -35385, \u0432\u0441\u0435 CVSS 9.8). \u0412\u0441\u0435\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u044d\u0442\u043e\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 11 \u0448\u0442\u0443\u043a, \u0447\u0442\u043e \u044f\u0432\u043d\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u043e\u0440\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.  \u0422\u0435\u043c, \u0443 \u043a\u043e\u0433\u043e \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 MMQ, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f  \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0441\u0442\u0440\u043e\u0433\u043e \u0440\u0435\u0433\u043b\u0430\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c TCP-\u0442\u0440\u0430\u0444\u0438\u043a \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 1801 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-09T10:07:43.000000Z"}, {"uuid": "63f7fe2a-5728-4705-8d09-c2e4d78615b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/kasperskyb2b/610", "content": "\ud83e\ude79\ud83e\ude79 \u041c\u0430\u0439\u0441\u043a\u0438\u0439 patch Tuesday: \u0434\u0432\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u044f \u0438 RCE \u0432 NFS\n\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u043f\u0430\u043a\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u0442\u043e\u043a \u043e\u0442 Microsoft \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u0439 \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 38 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u044f 11 \u0430\u043f\u0434\u0435\u0439\u0442\u043e\u0432 Edge/Chromium.\n\n12 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 8 - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 5 - \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 4 - \u043e\u0431\u0445\u043e\u0434\u0443 \u0448\u0442\u0430\u0442\u043d\u044b\u0445 \u043c\u0435\u0440 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u0414\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f: \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Win32k (CVE-2023-29336, CVSS 7.8) \u0438 \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 secure boot (CVE-2023-24932, CVSS 6.7). \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0432\u043e\u0439 CVE \u043f\u043e\u043a\u0430 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b, \u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0431\u0443\u0442\u043a\u0438\u0442\u0430 BlackLotus. \n\n\u0421\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0434\u044b\u0440 \u0440\u0435\u043a\u043e\u0440\u0434\u0441\u043c\u0435\u043d\u043e\u043c \u043f\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f RCE \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 Network File System \u0441 CVSS 9.8.  CVE-2023-24941 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u0438, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f NFS v4. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u043c\u043e\u0436\u043d\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c v2/v3, \u043d\u043e \u0443 \u044d\u0442\u0438\u0445 \u043c\u0435\u0440 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438 \u0435\u0441\u0442\u044c \u043a\u0443\u0447\u0430 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0445 \u043f\u043e\u0431\u043e\u0447\u043d\u044b\u0445 \u044d\u0444\u0444\u0435\u043a\u0442\u043e\u0432. \n\n\u0414\u0440\u0443\u0433\u0430\u044f \u043e\u043f\u0430\u0441\u043d\u0430\u044f, \u043d\u043e \u0441\u043b\u043e\u0436\u043d\u0430\u044f \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u044b\u0440\u0430  (CVE-2023-28283, CVSS 8.1) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 LDAP. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043d\u0443\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 (race condition) \u0438 \u0432 \u043d\u0451\u043c \u043f\u043e\u0431\u0435\u0434\u0438\u0442\u044c. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-05-10T09:55:33.000000Z"}, {"uuid": "47b3830c-d866-4f6a-b4bc-30c8ae56b296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/ctinow/110762", "content": "Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)\n\nhttps://ift.tt/uLCMcd7", "creation_timestamp": "2023-05-09T22:12:11.000000Z"}, {"uuid": "e6a8df31-f5c0-4fbe-a3cf-262d1cfa53ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://t.me/arpsyndicate/1083", "content": "#ExploitObserverAlert\n\nCVE-2023-29336\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-29336. Win32k Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.002000000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T01:43:06.000000Z"}, {"uuid": "f16bc998-f3b6-4fe2-bc71-b10d9b4bbe69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/1078", "content": "CVE ID : CVE-2023-29336\nSystem : win32k\nType : prvilage esclation", "creation_timestamp": "2025-03-23T10:38:41.000000Z"}, {"uuid": "cb6446f3-f529-4b31-9ad3-6133ccc971ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/KomunitiSiber/330", "content": "Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation\nhttps://thehackernews.com/2023/06/experts-unveil-poc-exploit-for-recent.html\n\nDetails have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems.\nThe vulnerability, tracked as\u00a0CVE-2023-29336, is rated 7.8 for severity and concerns an elevation of privilege bug in the Win32k component.\n\"An attacker who successfully exploited this vulnerability could gain", "creation_timestamp": "2023-06-08T18:49:51.000000Z"}, {"uuid": "6cbfd5a3-5533-40d9-b25c-3f8d4ad28876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "Telegram/2jI9ipqhvpRpCaVJhnj5I7AMSHGNCNmNCExgXqH-40xRwg", "content": "", "creation_timestamp": "2023-06-08T20:20:17.000000Z"}, {"uuid": "f01a5e5f-7172-4ebe-aa2c-001c0da06d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://t.me/GhostPrincess/11698", "content": "Top 3 trending CVEs on Twitter\n\nPast 24 hrs:\nCVE-2023-27363: 247K (audience size)\nCVE-2023-32243: 188.3K\nCVE-2023-24932: 164K\n\nPast 7 days:\nCVE-2023-24932: 4.5M\nCVE-2023-29336: 3.2M\nCVE-2023-27350: 3M\n\nhttps://cvetrends.com", "creation_timestamp": "2023-05-16T03:30:50.000000Z"}, {"uuid": "424cff9f-63cf-4cd4-a99e-b03a13386602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "Telegram/r22pFXmDZqXqazCOKYPzeracfiXcszn9UCn9OvsY6zNdtQ", "content": "", "creation_timestamp": "2023-07-28T17:15:49.000000Z"}, {"uuid": "ad59917f-178a-4acf-ba90-ac74608fa976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "Telegram/Br2OpH7o_MWfREYUYid276mb8IdKTXovISPbJMRVK8IsJQ", "content": "", "creation_timestamp": "2023-06-09T06:58:31.000000Z"}, {"uuid": "35a7d8d7-dd6e-4b88-ae1b-cbf4dbc1b4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3956", "content": "\ud83d\udcccWeee! \u2013 sayweee.com leak : https://system32.ink/weee-sayweee.com-leak/\n\n\ud83d\udc8bElitemate.com Dating Site Leak  : https://system32.ink/elitemate.com-dating-site-leak/\n\n\ud83d\udccdKILLSHOT \u2013 A Penetration Testing Framework  : https://system32.ink/killshot-a-penetration-testing-framework/\n\n\ud83e\ude85CVE-2023-29336 Exploit  : https://system32.ink/cve-2023-29336-exploit/\n\n\ud83d\udcccWSPCoerce \u2013 PoC to coerce authentication from Windows hosts using MS-WSP : https://system32.ink/wspcoerce-poc-to-coerce-authentication-from-windows-hosts-using-ms-wsp/\n\n@Crackcodes | System32.ink | Crackcodes.in", "creation_timestamp": "2023-07-28T18:01:53.000000Z"}, {"uuid": "f24e3f9a-50ee-44eb-8c1b-6e16b38b1c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1646", "content": "CVE-2023-29336\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u044f\u0434\u0440\u0430 Win32k \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u0434\u043e\u043d\u043a\u0430\u043c\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u043c\u0438 \u043b\u044e\u0434\u044c\u043c\u0438 RTF-\u0444\u0430\u0439\u043b\u0430. \nLPE \u0434\u043e system\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430\n\n\n#windows #lpe", "creation_timestamp": "2023-07-27T17:47:42.000000Z"}, {"uuid": "74664eef-cce0-4153-8604-7ddde9fd60a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "Telegram/LU1sScu7W_gCi8pVCZM_DeDIRIPxh6CyCbmgXzkycCVblFA", "content": "", "creation_timestamp": "2023-08-25T16:41:56.000000Z"}, {"uuid": "32545f96-8185-4310-9276-20560d82894b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://t.me/true_secator/4360", "content": "\u041c\u0430\u0439\u0441\u043a\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Microsoft PatchTuesday \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 40 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 \u0434\u0432\u0435 