{"vulnerability": "CVE-2023-2938", "sightings": [{"uuid": "85fba115-9a09-4c24-a55c-e49c54d53edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/115530125562849637", "content": "", "creation_timestamp": "2025-11-11T08:30:19.133983Z"}, {"uuid": "28eb394f-4fc4-4af2-a0d8-49d4c4c3ca55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "seen", "source": "https://bsky.app/profile/kentindell.bsky.social/post/3lku2u4fxqk2g", "content": "", "creation_timestamp": "2025-03-21T01:30:49.820656Z"}, {"uuid": "a02e61a0-5487-49ba-b4db-a82b7af85a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrtfdzuisv2u", "content": "", "creation_timestamp": "2025-06-17T21:02:21.079008Z"}, {"uuid": "edd7d732-d46c-4acc-9117-1bd0a8cbcb1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29386", "type": "seen", "source": "https://sploitus.com/exploit?id=F53B330C-8CC3-5DA6-A737-F46C6D0EAE5C&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-10T10:33:22.000000Z"}, {"uuid": "a7ee7bf2-21ee-4721-9147-d4a7ed1fc157", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29386", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2zlw2qvjj2p", "content": "", "creation_timestamp": "2025-10-12T21:02:33.085811Z"}, {"uuid": "1b082f29-a1cc-4590-b8cb-fe406159306c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29386", "type": "published-proof-of-concept", "source": "Telegram/lsV5zC9p1X8tVLf-isAoIZe5cgJDfa3OMyAiSazDCtlTQGM", "content": "", "creation_timestamp": "2025-10-10T15:00:15.000000Z"}, {"uuid": "16967dd2-5517-425a-9156-b163c2f57146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29386", "type": "published-proof-of-concept", "source": "Telegram/toZA00G_ERU0NoA5G-uIe2uA3rf7P1HeZCWjStMxAqIj2bk", "content": "", "creation_timestamp": "2025-10-10T21:00:04.000000Z"}, {"uuid": "37566bbe-ccb1-4c73-a139-7b88fad9adf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-29383", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "cccab9fc-9b34-4ab5-b3fa-1c88f288c915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "exploited", "source": "Telegram/M9k1EE9w1uVnGW2AYAIzDhg84uoT1Dw10gfdcn4GQPQE1_7-", "content": "", "creation_timestamp": "2025-02-14T10:05:07.000000Z"}, {"uuid": "9e2dbcee-6274-485b-b004-7074f9c74b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29383", "type": "seen", "source": "https://t.me/arpsyndicate/184", "content": "#ExploitObserverAlert\n\nCVE-2023-29383\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-29383. In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 1.4\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T02:53:33.000000Z"}, {"uuid": "c081c476-845e-43b8-9259-d10afbaa3034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29384", "type": "seen", "source": "https://t.me/ctinow/157278", "content": "https://ift.tt/Ezqf3Oi\nCVE-2023-29384", "creation_timestamp": "2023-12-20T20:29:13.000000Z"}, {"uuid": "33bd6204-657a-4ea1-985d-5ca5272b274f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "exploited", "source": "https://t.me/arpsyndicate/543", "content": "#ExploitObserverAlert\n\nCVE-2023-29389\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-29389. Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight connector, and then sending forged \"Key is validated\" messages via CAN Injection, as exploited in the wild in (for example) July 2022.\n\nFIRST-EPSS: 0.000530000\nNVD-IS: 5.9\nNVD-ES: 0.9", "creation_timestamp": "2023-11-24T21:03:08.000000Z"}, {"uuid": "a93dbd9c-7cc1-44a3-96dc-9ef4c6421605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "seen", "source": "https://t.me/true_secator/4267", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u042f\u043d \u0422\u0430\u0431\u043e\u0440 \u0438\u0437 EDAG Group \u0438 \u041a\u0435\u043d \u0422\u0438\u043d\u0434\u0435\u043b\u043b \u0438\u0437 Canis Automotive Labs\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0430\u0432\u0442\u043e\u0443\u0433\u043e\u043d\u0449\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043d\u043e\u0432\u0443\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0443, \u0447\u0442\u043e\u0431\u044b \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u0438, \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0431\u0435\u0437 \u043a\u043b\u044e\u0447\u0430, \u0437\u0430\u0442\u0435\u043c \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0434\u0432\u0435\u0440\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0434\u0432\u0438\u0433\u0430\u0442\u0435\u043b\u0438.\n\n\u0422\u0435\u0445\u043d\u0438\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 CAN Injection \u0438, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0437\u043d\u0430\u0442\u044c \u0432\u0441\u044e \u0438\u0437\u043e\u0431\u0440\u0435\u0442\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043e\u0434\u0438\u043d \u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0430\u043c \u0441\u0442\u0430\u043b \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0430\u0432\u0442\u043e\u0443\u0433\u043e\u043d\u0430, \u043b\u0438\u0448\u0438\u0432\u0448\u0438\u0441\u044c \u043d\u043e\u0432\u0435\u043d\u044c\u043a\u043e\u0433\u043e Toyota RAV4.