{"vulnerability": "CVE-2023-46805", "sightings": [{"uuid": "60a4bf86-ad70-49e7-875a-974bef14b322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-01-11T00:10:02.000000Z"}, {"uuid": "e5f82fd1-d9e7-42aa-b72c-04a1b78efbeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/a9da4722-3b2c-42b6-9bb8-82f2162a171e", "content": "", "creation_timestamp": "2024-01-14T19:37:50.000000Z"}, {"uuid": "58119de7-f8bb-4112-a984-b128f744ab4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/0ace66e0-53b1-4429-a74a-81f419c1981e", "content": "", "creation_timestamp": "2024-01-29T15:42:45.000000Z"}, {"uuid": "ff850413-df70-48ae-872b-2157b51c2750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/e13bf263-b5e8-4905-85b8-77c2c1d152c7", "content": "", "creation_timestamp": "2024-01-12T14:53:19.000000Z"}, {"uuid": "e1e25ebe-8885-4c13-b536-d83194141574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/5c86e98c-f3a4-4a57-afb0-1ca99d24ad9b", "content": "", "creation_timestamp": "2024-03-01T14:19:01.000000Z"}, {"uuid": "06d617fa-3147-4eb8-9996-ac56950c29d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/b832113b-e603-406a-ba62-aae9ba13b1b4", "content": "", "creation_timestamp": "2024-03-18T16:00:29.000000Z"}, {"uuid": "83292bf7-2ce2-405d-ac97-c6b747450da9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/7847cc65-14c2-4577-97d5-819931319c46", "content": "", "creation_timestamp": "2024-04-09T08:07:26.000000Z"}, {"uuid": "29f36d21-b500-492d-a275-ef9098f71214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/9b0e1df3-b940-4dad-b639-688a43920690", "content": "", "creation_timestamp": "2024-02-01T16:40:06.000000Z"}, {"uuid": "fd64263d-8572-49b8-9a33-c1b1add3c8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/3469fa1d-e6f2-4558-a6ad-b8e1e6817bab", "content": "", "creation_timestamp": "2024-01-25T19:15:07.000000Z"}, {"uuid": "1dfd4626-4ceb-476a-b3d9-a8877603798b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/ffea72a3-7935-4078-b769-b872475c5eae", "content": "", "creation_timestamp": "2024-11-27T08:28:21.000000Z"}, {"uuid": "dfd511d3-a8b1-4c8c-894d-64ad64e83fa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-30)", "content": "", "creation_timestamp": "2025-01-30T00:00:00.000000Z"}, {"uuid": "57eed909-caf0-4a9a-bb6f-43c8c28f5168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-02)", "content": "", "creation_timestamp": "2025-02-02T00:00:00.000000Z"}, {"uuid": "d1a7ea7d-3a1f-44b6-9d1b-16973210653d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "11307d9e-4659-4570-bf7a-8239bb482430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "05abb96a-0d32-46b8-9910-239d10c3daaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "456998c3-e340-4a71-8261-1d89a25f820e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-23)", "content": "", "creation_timestamp": "2025-01-23T00:00:00.000000Z"}, {"uuid": "c5fc1407-97de-40eb-aefb-fff5a5d16d68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-21)", "content": "", "creation_timestamp": "2025-01-21T00:00:00.000000Z"}, {"uuid": "a1454904-3158-4357-af68-c685210bd848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-16)", "content": "", "creation_timestamp": "2025-01-16T00:00:00.000000Z"}, {"uuid": "602acb95-d5e8-47ff-a4c2-5e9b95d81b46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-17)", "content": "", "creation_timestamp": "2025-01-17T00:00:00.000000Z"}, {"uuid": "4608bd22-359d-4ca7-8419-ecd5949f0b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-20)", "content": "", "creation_timestamp": "2025-01-20T00:00:00.000000Z"}, {"uuid": "216947d7-c0fc-4d0a-8765-828d7fd677f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-18)", "content": "", "creation_timestamp": "2025-01-18T00:00:00.000000Z"}, {"uuid": "e5d9033b-f678-47a1-8daf-783660c54f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-19)", "content": "", "creation_timestamp": "2025-01-19T00:00:00.000000Z"}, {"uuid": "c541a07b-8576-418c-8a01-e6f1ad7638a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-23)", "content": "", "creation_timestamp": "2024-12-23T00:00:00.000000Z"}, {"uuid": "184342b9-2d60-4864-a541-4346feafb3d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-22)", "content": "", "creation_timestamp": "2025-01-22T00:00:00.000000Z"}, {"uuid": "4b98d0a9-f3db-4d9e-a2d9-d6e5bb2aaaee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-24)", "content": "", "creation_timestamp": "2025-01-24T00:00:00.000000Z"}, {"uuid": "4f92df68-fe31-4211-be3b-56e11ae8cf17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-25)", "content": "", "creation_timestamp": "2024-12-25T00:00:00.000000Z"}, {"uuid": "bca495f6-6e7d-407a-bec2-aababeb2f992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-29)", "content": "", "creation_timestamp": "2024-12-29T00:00:00.000000Z"}, {"uuid": "0b0d18a3-6dc5-4711-afae-2c9d2a46e2f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-02)", "content": "", "creation_timestamp": "2025-01-02T00:00:00.000000Z"}, {"uuid": "6568ad25-875a-4e7f-aafa-efd6deccdabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-01)", "content": "", "creation_timestamp": "2025-01-01T00:00:00.000000Z"}, {"uuid": "82b67723-a9cc-46be-98c4-9eb7b002acb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-04)", "content": "", "creation_timestamp": "2025-01-04T00:00:00.000000Z"}, {"uuid": "3e198887-75e1-432e-aa11-df1e9945377f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-05)", "content": "", "creation_timestamp": "2025-01-05T00:00:00.000000Z"}, {"uuid": "984ca18d-3e15-4d1f-8e8d-c1a1ed5215ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-08)", "content": "", "creation_timestamp": "2025-01-08T00:00:00.000000Z"}, {"uuid": "79665f3e-02da-45d4-b160-2d470772a081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "74f6fce2-e5ee-450f-a0f7-ecc7da4a46dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-10)", "content": "", "creation_timestamp": "2025-01-10T00:00:00.000000Z"}, {"uuid": "9374ecec-d640-456a-95bd-f79dc887a8a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-11)", "content": "", "creation_timestamp": "2025-01-11T00:00:00.000000Z"}, {"uuid": "b34f1f17-40ef-4569-918c-861c823b8866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-09)", "content": "", "creation_timestamp": "2025-01-09T00:00:00.000000Z"}, {"uuid": "81824d3e-046a-43b7-aaa7-f1c1a09c46cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-12)", "content": "", "creation_timestamp": "2025-01-12T00:00:00.000000Z"}, {"uuid": "f7e725e1-72bb-442b-9c04-2393cb1bfcac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-13)", "content": "", "creation_timestamp": "2025-01-13T00:00:00.000000Z"}, {"uuid": "19a12c7c-3614-4bab-af3a-d39a1a7e482f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-25)", "content": "", "creation_timestamp": "2024-10-25T00:00:00.000000Z"}, {"uuid": "08179a39-fddd-4c82-bb81-f0939ef6bb7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-28)", "content": "", "creation_timestamp": "2024-10-28T00:00:00.000000Z"}, {"uuid": "2a2aa301-05bc-45ca-8e59-f50e0c696c52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-31)", "content": "", "creation_timestamp": "2024-10-31T00:00:00.000000Z"}, {"uuid": "a99a97dd-242e-4e47-8759-b960eb17d0f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-02)", "content": "", "creation_timestamp": "2024-11-02T00:00:00.000000Z"}, {"uuid": "e749c1a0-d96b-44f2-a2c3-3fa59e86e901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-06)", "content": "", "creation_timestamp": "2024-11-06T00:00:00.000000Z"}, {"uuid": "def14359-c01e-4f15-899e-6bf31339733f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "117d4db5-b6a9-46fe-b2b1-97a4e3869f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-05)", "content": "", "creation_timestamp": "2024-11-05T00:00:00.000000Z"}, {"uuid": "ddee684c-2a76-465a-b88d-f6275e8937e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-09)", "content": "", "creation_timestamp": "2024-11-09T00:00:00.000000Z"}, {"uuid": "98da1d59-ae64-49a7-bb43-426471285a8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-07)", "content": "", "creation_timestamp": "2024-11-07T00:00:00.000000Z"}, {"uuid": "15585d90-eb90-4e09-a711-fbac5b751553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-08)", "content": "", "creation_timestamp": "2024-11-08T00:00:00.000000