{"vulnerability": "CVE-2023-36874", "sightings": [{"uuid": "f7d984be-7c33-455a-9725-b1d3af8cf544", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-07-11T18:10:02.000000Z"}, {"uuid": "f961c0ea-3ec3-48cf-91d2-b2974a813254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971852", "content": "", "creation_timestamp": "2024-12-24T20:34:50.651868Z"}, {"uuid": "b5ba7e37-a8a5-47d1-ba51-ba41a72ff713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:44.000000Z"}, {"uuid": "b36953ae-0b7f-4178-9939-56de86b91d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "0167f4ed-1d87-4964-b192-a435028a95a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}, {"uuid": "63fbca71-4188-4277-808d-8371c8a168ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "1d6b422c-6516-4781-81cd-823825289d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/win_error_cve_2023_36874.rb", "content": "", "creation_timestamp": "2023-09-27T13:54:43.000000Z"}, {"uuid": "a7ab4f7b-5b8b-49a2-9fd3-fd08c2bd22f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:33.000000Z"}, {"uuid": "bd3a673f-8004-4570-9ac5-57cc3a70a0fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36874", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3e0a61c9-27c3-4a2d-8419-a37174d6e6e0", "content": "", "creation_timestamp": "2026-02-02T12:26:55.354837Z"}, {"uuid": "74c7aff4-b4ee-4181-b923-a234fce39076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1062", "content": "", "creation_timestamp": "2023-07-12T04:00:00.000000Z"}, {"uuid": "21ab6e06-c35c-495c-82bd-0f5e0f3fbc2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "1cbc4bd4-3fb7-4cf0-89fb-d16aa370d564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11433", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 PoC exploit for zero-day Windows Error Reporting Service bug (CVE-2023-36874) releases.\n\nhttps://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/", "creation_timestamp": "2023-08-23T05:50:04.000000Z"}, {"uuid": "feb3b149-7c72-45c7-ac26-0821799a4f72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11438", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 #untested exploit\n\nWeaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE.\n\nhttps://github.com/Octoberfest7/CVE-2023-36874_BOF", "creation_timestamp": "2023-08-25T09:30:52.000000Z"}, {"uuid": "d7026a3e-8dbf-466d-814d-bda11a94e080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11429", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Windows Error Reporting Service Privilege Enhancement Vulnerability (CVE-2023-36874).\n\n#untested\n\nhttps://github.com/d0rb/CVE-2023-36874", "creation_timestamp": "2023-08-22T06:44:47.000000Z"}, {"uuid": "74f26bf6-1bf8-4f28-a9e1-a21a8d8bd823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4953", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-36874 PoC\nURL\uff1ahttps://github.com/d0rb/CVE-2023-36874\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-20T13:51:42.000000Z"}, {"uuid": "b7ecd717-79e1-47ac-84a4-6b9e752848d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4952", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-36874 PoC\nURL\uff1ahttps://github.com/d0rb/CVE-2023-36874\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-20T13:51:42.000000Z"}, {"uuid": "1c6307d2-ba41-49ae-91e2-a039f1b6f660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4984", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aWeaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE\nURL\uff1ahttps://github.com/Octoberfest7/CVE-2023-36874_BOF\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-24T23:45:11.000000Z"}, {"uuid": "84c72c31-38e5-44b5-aba6-95d2d7abbb30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4963", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-36874 Proof of Concept\nURL\uff1ahttps://github.com/c4m3l-security/CVE-2023-36874\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-21T22:07:37.000000Z"}, {"uuid": "333a3b99-ee05-49f8-8086-a915e91199f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4962", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-36874 Proof of Concept\nURL\uff1ahttps://github.com/c4m3l-security/CVE-2023-36874\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-21T22:07:37.000000Z"}, {"uuid": "ef94bea1-3364-4830-8c92-bb5dd7319172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3115", "content": "CVE-2023-36874: Windows LPE\n\nhttps://github.com/Wh04m1001/CVE-2023-36874\n\n#git #exploit #lpe", "creation_timestamp": "2023-08-23T15:35:42.000000Z"}, {"uuid": "8b4ccf2b-e40a-40a3-b277-4dfa800df395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "Telegram/1g8zes6geizepr0PfVkNaltSSL1s5JQG_jPQ2ScncrmrmZeJ", "content": "", "creation_timestamp": "2024-04-05T12:41:37.000000Z"}, {"uuid": "e85b1e88-d897-4e8e-97d2-b7cef7158e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "https://t.me/kasperskyb2b/746", "content": "\ud83d\udcbb \u0418\u044e\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 Microsoft: \ud83d\udfe5\ud83d\udfe9\ud83d\udcdb\u0436\u0430\u0440\u0430!