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u0443\u0433\u043d\u0430\u0442\u044c \u044f\u043f\u043e\u043d\u0446\u0430 \u0432\u043e\u0440\u044b \u0441\u043c\u043e\u0433\u043b\u0438 \u0441 \u0442\u0440\u0435\u0442\u044c\u0435\u0433\u043e \u0440\u0430\u0437\u0430, \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043d\u0435\u0443\u0434\u0430\u0447\u043d\u044b\u0445 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0444\u0430\u0440\u044b \u0438 \u043e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0431\u0435\u043b\u044f, \u0447\u0442\u043e \u0438 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u043b\u043e \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043a\u0430\u043a \u0445\u0443\u043b\u0438\u0433\u0430\u043d\u0441\u0442\u0432\u043e, \u043d\u043e \u0432\u0441\u0435 \u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u043f\u043e\u043d\u044f\u0442\u044c \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u00ab\u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438\u00bb.\n\n\u041c\u0435\u0442\u043e\u0434 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0442\u043e\u043c, \u0447\u0442\u043e \u0443\u0433\u043e\u043d\u0449\u0438\u043a\u0438 \u0441\u043d\u0438\u043c\u0430\u044e\u0442 \u0444\u0430\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0434\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u043a\u0430\u0431\u0435\u043b\u0435\u0439 \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0435\u0442 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0439 \u0431\u043b\u043e\u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044f (\u042d\u0411\u0423) \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437 \u043a\u043b\u044e\u0447\u0430.\u00a0\n\n\u0421\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u0438 \u0438\u043c\u0435\u044e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u042d\u0411\u0423, \u043a\u0430\u0436\u0434\u044b\u0439 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u0440\u0430\u0437\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043e\u043d\u0438 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u043c\u0435\u0436\u0434\u0443 \u0441\u043e\u0431\u043e\u0439 \u0448\u0438\u043d\u0430\u043c\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 CAN.\n\n\u041c\u0438\u043d\u0443\u044f \u043f\u0440\u044f\u043c\u043e\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043a \u042d\u0411\u0423 \u0441\u043c\u0430\u0440\u0442-\u043a\u043b\u044e\u0447\u0430, \u0443\u0433\u043e\u043d\u0449\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u042d\u0411\u0423 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 \u043f\u043e \u043f\u0440\u043e\u0432\u043e\u0434\u0430\u043c, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 \u0420\u0410\u0424\u043e\u043c, \u043a \u0444\u0430\u0440\u0435.\u00a0\n\n\u0410\u0442\u0430\u043a\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 CAN, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442 ECU, \u0447\u0442\u043e \u043a\u043b\u044e\u0447 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u0435\u043d. \u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043d\u0430 \u0431\u043b\u043e\u043a \u0434\u0432\u0435\u0440\u0438, \u0447\u0442\u043e\u0431\u044b \u0440\u0430\u0437\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0432\u0435\u0440\u044c, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0435\u0441\u0442\u044c \u0432 \u043c\u0430\u0448\u0438\u043d\u0443 \u0438 \u0443\u0435\u0445\u0430\u0442\u044c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043b\u0438 \u0434\u0430\u0440\u043a\u043d\u0435\u0442 \u0438 \u043d\u0430\u0448\u043b\u0438 \u0441\u0435\u043b\u043b\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0434\u0430\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0435 \u0434\u0435\u0432\u0430\u0439\u0441\u044b \u0437\u0430 5000 \u0435\u0432\u0440\u043e \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0430\u0432\u0442\u043e \u043c\u0430\u0440\u043e\u043a: Jeep, Maserati, Honda, Renault, Jaguar, Fiat, Peugeot, Nissan, Ford, BMW, Volkswagen, Chrysler, Cadillac, GMC \u0438 Toyota.\n\n\u041a\u043e\u043c\u0443\u0444\u043b\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438\u0437\u0434\u0435\u043b\u0438\u0435 \u043f\u043e\u0434 \u043f\u043e\u0440\u0442\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u043a\u043e\u043b\u043e\u043d\u043a\u0443 JBL \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e \u043a\u0430\u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u00ab\u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u00bb, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u0432\u0442\u043e\u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0442\u0440\u0430\u0442\u044b \u043a\u043b\u044e\u0447\u0430 \u0438\u043b\u0438 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u0438 \u0421\u0422\u041e \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0438 \u0440\u0435\u043c\u043e\u043d\u0442\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0442.