Z"}, {"uuid": "ecaddfd3-3683-48b9-988f-53f8b04ec031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-14)", "content": "", "creation_timestamp": "2024-11-14T00:00:00.000000Z"}, {"uuid": "d0bdd0a4-4eed-403c-ba63-b566633b036a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-10)", "content": "", "creation_timestamp": "2024-11-10T00:00:00.000000Z"}, {"uuid": "241b8331-32ec-4934-bb69-7275c245b05f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-13)", "content": "", "creation_timestamp": "2024-11-13T00:00:00.000000Z"}, {"uuid": "27b4ecb1-0b9e-4b54-b002-b769a815c523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-25)", "content": "", "creation_timestamp": "2024-11-25T00:00:00.000000Z"}, {"uuid": "d08eea0c-2fc7-49f3-8558-d143707f5b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-16)", "content": "", "creation_timestamp": "2024-11-16T00:00:00.000000Z"}, {"uuid": "129da1de-70a4-4eda-bf0f-41a3269da14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "3c42305e-b5cc-4d1d-93a5-94279d7334ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-15)", "content": "", "creation_timestamp": "2024-11-15T00:00:00.000000Z"}, {"uuid": "4401506e-53a0-4b2d-ab0a-c0b37423e87f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-22)", "content": "", "creation_timestamp": "2024-11-22T00:00:00.000000Z"}, {"uuid": "e99b82e8-77cc-4df4-9330-7beea98f3300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-18)", "content": "", "creation_timestamp": "2024-11-18T00:00:00.000000Z"}, {"uuid": "7d293f69-79ee-40f2-8096-829f33ebce08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-17)", "content": "", "creation_timestamp": "2024-11-17T00:00:00.000000Z"}, {"uuid": "95745e77-29af-4602-86eb-4718252b69c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-20)", "content": "", "creation_timestamp": "2024-11-20T00:00:00.000000Z"}, {"uuid": "26cb1721-c426-4e04-86d8-4af9097c86f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-26)", "content": "", "creation_timestamp": "2024-11-26T00:00:00.000000Z"}, {"uuid": "27cf2152-7aa2-4c27-84fd-4618e88c4924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-21)", "content": "", "creation_timestamp": "2024-11-21T00:00:00.000000Z"}, {"uuid": "d7d96bd1-8491-41a1-80a3-117a896524f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-23)", "content": "", "creation_timestamp": "2024-11-23T00:00:00.000000Z"}, {"uuid": "f51bfe7f-54be-45e6-8d64-42b995f9dfdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-01)", "content": "", "creation_timestamp": "2024-12-01T00:00:00.000000Z"}, {"uuid": "fee642eb-0729-4fd8-9dc9-0e658c0c4416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-25)", "content": "", "creation_timestamp": "2025-01-25T00:00:00.000000Z"}, {"uuid": "0a2c7de3-5271-4472-b4d8-ffca4bdb56d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-07)", "content": "", "creation_timestamp": "2024-12-07T00:00:00.000000Z"}, {"uuid": "8dbf53fd-8364-4c3a-856d-e7e60917575d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-03)", "content": "", "creation_timestamp": "2024-12-03T00:00:00.000000Z"}, {"uuid": "58b37639-cc97-4eff-a0e0-b2201c4188ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-11)", "content": "", "creation_timestamp": "2024-12-11T00:00:00.000000Z"}, {"uuid": "d3e56f7c-6cd5-40b4-9c04-f511b2dac440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-17)", "content": "", "creation_timestamp": "2024-12-17T00:00:00.000000Z"}, {"uuid": "762c5338-4822-4629-a076-ea76ec780f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-10)", "content": "", "creation_timestamp": "2024-12-10T00:00:00.000000Z"}, {"uuid": "ce794e28-d7b7-445b-a7fe-1cbf3d9233f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-06)", "content": "", "creation_timestamp": "2025-02-06T00:00:00.000000Z"}, {"uuid": "0306514a-b425-40ed-be49-37efe09b61f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-18)", "content": "", "creation_timestamp": "2024-12-18T00:00:00.000000Z"}, {"uuid": "2d3285fb-0cfa-418b-af4e-971569e6af25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-16)", "content": "", "creation_timestamp": "2024-12-16T00:00:00.000000Z"}, {"uuid": "35948523-89f6-41bb-aa56-2a8fb2afc657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "b4144e46-8cab-496a-ac0b-8a3f9f3a0da9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-24)", "content": "", "creation_timestamp": "2024-12-24T00:00:00.000000Z"}, {"uuid": "207e6dac-878f-4965-a15c-d8320acac2ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-20)", "content": "", "creation_timestamp": "2024-12-20T00:00:00.000000Z"}, {"uuid": "eb38a00a-04e8-483b-8182-cdbd37105ca7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-30)", "content": "", "creation_timestamp": "2024-12-30T00:00:00.000000Z"}, {"uuid": "6716e1f2-3722-44d9-b6cc-6ccc2fa088be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "b35c5a80-e5b0-4f2f-8b68-ba7ce02ee5fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-07)", "content": "", "creation_timestamp": "2025-02-07T00:00:00.000000Z"}, {"uuid": "de6fa887-9fae-4bff-9ea5-7e18617713ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "8a61f001-320e-48d7-b158-84e798dfe118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "afb75652-ef62-4a33-b5ab-3bdd8851efe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "2903412c-3fdb-4cf5-bf04-eb3689536205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "68f244ce-1f68-48ef-bb48-341655b8815d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "8d3882b6-3bb9-42b5-8a3e-61986ef087ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "58571271-4101-4658-aa88-59ddd34142b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "0bfa92ea-570b-44cc-af24-1518c4338e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-03)", "content": "", "creation_timestamp": "2025-02-03T00:00:00.000000Z"}, {"uuid": "660b8df3-6dd5-43bb-9254-7f8d95f637ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "6b64676c-caab-4258-bf9e-359a9c6d4cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "1ec5a61b-11b2-4afc-8dbf-887458734741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-11)", "content": "", "creation_timestamp": "2025-02-11T00:00:00.000000Z"}, {"uuid": "39a344e5-1a09-4d93-8006-074253641de8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "d3665b8e-e6d1-4c3f-9321-3f00df342d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "0eec9b24-3e68-45b4-87e0-928b93c8db76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "dda9e32d-35d0-45a0-9151-ec19fc240a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-24)", "content": "", "creation_timestamp": "2025-02-24T00:00:00.000000Z"}, {"uuid": "60d29a4b-6adb-4fc2-bcc2-3fe05b4ef432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-10)", "content": "", "creation_timestamp": "2025-03-10T00:00:00.000000Z"}, {"uuid": "78093c85-a5de-435f-9966-daee5a45ef4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-14)", "content": "", "creation_timestamp": "2025-02-14T00:00:00.000000Z"}, {"uuid": "902fc95b-84fa-4410-8627-4ddea55cb744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-16)", "content": "", "creation_timestamp": "2025-03-16T00:00:00.000000Z"}, {"uuid": "65d2733f-1223-493b-9d72-0ce3f1c0a76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-22)", "content": "", "creation_timestamp": "2025-03-22T00:00:00.000000Z"}, {"uuid": "95ec4aca-9905-42cd-a101-06caac71ff56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-20)", "content": "", "creation_timestamp": "2025-02-20T00:00:00.000000Z"}, {"uuid": "a4477a2d-67c8-4beb-ad4d-e918e1f98ac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-19)", "content": "", "creation_timestamp": "2025-02-19T00:00:00.000000Z"}, {"uuid": "21634b76-b7ff-4eaf-a192-684fb1dc6079", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-20)", "content": "", "creation_timestamp": "2025-03-20T00:00:00.000000Z"}, {"uuid": "1c7437dc-36fb-4fd8-8776-f82592345964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:51.000000Z"}, {"uuid": "33d0618b-5864-4f9a-a5d7-297c44fa1810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-38443b8e-9ac59311ff2ab39e", "content": "", "creation_timestamp": "2025-04-05T07:02:03.280001Z"}, {"uuid": "c6b7e328-8426-4fe3-a5c2-178923c1fd46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-17)", "content": "", "creation_timestamp": "2025-03-17T00:00:00.000000Z"}, {"uuid": "ec74c9c6-f9cf-4ef3-b1a0-85ed8778369c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "00fe4549-dc9a-43d2-ae94-3a26d0240774", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-11)", "content": "", "creation_timestamp": "2025-07-11T00:00:00.000000Z"}, {"uuid": "50d4ebe4-5cd1-414c-8283-96614dd8a580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-27)", "content": "", "creation_timestamp": "2025-03-27T00:00:00.000000Z"}, {"uuid": "0ef77342-fd6a-467e-be16-40d1ce3fa9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-38443b8e-9ac59311ff2ab39e", "content": "", "creation_timestamp": "2025-04-05T07:02:03.285400Z"}, {"uuid": "65f568d4-45fa-444c-90d4-5d37eaf08514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-10)", "content": "", "creation_timestamp": "2025-04-10T00:00:00.000000Z"}, {"uuid": "91799744-92ce-4b2b-ad4b-265a156ae99a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-14)", "content": "", "creation_timestamp": "2025-07-14T00:00:00.000000Z"}, {"uuid": "4f903b18-4581-4bd0-b769-7fd36c0fd15a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/db5f885b-7a82-4952-b138-956e39033df0", "content": "", "creation_timestamp": "2025-04-15T14:26:29.000000Z"}, {"uuid": "2709f432-02ba-4944-9dfb-6cdad472da2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://bsky.app/profile/ashl3y-shen.bsky.social/post/3lmrkoo4te22r", "content": "", "creation_timestamp": "2025-04-14T12:26:32.238715Z"}, {"uuid": "f5fdc59e-1167-4f6f-8b39-8b96f7e5f40f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://bsky.app/profile/ashl3y-shen.bsky.social/post/3lmrkqcosls2r", "content": "", "creation_timestamp": "2025-04-14T12:27:27.190684Z"}, {"uuid": "d5b10f5a-2305-40b6-b029-12c46f27b419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-11)", "content": "", "creation_timestamp": "2025-04-11T00:00:00.000000Z"}, {"uuid": "d33db572-17d7-4890-9fd0-220e9fe3afcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-18)", "content": "", "creation_timestamp": "2025-04-18T00:00:00.000000Z"}, {"uuid": "b8f14e74-c582-4cbd-932d-fa89557ff3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/238add84-60d4-59b7-91a5-fb3919377cfb", "content": "", "creation_timestamp": "2025-04-15T12:54:47.000000Z"}, {"uuid": "02938170-4a83-4ed0-bc96-49a49fcff5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-11)", "content": "", "creation_timestamp": "2025-06-11T00:00:00.000000Z"}, {"uuid": "fd0ec415-c2aa-44a3-867b-05d05e3cba63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-15)", "content": "", "creation_timestamp": "2025-04-15T00:00:00.000000Z"}, {"uuid": "72785679-906b-4c66-9455-b3a9611ea2b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-03)", "content": "", "creation_timestamp": "2025-06-03T00:00:00.000000Z"}, {"uuid": "aa394459-0518-4f5d-9488-1a6d5a56da66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-19)", "content": "", "creation_timestamp": "2025-04-19T00:00:00.000000Z"}, {"uuid": "2b689624-d025-47b2-bd52-79a03399c878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-17)", "content": "", "creation_timestamp": "2025-04-17T00:00:00.000000Z"}, {"uuid": "f7a60bbf-e9f1-4216-8891-887ac6cd0bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-19)", "content": "", "creation_timestamp": "2025-06-19T00:00:00.000000Z"}, {"uuid": "b2d4cfe9-b833-4f61-a8ff-50efb6ab1cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "5b78439a-e8fa-4dbc-be0d-8c6345803740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "0dcc26b3-a2b2-4c94-8c24-ca30b763c5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-15)", "content": "", "creation_timestamp": "2025-07-15T00:00:00.000000Z"}, {"uuid": "e364ba93-b57d-4dfb-8774-ea59e333fa48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-12)", "content": "", "creation_timestamp": "2025-06-12T00:00:00.000000Z"}, {"uuid": "e5e7a9c4-7afc-409f-85f9-01c1b9558ad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-03)", "content": "", "creation_timestamp": "2025-05-03T00:00:00.000000Z"}, {"uuid": "3724719b-2317-45c3-8518-3a38959ad132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "00ff8c39-73db-4704-b367-6b2d6ae0e46e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "9726de8b-3e59-41d8-836c-d86efdf10942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-09)", "content": "", "creation_timestamp": "2025-07-09T00:00:00.000000Z"}, {"uuid": "fd4b85c5-6466-40bb-85c9-4c28a667be2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-20)", "content": "", "creation_timestamp": "2025-05-20T00:00:00.000000Z"}, {"uuid": "f8a10e9f-88c9-4495-8f16-a239ebdcee86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-09)", "content": "", "creation_timestamp": "2025-05-09T00:00:00.000000Z"}, {"uuid": "9939333e-3cb0-48c3-907e-768d531a3e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-13)", "content": "", "creation_timestamp": "2025-05-13T00:00:00.000000Z"}, {"uuid": "5617204d-2073-4f95-8332-5f326820964f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-15)", "content": "", "creation_timestamp": "2025-06-15T00:00:00.000000Z"}, {"uuid": "9f6d0af3-36dd-4a9f-a473-6912b2385af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "d7958ecb-e2ef-4d11-8e41-1257be369e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures", "content": "", "creation_timestamp": "2025-05-14T05:58:38.779975Z"}, {"uuid": "95c0e801-74b6-4d50-a1fb-06e8a04a2c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "f725bf25-6ae7-488d-b4ed-0ed957afa8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "a3d89689-9ca9-489b-9373-b541698f9e70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-fb46317f-f199617e874bb2a8", "content": "", "creation_timestamp": "2025-09-25T15:33:25.569007Z"}, {"uuid": "14b0e9c6-d288-4c51-b543-eb387dfabda8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-18)", "content": "", "creation_timestamp": "2025-10-18T00:00:00.000000Z"}, {"uuid": "a8f571ee-90de-4ac1-9ece-af419aed42d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-22)", "content": "", "creation_timestamp": "2025-07-22T00:00:00.000000Z"}, {"uuid": "2306c31f-87e6-4646-9922-74c883e4dd1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-21)", "content": "", "creation_timestamp": "2025-10-21T00:00:00.000000Z"}, {"uuid": "752ae8c4-2440-44fb-8d39-7f80907407c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-05)", "content": "", "creation_timestamp": "2025-09-05T00:00:00.000000Z"}, {"uuid": "3cc9d02e-11d2-4cd9-bd65-cd8d31b07b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-27)", "content": "", "creation_timestamp": "2025-07-27T00:00:00.000000Z"}, {"uuid": "1b7ca138-0222-4d10-a0d1-2762e6a211d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "e59fe6c4-0722-4249-a42e-646dcc38e330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-13)", "content": "", "creation_timestamp": "2025-10-13T00:00:00.000000Z"}, {"uuid": "0e254021-e0c5-46c9-9ec6-7221f7be9d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-25)", "content": "", "creation_timestamp": "2025-10-25T00:00:00.000000Z"}, {"uuid": "7c779f77-c0bd-4927-871a-6c102fb16891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-27)", "content": "", "creation_timestamp": "2025-10-27T00:00:00.000000Z"}, {"uuid": "e93063b1-279b-486c-8e0f-731859a49e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-09)", "content": "", "creation_timestamp": "2025-09-09T00:00:00.000000Z"}, {"uuid": "3e7e0263-d176-4c83-b67f-3853662c4eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-29)", "content": "", "creation_timestamp": "2025-10-29T00:00:00.000000Z"}, {"uuid": "85af69c7-5be6-4250-babc-8bb37a57fb67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-17)", "content": "", "creation_timestamp": "2025-11-17T00:00:00.000000Z"}, {"uuid": "72336e13-8573-4c83-9649-6b24e73f5619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}, {"uuid": "82e70b15-60ee-4200-886d-c72362617e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-06)", "content": "", "creation_timestamp": "2025-10-06T00:00:00.000000Z"}, {"uuid": "ae125e9a-7665-4606-8517-78155cd5e400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-02)", "content": "", "creation_timestamp": "2025-08-02T00:00:00.000000Z"}, {"uuid": "8c9996d9-362b-466e-b499-4a84b175a9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