\n\n\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft \u043b\u0430\u0442\u0430\u0435\u0442 132 \u0434\u044b\u0440\u044b \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0438\u0437 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430. 9 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, 6 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0430\u0442\u0447.   37 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 33 \u2014 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 13 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 22 \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438. \u0411\u043e\u0433\u0430\u0442\u043e.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Storm-0978/RomCom  RCE \u0432 Office \u0438 Windows (CVE-2023-36884, CVSS 8.3) \u043d\u0435 \u0443\u0441\u043f\u0435\u043b\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Office \u0432 \u0441\u043f\u0438\u0441\u043e\u043a FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION. \u0412\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043f\u0430\u0442\u0447 \u0431\u0443\u0434\u0435\u0442 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e-\u0434\u0440\u0443\u0433\u0443\u044e, \u043d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0430\u0432\u0433\u0443\u0441\u0442\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0435 CVE, \u0430 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 (ADV-230001), \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0443\u0440\u043e\u0432\u043d\u044f \u044f\u0434\u0440\u0430. \u042d\u0442\u043e \u0435\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0440\u043e\u0442 \u0432 \u0441\u0430\u0433\u0435 \u043e\u0431 \u00ab\u0443\u0431\u0438\u0439\u0446\u0430\u0445 EDR\u00bb \u0438 \u0440\u0443\u0442\u043a\u0438\u0442\u0430\u0445.  \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043e\u0442\u043e\u0437\u0432\u0430\u043b \u043f\u0430\u0447\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 APT \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b, \u043d\u043e \u043d\u0435 \u0440\u0435\u0448\u0438\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0443\u043c\u0443\u0434\u0440\u044f\u044e\u0442\u0441\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0443 Microsoft \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0440\u044e\u043a \u0441 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0437\u0430\u0434\u043d\u0438\u043c \u0447\u0438\u0441\u043b\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b \u043f\u043e \u043e\u0434\u043d\u043e\u043c\u0443 \u0438\u0437 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043d\u0430 MS Developers Portal. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c  Windows \u0438 EDR \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u044b\u043c\u0438 \ud83e\udd78. \u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0441\u043b\u0430\u0431\u043e\u0435 \u0443\u0442\u0435\u0448\u0435\u043d\u0438\u0435 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0431\u0430\u0433\u0438 \u0432 \u044d\u0442\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439:\n\nCVE-2023-32049 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0444\u0430\u0439\u043b \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0431\u0435\u0437 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Windows \u00ab\u0444\u0430\u0439\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430\u00bb.\nCVE-2023-32046 \u2014 EoP \u0432 MSHTML. \nCVE-2023-36874 \u2014 EoP \u0432 Windows Error reporting service. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0435\u0441\u0442\u044c \u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043f\u0430\u043f\u043e\u043a \u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438.\nCVE-2023-35311 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Outlook, \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0436\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f, \u043d\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c  RCE \u0432 Sharepoint server (CVE-2023-33160, CVSS 8.8) \u0438 \u043d\u0438\u0448\u0435\u0432\u0430\u044f, \u043d\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f RCE \u0432 Microsoft message queuing (CVE-2023-32057, CVSS 9.8).