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u0441\u0432\u043e\u0438\u0445 \u0432\u044b\u0432\u043e\u0434\u0430\u0445 \u0432 Toyota \u0438 \u043d\u0430\u0434\u0435\u044f\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0438 \u043f\u0440\u0438\u043c\u0443\u0442 \u043c\u0435\u0440\u044b \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0430\u0442\u0430\u043a\u0430\u043c \u043f\u0443\u0442\u0435\u043c \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 CAN.\n\n\u0417\u0430\u0431\u0430\u0432\u043d\u043e \u0434\u0440\u0443\u0433\u043e\u0435 \u0432 \u044d\u0442\u043e\u0439 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0430\u0432\u0442\u043e\u0443\u0433\u043e\u043d\u0430 \u0441\u0442\u0430\u043b \u0432\u0435\u0441\u044c\u043c\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u043d\u0435 \u0440\u0430\u0437 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0432\u0448\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0430\u0432\u0442\u043e\u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041d\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u043e \u0447\u0435\u0442\u044b\u0440\u0435\u0445\u043a\u043e\u043b\u0435\u0441\u043d\u043e\u043c \u0434\u0440\u0443\u0433\u0435 \u042f\u043d\u0443 \u0422\u0430\u0431\u043e\u0440\u0443 \u0434\u043e\u0441\u0442\u0430\u043b\u0441\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-29389, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0432\u0437\u043b\u043e\u043c\u0443 Toyota RAV4.", "creation_timestamp": "2023-04-07T17:30:05.000000Z"}, {"uuid": "2c3c769f-7367-4de5-b11e-fd295a667f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "exploited", "source": "https://t.me/arpsyndicate/1649", "content": "#ExploitObserverAlert\n\nCVE-2023-29389\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-29389. Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight connector, and then sending forged \"Key is validated\" messages via CAN Injection, as exploited in the wild in (for example) July 2022.\n\nFIRST-EPSS: 0.000530000\nNVD-IS: 5.9\nNVD-ES: 0.9", "creation_timestamp": "2023-12-10T15:54:37.000000Z"}, {"uuid": "18adf0e1-8658-4f1b-a0db-683107ddaec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29380", "type": "seen", "source": "https://t.me/cibsecurity/64755", "content": "\u203c CVE-2023-29380 \u203c\n\nWarpinator before 1.6.0 allows remote file deletion via directory traversal in top_dir_basenames.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T13:44:31.000000Z"}, {"uuid": "08db5b40-41bd-4232-a10b-3e99a078ba57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29382", "type": "seen", "source": "https://t.me/cibsecurity/66141", "content": "\u203c CVE-2023-29382 \u203c\n\nAn issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T20:20:30.000000Z"}, {"uuid": "c2a6a02b-c4c9-4aab-a5ea-c46a30aae554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29381", "type": "seen", "source": "https://t.me/cibsecurity/66148", "content": "\u203c CVE-2023-29381 \u203c\n\nAn issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privileges and obtain sensitive information via the password and 2FA parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T20:20:40.000000Z"}, {"uuid": "211dfd7a-010f-48bb-8aa8-bc778e675f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "exploited", "source": "https://t.me/cibsecurity/61485", "content": "\u203c CVE-2023-29389 \u203c\n\nToyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight connector, and then sending forged \"Key is validated\" messages via CAN Injection, as exploited in the wild in (for example) July 2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-05T20:26:38.000000Z"}, {"uuid": "9fc99df0-b4c9-402f-abde-be3bfd30a2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29388", "type": "seen", "source": "https://t.me/cibsecurity/61674", "content": "\u203c CVE-2023-29388 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in impleCode Product Catalog Simple plugin <= 1.6.17 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T17:14:09.000000Z"}, {"uuid": "5e295cc0-ea09-4706-9fc5-343116f90c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29389", "type": "seen", "source": "https://t.me/DerechodelaRed/4628", "content": "Aunque no pienses en ellos como un dispositivo conectado, tu coche lo es (si es de los nuevos)\n\nPor ese motivo, mucho ojo con nueva vulnerabilidad (CVE-2023-29389) que se ha detectado y se ejecuta v\u00eda inyecci\u00f3n CAN que permite reemplazar la llave del veh\u00edculo.\n\nDe momento afecta a modelos Toyota RAV4 2021 pero puede que en un horizonte cercano se confirme que afecta a m\u00e1s modelos.\n\nFuente", "creation_timestamp": "2023-04-11T07:07:00.000000Z"}]}