-30)", "content": "", "creation_timestamp": "2025-07-30T00:00:00.000000Z"}, {"uuid": "dcf442cf-973d-453d-a52e-c3ec3297b2bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "6516389a-eea6-40b4-8c75-ef0156faca45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/1/kritische-sicherheitslucken-in-ivanti-connect-secure-und-ivanti-policy-secure-aktiv-ausgenutzt", "content": "", "creation_timestamp": "2024-01-11T11:25:20.000000Z"}, {"uuid": "60c81c2c-a8a0-4efd-93e4-823f827edcb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-31)", "content": "", "creation_timestamp": "2025-10-31T00:00:00.000000Z"}, {"uuid": "c89f4ade-9726-45a9-a7f3-c9cbb6269989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "814b7c2d-a5b3-40e1-aab0-34404f790608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-19)", "content": "", "creation_timestamp": "2025-10-19T00:00:00.000000Z"}, {"uuid": "dad7de8d-dae2-445d-990e-8111d8ac2de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-03)", "content": "", "creation_timestamp": "2025-11-03T00:00:00.000000Z"}, {"uuid": "223a2723-854b-4e62-a794-6e1985807e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-09)", "content": "", "creation_timestamp": "2025-08-09T00:00:00.000000Z"}, {"uuid": "618abaa0-153d-4889-b16e-ad34eec42b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-08)", "content": "", "creation_timestamp": "2025-08-08T00:00:00.000000Z"}, {"uuid": "10b792e4-e93d-4bf5-bdf2-4748eb5389c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-06)", "content": "", "creation_timestamp": "2025-09-06T00:00:00.000000Z"}, {"uuid": "be5731f0-1312-447b-a06e-e41059297f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-28)", "content": "", "creation_timestamp": "2025-11-28T00:00:00.000000Z"}, {"uuid": "cd1b41b1-ce43-4c82-a994-27720a97d0df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "842cf3f6-c2f8-4a9d-a712-6ffb1028fc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-08)", "content": "", "creation_timestamp": "2025-10-08T00:00:00.000000Z"}, {"uuid": "2feecdef-5992-4457-a86c-818e0578b0a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-06)", "content": "", "creation_timestamp": "2025-11-06T00:00:00.000000Z"}, {"uuid": "4eccdea2-ddd3-4ebb-b0a4-37e4c091544d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-12)", "content": "", "creation_timestamp": "2025-08-12T00:00:00.000000Z"}, {"uuid": "05abf143-284b-4717-b7bf-f0aed88abc6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-11)", "content": "", "creation_timestamp": "2025-08-11T00:00:00.000000Z"}, {"uuid": "7dcabd39-26f2-4d70-946f-c667d8751f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "c792d845-61f9-48c1-ab6e-83380dbed72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-07)", "content": "", "creation_timestamp": "2025-09-07T00:00:00.000000Z"}, {"uuid": "fa7d8a49-fb81-4cd1-b786-cbc0d6a915aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "af1e6edd-1e5b-4dc2-994e-b8a2cd5c8e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-12)", "content": "", "creation_timestamp": "2025-11-12T00:00:00.000000Z"}, {"uuid": "20e93604-f241-4c0c-bf9d-f414b73a84b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-13)", "content": "", "creation_timestamp": "2025-08-13T00:00:00.000000Z"}, {"uuid": "9febac9a-764b-4191-9fb1-75f6d906f5b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "9e0021ac-b384-4b55-b72f-23ab2e66e492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "c7e81944-461a-4704-865a-0c85f81e17c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-26)", "content": "", "creation_timestamp": "2025-10-26T00:00:00.000000Z"}, {"uuid": "a8a1afed-2299-46b9-8267-beb135075c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-16)", "content": "", "creation_timestamp": "2025-11-16T00:00:00.000000Z"}, {"uuid": "24ef4e8a-0e4f-44cd-b4c4-9eb99b3dcbfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-15)", "content": "", "creation_timestamp": "2025-08-15T00:00:00.000000Z"}, {"uuid": "f8420f92-5f66-4330-b6dc-e9f7089d3c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-11)", "content": "", "creation_timestamp": "2025-10-11T00:00:00.000000Z"}, {"uuid": "d1e6f439-8fef-48bd-b552-bbd70587e460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-13)", "content": "", "creation_timestamp": "2025-11-13T00:00:00.000000Z"}, {"uuid": "2f0aa2d8-5cb6-4457-a9e9-1bb8dece3bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-09)", "content": "", "creation_timestamp": "2025-10-09T00:00:00.000000Z"}, {"uuid": "5d2a7b5f-d732-4a0b-b376-154021522a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-19)", "content": "", "creation_timestamp": "2025-11-19T00:00:00.000000Z"}, {"uuid": "00e52f1e-113b-4442-8cfc-0006ad4cb06d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "13e85595-7d25-4bc2-a284-42be0d3fadea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "6189f9ae-9026-470c-8d6c-3b27fb13bea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-10)", "content": "", "creation_timestamp": "2025-09-10T00:00:00.000000Z"}, {"uuid": "eab7e42d-f5a3-4d92-afaa-10dc63bf91a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-18)", "content": "", "creation_timestamp": "2025-08-18T00:00:00.000000Z"}, {"uuid": "5bbebd8b-c2f2-4873-bccd-e41ed3b0e3ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-20)", "content": "", "creation_timestamp": "2025-10-20T00:00:00.000000Z"}, {"uuid": "f476b6fa-5d41-41ba-882c-36d8433f68ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-28)", "content": "", "creation_timestamp": "2025-10-28T00:00:00.000000Z"}, {"uuid": "7c120d66-05ff-421b-b3d0-a9c646d10ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "c4406660-a053-4a71-80fa-1a52d9245cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-29)", "content": "", "creation_timestamp": "2025-09-29T00:00:00.000000Z"}, {"uuid": "27032c2e-fba7-44e1-b53b-f523aa29282d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-21)", "content": "", "creation_timestamp": "2025-08-21T00:00:00.000000Z"}, {"uuid": "3bf0a2c7-111c-4dbb-b305-52611d6a701d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "8341fcc6-455d-4f82-83b3-edef55bc8183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "e040d72c-faed-4404-a3d6-d176881210cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-08)", "content": "", "creation_timestamp": "2025-09-08T00:00:00.000000Z"}, {"uuid": "efea2745-69e0-489c-b0f1-2e765d27f0b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-05)", "content": "", "creation_timestamp": "2025-11-05T00:00:00.000000Z"}, {"uuid": "e4028da5-be20-428e-a811-998ea2f51736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-10)", "content": "", "creation_timestamp": "2025-10-10T00:00:00.000000Z"}, {"uuid": "06119f34-3add-4123-9f7e-9002528cbd82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-02)", "content": "", "creation_timestamp": "2025-11-02T00:00:00.000000Z"}, {"uuid": "fd0fede8-b3b0-44fa-a327-99cb01c4ac6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-24)", "content": "", "creation_timestamp": "2025-10-24T00:00:00.000000Z"}, {"uuid": "d64215f3-c8e8-459d-bd3b-ffe2d681311e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-15)", "content": "", "creation_timestamp": "2025-09-15T00:00:00.000000Z"}, {"uuid": "710f5aac-44dc-4efb-95d8-b0a2007a6f8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-17)", "content": "", "creation_timestamp": "2025-10-17T00:00:00.000000Z"}, {"uuid": "57728115-5bed-4051-a9fb-a2907e6f2002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "6a34acaf-8cc4-4408-ae15-ef74a4d5b59c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-24)", "content": "", "creation_timestamp": "2025-08-24T00:00:00.000000Z"}, {"uuid": "9bfaacbb-b191-4f05-a71f-cb70264dab15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-27)", "content": "", "creation_timestamp": "2025-08-27T00:00:00.000000Z"}, {"uuid": "629b7399-2de5-4c6d-a19d-e4c9877dc051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/3057b723-5fae-476d-b162-b0a1a9a63ac2", "content": "", "creation_timestamp": "2025-08-28T15:41:48.000000Z"}, {"uuid": "9e533201-b06c-4238-a6dd-c3b167f63dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-26)", "content": "", "creation_timestamp": "2025-08-26T00:00:00.000000Z"}, {"uuid": "cc2e705f-7a34-401a-93f6-40921df86248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