{"vulnerability": "CVE-2023-43994", "sightings": [{"uuid": "9dae3624-2cc2-49ed-9ffc-89333fdedf65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43994", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18505", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-43994\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Cleaning_makotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.\n\ud83d\udccf Published: 2024-01-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-16T19:11:34.836Z\n\ud83d\udd17 References:\n1. https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43994.md", "creation_timestamp": "2025-06-16T19:40:46.000000Z"}, {"uuid": "d529f035-de48-488f-ba9e-c0a5106cb25d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43994", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/727", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 NPort 6000 \u0648 \u0645\u062f\u06cc\u0631 \u062f\u0631\u0627\u06cc\u0648\u0631 NPort \u0648\u06cc\u0646\u062f\u0648\u0632 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u062e\u0637\u0627\u0647\u0627\u06cc\u06cc \u062f\u0631 \u0631\u0648\u0646\u062f \u062a\u0623\u06cc\u06cc\u062f \u0627\u0639\u062a\u0628\u0627\u0631 \u06af\u0648\u0627\u0647\u06cc \u0627\u0633\u062a.  \n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06cc\u06a9 \u062d\u0645\u0644\u0647 Man-in-the-Middle \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f.\n\n BDU: 2023-01295\n CVE-2023-43994\n\n \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n - \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0645\u0627\u06cc\u0632 \u0641\u06cc\u0632\u06cc\u06a9\u06cc \u06cc\u0627 \u0645\u0646\u0637\u0642\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0634\u0628\u06a9\u0647 \u06a9\u0627\u0645\u067e\u06cc\u0648\u062a\u0631\u06cc \u0628\u0627 \u0633\u0631\u0648\u0631 \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 Moxa NPort \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0627 \u062a\u062e\u0635\u06cc\u0635 \u06cc\u06a9 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u062c\u062f\u0627\u06af\u0627\u0646\u0647.\n - \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n - \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\n https://www.moxa.com/en/support/product-support/security-advisory/nport-6000-series-and-utility-improper-certificate-validation-vulnerabilities\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-03-30T20:03:02.000000Z"}, {"uuid": "e72ad159-cb95-4da0-9c27-a7eda4ad2a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43994", "type": "seen", "source": "https://t.me/arpsyndicate/3099", "content": "#ExploitObserverAlert\n\nCVE-2023-43994\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-43994. An issue in Cleaning_makotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.", "creation_timestamp": "2024-01-26T22:31:43.000000Z"}, {"uuid": "0fc8b6db-7205-4096-b56c-a89ae271f594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43994", "type": "seen", "source": "https://t.me/ctinow/187038", "content": "https://ift.tt/8H5Ndwz\nCVE-2023-43994 | makotoya mini-app on Line 13.6.1 Channel Access Token information disclosure", "creation_timestamp": "2024-02-17T20:21:30.000000Z"}, {"uuid": "e792457d-81d4-4938-9e19-29cfbb59662f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43994", "type": "seen", "source": "https://t.me/ctinow/174611", "content": "https://ift.tt/qnephJY\nCVE-2023-43994 Exploit", "creation_timestamp": "2024-01-27T04:16:13.000000Z"}, {"uuid": "477de63c-592d-4cec-ba61-42e863cdff45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43994", "type": "seen", "source": "https://t.me/ctinow/172678", "content": "https://ift.tt/RpYHQyq\nCVE-2023-43994", "creation_timestamp": "2024-01-24T11:26:15.000000Z"}]}