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 0-day,\u00a0CVE-2023-29336, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Win32k, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u042d\u0442\u043e\u0442 \u0442\u0438\u043f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043e\u0431\u044b\u0447\u043d\u043e \u0441\u043e\u0447\u0435\u0442\u0430\u0435\u0442\u0441\u044f \u0441 RCE-\u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043e\u0431 \u044d\u0442\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Avast, \u044d\u0442\u043e \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u044b\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u043c. \u041d\u043e Microsoft \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 \u0432 \u0442\u0430\u0439\u043d\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e ESET \u0438 SentinelOne, \u0434\u0440\u0443\u0433\u0430\u044f CVE-2023-24932 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0438\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u0430\u043c\u043e\u0437\u0430\u0432\u0435\u0440\u044f\u044e\u0449\u0438\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 UEFI.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0431\u0443\u0442\u043a\u0438\u0442\u043e\u043c BlackLotus UEFI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445.\n\n\u041d\u043e \u0441\u0442\u043e\u0438\u0442 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c, \u0447\u0442\u043e \u043c\u0430\u0439\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Microsoft \u043d\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0440\u0443\u0447\u043d\u043e\u0433\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \n\n\u0410\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043e\u0442\u0437\u044b\u0432\u0430 \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday, \u0430 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f - \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Microsoft, \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2023-24932 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043e\u0437\u0432\u0430\u0442\u044c \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u044b \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0447\u0442\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043e\u0431\u0440\u0430\u0442\u0438\u043c\u044b\u043c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 Microsoft \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows (CVE-2023-24941), Windows Pragmatic General Multicast (CVE-2023-24943) \u0438 Windows OLE (CVE-2023-29325).\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b, RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-24955) \u0432 SharePoint Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u043d\u0430\u00a0Pwn2Own Vancouver 2023.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-05-10T13:00:06.000000Z"}, {"uuid": "8cfd40ff-df0e-46e5-8998-ed2637864391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3640", "content": "\ud83d\udda5Database:\n\n\ud83d\udd31leak of the airline Lnea A\u00e9rea Amaszonas S.A. : https://system32.ink/d/leak-of-the-airline-lnea-aerea-amaszonas-s-a/\n\n\ud83d\udd31Leak solicitudesglpi(.)dnsalias(.)net : https://system32.ink/d/leak-solicitudesglpi-dnsalias-net/\n\n\ud83d\udd31Leak goldstockcanada(.)com : https://system32.ink/d/leak-goldstockcanada-com/\n\n\ud83d\udd31Leak realtimetopup(.)com : https://system32.ink/d/leak-realtimetopup-com/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31UTopia is a tool for automatically generating fuzz drivers : https://system32.ink/d/utopia-is-a-tool-for-automatically-generating-fuzz-drivers/\n\n\ud83d\udd31Instagram-Lookup : https://system32.ink/d/instagram-lookup/\n\n\ud83d\udda5Exploit:\n\n\ud83d\udd31libssh CVE-2023-2283 POC exploit : https://system32.ink/d/libssh-cve-2023-2283-poc-exploit/\n\n\ud83d\udd31CVE-2023-29336 Win32k Privilege Escalation Vulnerability with PoC : https://system32.ink/d/cve-2023-29336-win32k-privilege-escalation-vulnerability-with-poc/\n\n\ud83d\udd31CVE-2023-32353 PoC Exploit : https://system32.ink/d/cve-2023-32353-poc-exploit/\n\n@crackcodes crackcodes.in", "creation_timestamp": "2023-06-09T06:57:28.000000Z"}, {"uuid": "61d0a1a0-dca2-4160-af6e-7c7918ac4b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29335", "type": "seen", "source": "https://t.me/cibsecurity/63680", "content": "\u203c