-28)", "content": "", "creation_timestamp": "2025-08-28T00:00:00.000000Z"}, {"uuid": "b209d335-0887-4d96-b6b5-06aeda090187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-30)", "content": "", "creation_timestamp": "2025-09-30T00:00:00.000000Z"}, {"uuid": "be3158d7-3051-4f44-841d-bb4e36987ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://gist.github.com/Darkcrai86/3cba1d61c2336cd96b3fc8eeb1ae8f56", "content": "", "creation_timestamp": "2025-08-29T17:27:13.000000Z"}, {"uuid": "5dfdcad1-871f-432e-b6ae-c26fc52560fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2023_46805.rb", "content": "", "creation_timestamp": "2024-01-19T22:03:20.000000Z"}, {"uuid": "93e69110-5e5e-459a-b080-b657b96d87c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-29)", "content": "", "creation_timestamp": "2025-08-29T00:00:00.000000Z"}, {"uuid": "520c1f50-d493-49a3-a2da-9e2ffb02e427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/3057b723-5fae-476d-b162-b0a1a9a63ac2", "content": "", "creation_timestamp": "2025-09-01T03:42:36.000000Z"}, {"uuid": "b2c7c81d-6606-47d7-b800-96411309a72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-14)", "content": "", "creation_timestamp": "2025-11-14T00:00:00.000000Z"}, {"uuid": "3485f267-35b6-40d1-9d03-2d53dbd0791b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-01)", "content": "", "creation_timestamp": "2025-09-01T00:00:00.000000Z"}, {"uuid": "7d2544fa-d28e-44e1-9c59-12097bee2d13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/3445a876-cced-4346-bf37-e276ba39cff4", "content": "", "creation_timestamp": "2025-09-02T18:30:14.000000Z"}, {"uuid": "3c0538c5-9556-40e3-8c67-4a4b1093749b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-04)", "content": "", "creation_timestamp": "2025-09-04T00:00:00.000000Z"}, {"uuid": "329529d8-ad53-4a85-899d-70b22da8d359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-04)", "content": "", "creation_timestamp": "2025-11-04T00:00:00.000000Z"}, {"uuid": "f1787898-6905-46ac-8804-5ff4a2eef22f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-03)", "content": "", "creation_timestamp": "2025-09-03T00:00:00.000000Z"}, {"uuid": "fbd3d3ed-f957-421c-9f76-12f077f0ff93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-02)", "content": "", "creation_timestamp": "2025-09-02T00:00:00.000000Z"}, {"uuid": "6c5533aa-d0bf-4104-8484-a155a05c9d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-15)", "content": "", "creation_timestamp": "2025-12-15T00:00:00.000000Z"}, {"uuid": "79dc98b2-9d6f-4264-9e1f-2f81d224d2ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-28)", "content": "", "creation_timestamp": "2026-02-28T00:00:00.000000Z"}, {"uuid": "0c5fb323-49b0-4c80-9387-6c84a0aca115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-09)", "content": "", "creation_timestamp": "2026-03-09T00:00:00.000000Z"}, {"uuid": "2942d36c-a480-4b60-9b68-4b0b3ce45876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-01)", "content": "", "creation_timestamp": "2026-03-01T00:00:00.000000Z"}, {"uuid": "f58856fc-8505-4d3f-b38e-0468cd3afd66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-19)", "content": "", "creation_timestamp": "2025-12-19T00:00:00.000000Z"}, {"uuid": "245463d2-152f-4752-873e-22c2e83aea6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "7377de63-2a82-4aed-8eee-f404464c0fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "61d0c1af-e647-4997-8e31-ecc3dc0c0fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-26)", "content": "", "creation_timestamp": "2025-12-26T00:00:00.000000Z"}, {"uuid": "a16b618e-2573-43f4-94af-7eb091c7a3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-01)", "content": "", "creation_timestamp": "2026-02-01T00:00:00.000000Z"}, {"uuid": "75b09925-c573-46cb-bb0e-81aba5441e24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-24)", "content": "", "creation_timestamp": "2026-02-24T00:00:00.000000Z"}, {"uuid": "adea0fd0-6821-48a1-ac26-1532397a19c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "60703967-8fb6-4cb8-a97a-78139f01454a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-28)", "content": "", "creation_timestamp": "2025-12-28T00:00:00.000000Z"}, {"uuid": "d0fed63c-bd10-4316-8f4b-70ce4093c15a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-19)", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "5af051d9-95ae-4e1f-8314-00b5846f72f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_2/2024", "content": "", "creation_timestamp": "2024-01-10T20:21:17.000000Z"}, {"uuid": "49672060-83ab-48d5-aa0d-9be01f39ccef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-28)", "content": "", "creation_timestamp": "2026-03-28T00:00:00.000000Z"}, {"uuid": "cb658113-6279-4b26-9a12-87eb239c89db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-10)", "content": "", "creation_timestamp": "2026-01-10T00:00:00.000000Z"}, {"uuid": "fa635a3e-87eb-4a51-bfe5-5f67d9690833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "82dd60f7-2f0a-4d4e-88c7-a55582836ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1197", "content": "", "creation_timestamp": "2024-01-11T04:00:00.000000Z"}, {"uuid": "b6911f61-bd42-498d-8159-27125abd9732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-17)", "content": "", "creation_timestamp": "2026-01-17T00:00:00.000000Z"}, {"uuid": "98f72b80-0221-4179-ae0a-ca038064198e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "86fb3602-c26a-45b0-9646-691612b3a670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "79bb29fe-df36-455f-bd4c-cbeff3f57bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-18)", "content": "", "creation_timestamp": "2026-01-18T00:00:00.000000Z"}, {"uuid": "76809271-a289-459b-9ea6-45c9d3037b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-15)", "content": "", "creation_timestamp": "2026-03-15T00:00:00.000000Z"}, {"uuid": "a9250e5e-27ba-4ca1-9084-58336f2ade6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/e3ff8696-592c-4423-9a57-2cb2716b141e", "content": "", "creation_timestamp": "2025-08-29T14:07:34.392990Z"}, {"uuid": "0d7acf2f-443b-4527-a267-59f258297632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-20)", "content": "", "creation_timestamp": "2026-01-20T00:00:00.000000Z"}, {"uuid": "5f9c2ecb-1012-4e10-be06-a6c18ff4d528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/11268897-8798-4ec2-bcac-b23fe0715823", "content": "", "creation_timestamp": "2025-03-11T20:37:58.600981Z"}, {"uuid": "d68f5cc0-8b40-4236-88f9-110b0d3eb547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "00390909-5bcb-477e-95b2-cd2cba7e094a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/89520554-7af1-4332-ac23-d048fbc93ed7", "content": "", "creation_timestamp": "2026-02-02T12:26:43.061096Z"}, {"uuid": "14cfa1e5-997c-4431-a719-0ab222e67105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-04)", "content": "", "creation_timestamp": "2026-04-04T00:00:00.000000Z"}, {"uuid": "d451336d-265e-4dcb-b00a-6baf45108c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/E99GV6b_0bPHJGpg3-uU0s1YiwZUE2cHW_8vO8VqO0pnd3Y", "content": "", "creation_timestamp": "2024-04-05T11:46:36.000000Z"}, {"uuid": "a90f46e0-e1b9-42a4-bf1f-8df3d8e254cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "7d044bcc-6fcc-445d-b67c-ddf8ca954b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/f3b16ca9-f749-4169-9a68-b159e6aaf5ed", "content": "", "creation_timestamp": "2026-04-08T07:25:53.000000Z"}, {"uuid": "1658984f-2554-4764-9e4d-4b1b25f82dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/MgTqQgmDO8xxM6Pf2YfmuSScTpaiNL3ESHnSqRU-m1GfL0c", "content": "", "creation_timestamp": "2024-05-09T14:25:08.000000Z"}, {"uuid": "45bfeb5c-efaf-4cef-a3c4-a98754a61be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mk7desyqjx2q", "content": "", "creation_timestamp": "2026-04-24T01:03:35.863405Z"}, {"uuid": "92eadfdd-8705-464c-8c1c-5e7c17501a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-", "content": "", "creation_timestamp": "2026-04-07T04:00:00.000000Z"}, {"uuid": "cfa7d5ea-d568-42b8-bde3-a6135f7c837e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/", "content": "", "creation_timestamp": "2026-04-06T04:00:00.000000Z"}, {"uuid": "e474e83b-cf46-4f01-9eac-4a5aad8b8e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "6dc56f21-f261-4415-b479-f5540bb4bcb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "MISP/f3b16ca9-f749-4169-9a68-b159e6aaf5ed", "content": "", "creation_timestamp": "2026-04-18T13:07:25.000000Z"}, {"uuid": "97ba2053-891f-410c-9839-3aa0206ae192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mk7dets32j2t", "content": "", "creation_timestamp": "2026-04-24T01:03:36.675859Z"}, {"uuid": "e9d7e002-2c4a-4e3c-8b39-27139a1e277c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6453", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aIvanti Connect Around attack chain mitigation validation tool. CVE-2023-46805 and CVE-2024-21887.