\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-07-12T09:42:06.000000Z"}, {"uuid": "5421ef19-3872-488d-b9d7-f725aa68d7bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/Redscritp/7905", "content": "CVE-2023-36874: Windows LPE\n\nhttps://github.com/Wh04m1001/CVE-2023-36874", "creation_timestamp": "2023-09-22T18:10:30.000000Z"}, {"uuid": "4d4c4dcf-bdf4-4f99-bb8f-4ae40a8b16b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "exploited", "source": "https://t.me/arvinclub1/711", "content": "Weaponized #CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE\nhttps://github.com/Octoberfest7/CVE-2023-36874_BOF", "creation_timestamp": "2023-08-31T06:35:10.000000Z"}, {"uuid": "08aab091-d6f7-4aa0-8b3d-7e94c2f1ed7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/HackingVidhya/381", "content": "CVE-2023-36874: Windows LPE\n\nhttps://github.com/Wh04m1001/CVE-2023-36874\n\n#git #exploit #lpe", "creation_timestamp": "2023-08-23T20:21:22.000000Z"}, {"uuid": "d3a25846-8949-4835-b23c-562fac85790d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "https://t.me/arpsyndicate/1688", "content": "#ExploitObserverAlert\n\nCVE-2023-36874\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2023-36874. Windows Error Reporting Service Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.001470000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-11T02:04:46.000000Z"}, {"uuid": "ee09a0c1-9a4d-41e9-abef-032021bf5de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "Telegram/ytsNsi5fTo4-28yt9yg-mkVrXcp5g4MuEe2alp3WU85dBUM", "content": "", "creation_timestamp": "2023-08-29T18:26:10.000000Z"}, {"uuid": "3ceb97ea-55cd-4b07-9bed-1c93e571ebb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "Telegram/prWZWnL7_dztPPl6owemGNsOrNvLXDT1M5ts37lDKgNdxg", "content": "", "creation_timestamp": "2023-08-22T04:12:03.000000Z"}, {"uuid": "36f49166-2864-4a74-8971-9cf2cb27200f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3174", "content": "Hackers Factory \n\nA modern tool written in Python that automates your xss findings.\n\nhttps://github.com/faiyazahmad07/xss_vibes\n\nThis repository is to provide a write-up and PoC for CVE-2023-41717.\n\nhttps://github.com/federella/CVE-2023-41717\n\nExploring the Ingenious Utilization of Overwolf's Overlay Framework While Preserving its Native Window Flags. Employing SetWindowsHookEx for Acquiring Keyboard and Mouse Inputs.\n\nhttps://github.com/SurgeGotTappedAgain/Window-Hijack\n\nReal fucking shellcode encryption tool.\n\nhttps://github.com/nickvourd/Supernova\n\nSome of my rough notes for Docker threat detection\n\nhttps://github.com/Antonlovesdnb/DockerDetectionNotes\n\nDigital Forensics Incident Response and Detection engineering\n\nhttps://github.com/adrianlois/DFIR-Detection-Engineering\n\nMaking Favicon.ico based Recon Great again \n\nhttps://github.com/devanshbatham/FavFreak\n\nCVE-2023-36874 PoC\n\nhttps://github.com/d0rb/CVE-2023-36874\n\nA tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks\n\nhttps://github.com/CCob/gssapi-abuse\n\nA collection of companies that disclose adversary TTPs after they have been breached\n\nhttps://github.com/BushidoUK/Breach-Report-Collection\n\nGenerate Live Verizon Phone Numbers from carrier.\n\nhttps://github.com/cyboghost/Numgen-Ultimate\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-01T11:58:49.000000Z"}, {"uuid": "75ed474c-4f24-408b-9359-0d0aef38dee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3166", "content": "Hackers Factory \n\nAll shell backdoor in the world\n\nhttps://github.com/beruangsalju/shell-backdoor\n\nKnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).\n\nhttps://github.com/helviojunior/knowsmore\n\nConnect your devices into a single secure private WireGuard\u00ae-based mesh network with SSO/MFA and simple access controls.\n\nhttps://github.com/netbirdio/netbird\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nA simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.\n\nhttps://github.com/Narasimha1997/fake-sms\n\nMalicious URL Detection Model NN optimized by Genetic Algorithms\n\nhttps://github.com/ANG13T/url_genie\n\nInteresting sudo(8) versus doas(1) case.\n\nhttps://github.com/slicer69/doas/issues/117\n\nFully isolated honeypot ssh server using thrussh\n\nhttps://github.com/w4/pisshoff\n\nA simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.\n\nhttps://github.com/Narasimha1997/fake-sms\n\nBrowser extension for reverse image search, available for Chrome, Edge and Safari\n\nhttps://github.com/dessant/search-by-image\n\nCVE-2023-36874\nFor demonstration purposes only. Exploit works on vulnerable Windows clients/servers.