{"vulnerability": "CVE-2023-3662", "sightings": [{"uuid": "fa9ea8dd-6f93-4fb6-9269-17ad93a9c382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-3662", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "a99fba13-2998-4b13-a596-de52034596aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3662", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5793", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-3662\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .\n\ud83d\udccf Published: 2023-08-03T10:55:43.844Z\n\ud83d\udccf Modified: 2025-02-27T21:11:28.683Z\n\ud83d\udd17 References:\n1. https://cert.vde.com/en/advisories/VDE-2023-021/", "creation_timestamp": "2025-02-27T21:25:55.000000Z"}, {"uuid": "75d20192-1d87-4b8f-9b0c-6fc8af75fea9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36621", "type": "seen", "source": "https://t.me/cibsecurity/73504", "content": "\u203c CVE-2023-36621 \u203c\n\nAn issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-03T06:23:20.000000Z"}, {"uuid": "d27ceeed-1571-41f5-a227-958801851c42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36620", "type": "seen", "source": "https://t.me/cibsecurity/73497", "content": "\u203c CVE-2023-36620 \u203c\n\nAn issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup=\"false\" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is used to authenticate requests to the API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-03T06:23:10.000000Z"}, {"uuid": "0b456ed1-e79e-4e6d-80c1-d42230e8f0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36628", "type": "seen", "source": "https://t.me/cibsecurity/71458", "content": "\u203c CVE-2023-36628 \u203c\n\nA flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T07:41:01.000000Z"}, {"uuid": "b7f49c4e-66a3-47ee-8247-2950687a09fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36627", "type": "seen", "source": "https://t.me/cibsecurity/71445", "content": "\u203c CVE-2023-36627 \u203c\n\nA flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T02:47:25.000000Z"}, {"uuid": "9d654dcc-ef8a-4065-82c7-2718e2db51bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36629", "type": "seen", "source": "https://t.me/ctinow/174030", "content": "https://ift.tt/yzUB6dc\nCVE-2023-36629 | ST ST54-android-packages-apps-Nfc prior 130-20230215-23W07p0 on Android out-of-bounds", "creation_timestamp": "2024-01-26T08:11:08.000000Z"}, {"uuid": "dc16de44-0cd3-4124-8031-8790fbf09a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36629", "type": "seen", "source": "https://t.me/ctinow/169035", "content": "https://ift.tt/BFabt73\nCVE-2023-36629 Exploit", "creation_timestamp": "2024-01-16T23:16:48.000000Z"}, {"uuid": "07e85675-4c2a-43ff-8605-b96b97f8de75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36629", "type": "seen", "source": "https://t.me/ctinow/164772", "content": "https://ift.tt/S7d63qn\nCVE-2023-36629", "creation_timestamp": "2024-01-09T03:26:12.000000Z"}, {"uuid": "5858c573-cee1-4db8-9502-e0f2b2d38749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36624", "type": "seen", "source": "https://t.me/cibsecurity/66013", "content": "\u203c CVE-2023-36624 \u203c\n\nLoxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T00:27:09.000000Z"}, {"uuid": "a511df57-7e4c-441d-a8d1-b477af4b802d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36623", "type": "seen", "source": "https://t.me/cibsecurity/66026", "content": "\u203c CVE-2023-36623 \u203c\n\nThe root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T00:27:27.000000Z"}, {"uuid": "e203d2f4-3ac9-4494-9834-74a44f7e5a20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36622", "type": "seen", "source": "https://t.me/cibsecurity/66024", "content": "\u203c CVE-2023-36622 \u203c\n\nThe websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T00:27:26.000000Z"}, {"uuid": "b61014d7-a521-4440-8257-e138068a6948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3662", "type": "seen", "source": "https://t.me/cibsecurity/67652", "content": "\u203c CVE-2023-3662 \u203c\n\nIn CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T14:39:52.000000Z"}, {"uuid": "6f6560d7-0817-4f93-a045-96fd313c12fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36620", "type": "seen", "source": "https://t.me/androidMalware/2060", "content": "Vulnerability (CVE-2023-36620) in Boomerang Parental Control Android app (100,000+ installs) allowed an attacker with physical access to device to take over admin control panel and spy on a kid\nhttps://seclists.org/fulldisclosure/2023/Jul/12", "creation_timestamp": "2023-11-23T10:22:14.000000Z"}, {"uuid": "a093e12f-2e2d-4ac0-9b95-91c1be024bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36620", "type": "seen", "source": "https://t.me/thebugbountyhunter/7978", "content": "Vulnerability (CVE-2023-36620) in Boomerang Parental Control Android app (100,000+ installs) allowed an attacker with physical access to device to take over admin control panel and spy on a kid\nhttps://seclists.org/fulldisclosure/2023/Jul/12", "creation_timestamp": "2023-11-05T23:31:03.000000Z"}]}