\nURL\uff1ahttps://github.com/seajaysec/Ivanti-Connect-Around-Scan\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-19T01:55:03.000000Z"}, {"uuid": "53cbb76b-730d-4490-b5b5-fded61d15a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6496", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46805 POC RCE\nURL\uff1ahttps://github.com/w2xim3/CVE-2023-46805\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-01-25T15:13:05.000000Z"}, {"uuid": "96ba9431-610f-477d-a0b8-7ae06acd33bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3671", "content": "\u0418\u0441\u0442\u043e\u0440\u0438\u044f \u043e \u0431\u0430\u0433\u0430\u0445 \u0438 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0444\u0438\u043a\u0441 \u043e\u0434\u043d\u0438\u0445 \u0431\u0430\u0433\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043d\u043e\u0432\u044b\u0435 \u0431\u0430\u0433\u0438 \ud83d\ude02\n\n\u041c\u043d\u043e\u0433\u043e \u0432\u0438\u0434\u0435\u043b \u043f\u043e\u0441\u0442\u043e\u0432 \u043f\u0440\u043e \u0441\u0443\u043f\u0435\u0440\u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e \u0432\u0443\u043b\u043d\u0443 \u0432 Ivanti. \u0412 \u0446\u0435\u043b\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0445\u0443\u0448\u043a\u0430 \u0430\u0439\u0441\u0431\u0435\u0440\u0433\u0430.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0435\u0448\u0438\u043b \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e PoC, \u043d\u043e \u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u043e\u043c \u043e\u0442 AttackerKB (\u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0438 metasploit). \u041e\u043d\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u0438 \u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043e\u0431\u044a\u044f\u0441\u043d\u0438, \u043a\u0430\u043a \u043d\u0430\u0448\u043b\u0438 \u0438 \u043a\u0430\u043a \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0437\u043b\u043e\u043f\u043e\u043b\u0443\u0447\u043d\u0430\u044f SSRF \u0432 Ivanti Connect Secure, Ivanti Policy Secure, Ivanti Neurons for ZTA.\n\n\u041d\u043e \u043d\u0430\u0447\u043d\u0435\u043c \u043c\u044b \u043d\u0435 \u0441 CVE-2024-21893, \u0430 \u0441\u0434\u0435\u043b\u0430\u0435\u043c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0448\u0430\u0433\u043e\u0432 \u043d\u0430\u0437\u0430\u0434)\n\n0\ufe0f\u20e3 \u0418\u0441\u0442\u043e\u0440\u0438\u044f \u0441 Ivanti \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0441 CVE-2023-46805, \u044d\u0442\u043e \u0431\u044b\u043b authentication bypass. \u0418\u043c\u043f\u0430\u043a\u0442 \u043e\u0447\u0435\u0432\u0438\u0434\u0435\u043d, \u043d\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043d\u0430 \u044d\u0442\u043e\u043c \u043d\u0435 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044c.\n\n1\ufe0f\u20e3 \u0414\u0430\u043b\u0435\u0435 \u043e\u043d\u0438 \u043d\u0430\u0448\u043b\u0438 command injection CVE-2024-21887. \u042d\u0442\u043e \u0431\u044b\u043b\u043e \u0432\u043a\u0443\u0441\u043d\u0435\u0435, \u043a \u0442\u043e\u043c\u0443 \u0436\u0435 \u0447\u0435\u0439\u043d\u0438\u043b\u043e\u0441\u044c \u0441 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0443\u043b\u043d\u043e\u0439 \u043d\u0430 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0427\u0442\u043e \u0432\u044b\u043b\u0438\u043b\u043e\u0441\u044c \u0432 unauthenticated RCE.\n\n2\ufe0f\u20e3 Ivanti \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u044d\u0442\u0438 \u0434\u0432\u0435 CVE. \u041d\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0435\u0449\u0451 \u043d\u0435 \u0432\u044b\u0448\u0435\u043b.\n\n3\ufe0f\u20e3 \u0417\u0430\u0442\u0435\u043c \u0432\u044b\u0448\u0435\u043b \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 1 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u043d\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0443\u0441\u043f\u0435\u043b\u0438 \u043d\u0430\u0439\u0442\u0438 \u0442\u0443 \u0441\u0430\u043c\u0443\u044e SSRF CVE-2024-21893 \u043d\u0430 \u0434\u0435\u043d\u044c \u0440\u0430\u043d\u044c\u0448\u0435, \u0442\u043e \u0431\u0438\u0448\u044c 31 \u044f\u043d\u0432\u0430\u0440\u044f). \u0414\u0430\u043d\u043d\u0430\u044f SSRF \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0430\u0442\u0447 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 CVE (CVE-2023-46805 & CVE-2024-21887). \n\n\u0415\u0441\u0442\u044c \u043b\u0438 \u0432 \u0438\u0442\u043e\u0433\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435?\n\u0414\u0430, \u043a\u043e\u043d\u0435\u0447\u043d\u043e. \u0412 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 22.5R2.2, \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u0442\u044c\u0438, \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b. \u041d\u043e \u0435\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 Ivanti Connect Secure 22.3R1 \u0438\u043b\u0438 \u0441\u0442\u0430\u0440\u0448\u0435, \u0442\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 ASAP.\n\n\u27a1\ufe0f \u0410 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0445\u043e\u0447\u0435\u0442 \u0435\u0449\u0451 \u0433\u043b\u0443\u0431\u0436\u0435 \u043f\u043e\u0433\u0440\u0443\u0437\u0438\u0442\u0441\u044f \u0432 \u044d\u0442\u043e\u043c, \u0441\u043e\u0432\u0435\u0442\u0443\u044e \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0440\u0435\u0441\u0435\u0440\u0447.\n\n\u0418\u0442\u043e\u0433 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u043e\u0447\u0435\u0432\u0438\u0434\u0435\u043d. \u0424\u0438\u043a\u0441\u044f \u043e\u0434\u043d\u0438 \u0431\u0430\u0433\u0438, \u0441\u043e\u0437\u0434\u0430\u0435\u043c \u0434\u0440\u0443\u0433\u0438\u0435)\n\ud83e\udd7a Stay secure!\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-02-09T07:02:51.000000Z"}, {"uuid": "564c5fdb-51e1-466a-9924-edd618b23331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/GithubRedTeam/6557", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.\nURL\uff1ahttps://github.com/Agampreet-Singh/CVE-2024-0652\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-03T04:35:37.000000Z"}, {"uuid": "af3845b5-4841-462d-8972-6f2b7858b776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805 and CVE-2024-21887\nURL\uff1ahttps://github.com/rxwx/pulse-meter\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-16T19:42:54.000000Z"}, {"uuid": "dddac289-d11f-45a7-82fb-d94aa00ac531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/itsec_news/3971", "content": "\u200b\u26a1\ufe0f0day \u0432 Ivanti \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u041a\u0438\u0442\u0430\u044e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440\u044b \u0432 \u0441\u0435\u0442\u044f\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439\n\n\ud83d\udcac\u041a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Zero-Day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure (ICS). \u0410\u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u043b\u0438 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Mandiant, \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 UNC5221 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c. \u0414\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2023-46805) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2024-21887), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Ivanti Connect Secure \u0438 Policy Secure.