\n\nhttps://github.com/Wh04m1001/CVE-2023-36874\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-24T17:25:44.000000Z"}, {"uuid": "c01ab0b1-1983-4503-945f-fe590679fc5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3165", "content": "Hackers Factory \n\nDid you know that Google open sourced their fuzzing dictionaries? \n\ngithub.com/google/fuzzing/\n\nDistribute ordinary bash commands over many systems\n\nhttps://github.com/hakluke/hakscale\n\nWordpress Attack Suite\n\nhttps://github.com/n00py/WPForce\n\nAtomic secret provisioning for NixOS based on sops\n\nhttps://github.com/Mic92/sops-nix\n\nSimple and flexible tool for managing secrets\n\nhttps://github.com/getsops/sops\n\nTracking interesting Linux (and UNIX) malware. Send PRs\n\nhttps://github.com/timb-machine/linux-malware\n\nCVE-2023-36874 PoC\n\nhttps://github.com/d0rb/CVE-2023-36874\n\nEscalate Service Account To LocalSystem via Kerberos\n\nhttps://github.com/wh0amitz/S4UTomato\n\nA practical experiment on supply-chain security using reproducible builds\n\nhttps://github.com/kpcyrd/i-probably-didnt-backdoor-this\n\nPoC Implementation of a fully dynamic call stack spoofer\n\nhttps://github.com/klezVirus/SilentMoonwalk\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-23T19:29:56.000000Z"}, {"uuid": "37e00a3b-22d7-4f9b-9aca-d4053f29fd54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1690", "content": "CVE-2023-36874\u00a0\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 Windows.\n*\nPOC exploit\n*\nRead - exploit for 0-day Windows Error Reporting Service bug\n#windows #lpe", "creation_timestamp": "2023-08-21T11:24:31.000000Z"}, {"uuid": "053489f9-4ff1-4563-943c-2af436f77973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1057", "content": "CVE-2023-36874: \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u062f\u0645\u0627\u062a \u06af\u0632\u0627\u0631\u0634 \u062e\u0637\u0627\u0647\u0627\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632\n\u0627\u062b\u0628\u0627\u062a: https://github.com/d0rb/CVE-2023-36874\n\nCVE-2023-36874 : Windows Error Reporting Service Elevation of Privilege Vulnerability \nPOC : https://github.com/d0rb/CVE-2023-36874", "creation_timestamp": "2024-05-02T12:43:05.000000Z"}, {"uuid": "ff79f81e-5e91-4c09-8b64-0a171f04c72c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "exploited", "source": "https://t.me/true_secator/4606", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft, \u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 132 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 6 0-day \u0438 13 RCE-\u043e\u0448\u0438\u0431\u043e\u043a, \u0434\u0435\u0432\u044f\u0442\u044c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u0438\u0445 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u043c\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0438\u043d\u0444\u043e\u0441\u0435\u043a-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c 33 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 13 - \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 37 - RCE, 19 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 22 - DoS, 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 Microsoft \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0438 \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Edge.\n\n\u0418\u0437 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day:\n\nCVE-2023-32046\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows MSHTML, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435 \u0438\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b.\n\nCVE-2023-32049\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 Windows SmartScreen, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043d\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u0431\u044b\u043b\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 Microsoft Threat Intelligence Center.\n\nCVE-2023-36874\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 Windows.\n\n\u0414\u043b\u044f \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435. \u041e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0412\u043b\u0430\u0434\u043e\u043c \u0421\u0442\u043e\u043b\u044f\u0440\u043e\u0432\u044b\u043c \u0438 \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d \u0438\u0437 Google TAG.\n\nCVE-2023-36884\u00a0- \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Office \u0438 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 HTML \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Microsoft Office.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b. \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b\u0438\u0441\u044c, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 RomCom, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0432\u0448\u0435\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Industrial Spy (\u043d\u044b\u043d\u0435 - Underground), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Palo Alto, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0441 Cuba ransomware.