CVE-2023-29335 \u203c\n\nMicrosoft Word Security Feature Bypass Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:44:57.000000Z"}, {"uuid": "9d0927d5-47af-4b68-b6f3-75e94cb7c202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/2061", "content": "\ud83d\udd77CVE-2023-29336 : Win32k -\u00a0 Privilege Escalation\nPOC : https://github.com/m-cetin/CVE-2023-29336\nPOC :\u00a0https://github.com/numencyber/Vulnerability_PoC/blob/main/CVE-2023-29336/poc.cpp \nAnalysis : https://www.numencyber.com/cve-2023-29336-win32k-analysis/\n\n\n@Professional_c_h\n@Card_crack_hack", "creation_timestamp": "2023-06-20T11:42:53.000000Z"}, {"uuid": "c24b031b-1a1e-4848-94cd-e5a06903890f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29333", "type": "seen", "source": "https://t.me/cibsecurity/63686", "content": "\u203c CVE-2023-29333 \u203c\n\nMicrosoft Access Denial of Service Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:45:06.000000Z"}, {"uuid": "1a968514-09fe-48c3-a3c9-8f8ac75547bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29338", "type": "seen", "source": "https://t.me/cibsecurity/63682", "content": "\u203c CVE-2023-29338 \u203c\n\nVisual Studio Code Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:45:02.000000Z"}, {"uuid": "a32ea846-265c-42cb-8d70-7c2e9477bdaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "seen", "source": "https://t.me/cibsecurity/63672", "content": "\u203c CVE-2023-29336 \u203c\n\nWin32k Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:44:47.000000Z"}, {"uuid": "c2bcb663-fee8-43c6-a9c3-7c5637be290d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/14186", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0441\u0432\u0435\u0436\u0435\u0433\u043e \u0431\u0430\u0433\u0430 \u0432 Win32k\n\n\u0418\u0411-\u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043c\u0430\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Win32k.\n\nhttps://xakep.ru/2023/06/13/cve-2023-29336-poc/", "creation_timestamp": "2023-06-13T16:12:12.000000Z"}, {"uuid": "2810aa8a-c504-4444-bc38-6ed9ce7a24f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/thehackernews/3336", "content": "\ud83d\udd12 Microsoft's May 2023 Patch Tuesday includes fixes for 38 security vulnerabilities, including a zero-day bug under active exploitation. \n \nThe bug (CVE-2023-29336) can grant SYSTEM privileges to attackers. \n \nDetails: https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html", "creation_timestamp": "2023-05-10T07:39:00.000000Z"}, {"uuid": "05c13b40-4815-4c5b-a9b7-a5af19a6f6b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3254", "content": "CVE-2023-29336\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u044f\u0434\u0440\u0430 Win32k \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u0434\u043e\u043d\u043a\u0430\u043c\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u043c\u0438 \u043b\u044e\u0434\u044c\u043c\u0438 RTF-\u0444\u0430\u0439\u043b\u0430. \nLPE \u0434\u043e system\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430\n\n\n#windows #lpe", "creation_timestamp": "2023-07-27T18:28:48.000000Z"}, {"uuid": "fe9494ef-6f0e-45fc-93a5-bfdd224f6829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "exploited", "source": "https://t.me/reverse_dungeon/3185", "content": "CVE-2023-29336 (Win32k Elevation of Privilege Vulnerability). PoC released for the bug exploited in attacks.\n\nhttps://blog.avast.com/avast-patches-microsoft-vulnerability\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336\n\nhttps://www.bleepingcomputer.com/news/security/poc-released-for-windows-win32k-bug-exploited-in-attacks/", "creation_timestamp": "2023-06-09T19:10:44.000000Z"}, {"uuid": "82e43a94-d66f-44be-86a9-d72c2a6806b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29336", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8493", "content": "#exploit\n1. CVE-2023-34362:\nMOVEIt Transfer RCE\nPart1: https://blog.assetnote.io/2023/06/07/moveit-transfer-patch-diff-adventure\nPart 2: https://blog.assetnote.io/2023/06/13/moveit-transfer-part-two\n\n2. CVE-2023-29336:\nWin32k EoP Vulnerability\nhttps://github.com/numencyber/Vulnerability_PoC/tree/main/CVE-2023-29336", "creation_timestamp": "2024-01-28T19:15:07.000000Z"}]}