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Volexity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 \u044d\u0442\u0443 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 UTA0178, \u0440\u0430\u043d\u0435\u0435 \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u044b, \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440\u044b \u0432 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0441\u043e\u0431\u0440\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0442\u044c \u0433\u043b\u0443\u0431\u0436\u0435 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0436\u0435\u0440\u0442\u0432.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e Ivanti, \u0430\u0442\u0430\u043a\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u043c\u0435\u043d\u0435\u0435 10 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438. \u041e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (\u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0445 ConnectAround \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041a\u0435\u0432\u0438\u043d\u043e\u043c \u0411\u044c\u044e\u043c\u043e\u043d\u0442\u043e\u043c) \u043f\u043e\u044f\u0432\u044f\u0442\u0441\u044f \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 Mandiant \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c. \u041e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u0432\u043d\u0435\u0434\u0440\u044f\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 ICS \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0442\u0430\u043a\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u043a\u0430\u043a BusyBox (\u043d\u0430\u0431\u043e\u0440 UNIX-\u0443\u0442\u0438\u043b\u0438\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438) \u0438 PySoxy (\u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 SOCKS5).\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0438\u0437-\u0437\u0430 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 Perl-\u0441\u043a\u0440\u0438\u043f\u0442 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0441\u0442\u0430\u043b\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u044b LIGHTWIRE \u0438 WIREFIRE. \u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 WARPWIRE \u043d\u0430 \u0431\u0430\u0437\u0435 JavaScript \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0431\u044d\u043a\u0434\u043e\u0440 ZIPLINE, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c/\u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c Reverse Shell, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0442\u0443\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438.\n\n\u0425\u043e\u0442\u044f UNC5221 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u043d\u0438 \u0441 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043c\u0435\u0442\u043e\u0434\u044b \u0433\u0440\u0443\u043f\u043f\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u0443\u044e \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0438 \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u043e \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432. \u0414\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c UNC5221 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440\u0430 \u0441\u0435\u0442\u0435\u0439 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-12T16:19:40.000000Z"}, {"uuid": "49c20e97-3d33-485b-be4c-ec2b847b7d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/itsec_news/3981", "content": "\u200b\u26a1\ufe0f0day \u0432 Ivanti: \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0442\u044b\u0441\u044f\u0447\u0438 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0441\u0440\u0435\u0434\u0438 \u0436\u0435\u0440\u0442\u0432 \u2013 \u0432\u043e\u0435\u043d\u043d\u044b\u0435, \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u044b \u0438 \u0431\u0430\u043d\u043a\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443\n\n\u0420\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u043c\u044b \u0443\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Ivanti. \u041d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 Mandiant \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Zipline, Thinspool Dropper, Wirefire, Lightwire \u0438 Warpwire Harverster.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Volexity, 14 \u044f\u043d\u0432\u0430\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 1 700 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ICS \u0441 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u043c GIFFEDVISITOR.\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0436\u0435\u0440\u0442\u0432 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u0447\u0430\u0441\u0442\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f, \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u044f\u0434\u0447\u0438\u043a\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0431\u0430\u043d\u043a\u0438, \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u0438 \u0431\u0443\u0445\u0433\u0430\u043b\u0442\u0435\u0440\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043c\u0438\u0440\u043e\u0432\u044b\u0435 \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0444\u0438\u0440\u043c\u044b \u0432 \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439, \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0438 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043d\u043e\u0439 \u043e\u0442\u0440\u0430\u0441\u043b\u044f\u0445.\n\n\u0421\u043b\u0443\u0436\u0431\u0430 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0433\u0440\u043e\u0437 Shadowserver \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 16 800 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ICS \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 (\u043e\u043a\u043e\u043b\u043e 5 000) \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0421\u0428\u0410, \u043e\u0434\u043d\u0430\u043a\u043e \u0443\u0433\u0440\u043e\u0437\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e \u043d\u043e\u0441\u0438\u0442 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440.\n\n\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 VPN ICS \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 IPS, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043e\u0447\u0435\u0442\u0430\u044f \u0434\u0432\u0435 \u0440\u0430\u043d\u0435\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-46805 \u0438 CVE-2024-21887 .\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u0435\u043c\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 (UTA0178 \u0438\u043b\u0438 UNC5221) \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u043e\u0441\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043d\u043e\u0432\u044b\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\nIvanti \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u043e\u0441\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u0433\u043b\u0443\u0431\u0438\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440, \u0447\u0435\u043c \u043c\u043e\u0433\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0440\u0430\u043d\u0435\u0435. \u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0441\u0435\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Ivanti Integrity Checker \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0412 \u0438\u044e\u043b\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Ivanti ( CVE-2023-35078 \u0438 CVE-2023-35081 ) \u0431\u044b\u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043d\u043e\u0440\u0432\u0435\u0436\u0441\u043a\u0438\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439, \u0430 \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0447\u0430\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u0442\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2023-38035 ) \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Ivanti Sentry \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 API.