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 Microsoft Threat Intelligence, \u0412\u043b\u0430\u0434 \u0421\u0442\u043e\u043b\u044f\u0440\u043e\u0432, \u041a\u043b\u0435\u043c\u0435\u043d\u0442 \u041b\u0435\u0441\u0438\u043d\u044c \u0438 \u0411\u0430\u0445\u0430\u0440\u0435 \u0421\u0430\u0431\u0443\u0440\u0438 \u0438\u0437 Google TAG, \u041f\u043e\u043b \u0420\u0430\u0441\u043a\u0430\u043d\u044c\u0435\u0440\u0435\u0441 \u0438 \u0422\u043e\u043c \u041b\u0430\u043d\u043a\u0430\u0441\u0442\u0435\u0440 \u0438\u0437 Volexity, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft Office Product Group.\n\nCVE-2023-35311\u00a0\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Microsoft Outlook. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\nADV230001\u00a0- Microsoft \u043e\u0442\u043e\u0437\u0432\u0430\u043b\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043b\u0430\u0437\u0435\u0439\u043a\u0443 \u0432 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0435 Windows \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0440\u0435\u0436\u0438\u043c\u0430 \u044f\u0434\u0440\u0430.\n\n\u041f\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044e Cisco Talos, \u044d\u0442\u0430 \u043b\u0430\u0437\u0435\u0439\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Chrome, Edge \u0438 Firefox (\u0438 \u0435\u0449\u0435 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432), \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432 \u041a\u0438\u0442\u0430\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e, \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0436\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0434\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u0438 \u0443\u0447\u0430\u0441\u0442\u0438\u0438 Trend Micro \u0438 Cisco \u0431\u044b\u043b\u043e \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f Sophos \u043e\u0442 9 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 PatchTuesday \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-07-12T14:02:05.000000Z"}, {"uuid": "9cd1fbd0-d7a1-4fbc-9933-891e46d3e56e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4170", "content": "\ud83d\udcccMinistry of Justice (Italy) Data Leak : https://system32.ink/ministry-of-justice-italy-data-leak/\n\n\ud83d\udcdfCVE-2023-36874 PoC : https://system32.ink/cve-2023-36874-poc/\n\n\ud83d\udc7eHITCON 2023 CVE-2023-20562 POC : https://system32.ink/hitcon-2023-cve-2023-20562-poc/\n\n\ud83e\uddeeZapay.fr Data Leak : https://system32.ink/zapay.fr-data-leak/", "creation_timestamp": "2023-08-22T04:10:42.000000Z"}, {"uuid": "2dc37ce3-623f-47a6-ae07-ea6e5a278fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1368", "content": "CVE-2023-36874: Windows LPE\n\nhttps://github.com/Wh04m1001/CVE-2023-36874\n\n#git #exploit #lpe", "creation_timestamp": "2023-08-23T17:35:34.000000Z"}, {"uuid": "bb573781-bb98-413d-bd8b-069439724f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "Telegram/JqtzVHuZLbZdqIwdgVnGHGNFEiudRC_BWfj3nfBEn_2QAg", "content": "", "creation_timestamp": "2023-09-26T05:35:59.000000Z"}, {"uuid": "a66d4a86-b64d-4abd-9f88-733044f9737f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "seen", "source": "Telegram/JjQk20gMM8PFs0eee9dwm2Z8BMoku2Td1biMu8bOyPfVFQ", "content": "", "creation_timestamp": "2023-09-26T05:36:07.000000Z"}, {"uuid": "6983e576-7dc8-4859-a657-4ce21d91899e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3282", "content": "CVE-2023-36874\u00a0\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 Windows.\n*\nPOC exploit\n\n#windows #lpe", "creation_timestamp": "2023-08-21T10:50:54.000000Z"}, {"uuid": "7650766b-110c-4467-8fef-f1aa2bf5434d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/939", "content": "https://github.com/Octoberfest7/CVE-2023-36874_BOF\nCVE\u7684\u6b66\u5668\u5316cobalt strike BOF-2023-36874 Windows\u9519\u8bef\u62a5\u544aLPE\n#github", "creation_timestamp": "2023-10-15T05:13:18.000000Z"}, {"uuid": "f025bd63-426d-4505-ae04-3f0c96622c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36874", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8892", "content": "#exploit\n1. CVE-2023-36874:\nWindows Error Reporting Service Privilege Enhancement Vulnerability\nhttps://github.com/c4m3l-security/CVE-2023-36874\n\n2. CVE-2023-34127:\nImproper Neutralization of Special Elements used in an OS Command (\"OS Command Injection\") vulnerability in SonicWall GMS, SonicWall Analytics\nhttps://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127/rapid7-analysis", "creation_timestamp": "2023-08-22T12:27:06.000000Z"}]}