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-16T15:35:02.000000Z"}, {"uuid": "8fad4adc-9952-407a-baaa-10e5b96510fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/itsec_news/4122", "content": "\u200b\u26a1\ufe0f1200 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 5000 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: Ivanti, \u043f\u043e\u0440\u0430 \u043d\u0430 \u043f\u0435\u043d\u0441\u0438\u044e\n\n\ud83d\udcac \u041d\u0435\u0434\u0430\u0432\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pulse Secure \u043e\u0442 Ivanti \u043f\u0440\u043e\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u0435\u0442 \u043d\u0430 \u0433\u043b\u0443\u0431\u043e\u043a\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0430\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Eclypsium \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u0441\u044e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0440\u0435\u0432\u0435\u0440\u0441-\u0438\u043d\u0436\u0438\u043d\u0438\u0440\u0438\u043d\u0433 \u0434\u043b\u044f \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 9.1.18.2-24467.1, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Pulse Secure. \u0411\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 CentOS 6.4, \u0431\u0430\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0430 Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 11 \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434 \u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0451\u0445 \u043b\u0435\u0442.\n\n\u041f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043a \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432\u044b\u0437\u0432\u0430\u043d\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u043e\u043c \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Ivanti, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Connect Secure, Policy Secure \u0438 ZTA-\u0448\u043b\u044e\u0437\u044b. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0447\u0442\u043e \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0421\u0440\u0435\u0434\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u044b CVE-2023-46805 , CVE-2024-21887 \u0438 CVE-2024-21893 . \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e, Ivanti \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-22024 , \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c.\n\n\u041e\u0442\u0447\u0451\u0442 Eclypsium \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pulse Secure, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044e Perl, \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0432\u0448\u0443\u044e\u0441\u044f \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 23 \u043b\u0435\u0442, \u0438 \u0432\u0435\u0440\u0441\u0438\u044e \u044f\u0434\u0440\u0430 Linux, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u043b\u0430\u0441\u044c \u0432 2016 \u0433\u043e\u0434\u0443. \u0422\u0430\u043a\u0438\u0435 \u043d\u0430\u0445\u043e\u0434\u043a\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442 \u0440\u0438\u0441\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u044b\u044f\u0432\u0438\u043b \u0431\u043e\u043b\u0435\u0435 1200 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0441\u0432\u044b\u0448\u0435 5000 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Python, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0430 \u0433\u043b\u0443\u0431\u043e\u043a\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 133 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430, \u0447\u0442\u043e \u0443\u0441\u0443\u0433\u0443\u0431\u043b\u044f\u0435\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e \u0435\u0449\u0451 \u0431\u043e\u043b\u044c\u0448\u0435.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u0443\u0434\u0435\u043b\u0435\u043d\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e Ivanti. \u042d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0439, \u0447\u0442\u043e \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u00ab\u043b\u043e\u0436\u043d\u043e\u0435 \u0447\u0443\u0432\u0441\u0442\u0432\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00bb.\n\n\u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u044d\u0442\u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0439 Eclypsium \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u0431\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Eclypsium \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0438 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u044b\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u0443\u044e \u0438 \u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u0434\u0430\u0432\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u043c \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c.\n\n\u00ab\u0427\u0435\u043c \u0431\u043e\u043b\u0435\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0431\u0443\u0434\u0435\u0442 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0442\u0435\u043c \u043b\u0443\u0447\u0448\u0435 \u043c\u044b \u0441\u043c\u043e\u0436\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a\u00bb, \u2014 \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-19T11:52:46.000000Z"}, {"uuid": "8fa6a961-8c43-4db6-8754-e4540697c65a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/itsec_news/4012", "content": "\u200b\u26a1\ufe0fIvanti \u043f\u043e\u0434\u0430\u0440\u0438\u043b\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0421\u0428\u0410\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (Cybersecurity and Infrastructure Security Agency, CISA) \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0443, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044e\u0449\u0443\u044e \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0441\u043a\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0432\u043b\u0430\u0441\u0442\u0438 (Federal Civilian Executive Branch, FCEB) \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0434\u0432\u0443\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Ivanti Connect Secure (ICS) \u0438 Ivanti Policy Secure (IPS).\n\n\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 ( CVE-2023-46805 , \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.2) \u0438 \u043e\u0448\u0438\u0431\u043a\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 ( CVE-2024-21887 , \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.1) \u2014 \u0441\u0442\u0430\u043b\u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\nIvanti \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430, \u0447\u0442\u043e \u0441\u0442\u0430\u043b\u0430 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u0435\u043c \u00ab\u0440\u0435\u0437\u043a\u043e\u0433\u043e \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0443\u0433\u0440\u043e\u0437\u00bb, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 11 \u044f\u043d\u0432\u0430\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0431\u043e\u043a\u043e\u0432\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435 (Lateral Movement), \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043a\u0440\u0430\u0436\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0442\u044c \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0443\u0442\u044c \u0447\u0435\u0440\u0435\u0437 XML-\u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0434\u043b\u044f \u0432\u043d\u0435\u0441\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e.\n\nCISA \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 ICS, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u044f\u0432\u0438\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0430 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0445 \u043e\u0442 \u0441\u0435\u0442\u0435\u0439 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0438\u043c\u043f\u043e\u0440\u0442\u043e\u043c XML-\u0444\u0430\u0439\u043b\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c FCEB \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043e\u0437\u0432\u0430\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u043a\u043b\u044e\u0447\u0438 API \u0438 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u043b\u044e\u0431\u043e\u0433\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0448\u043b\u044e\u0437\u0435.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Volexity \u0438 Mandiant \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c, \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043e \u043e\u043a\u043e\u043b\u043e 2 100 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u0432\u043e\u043b\u043d\u0430 \u0430\u0442\u0430\u043a \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430. \u0421 \u0442\u043e\u0433\u043e \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u0435\u043c\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 (UTA0178 \u0438\u043b\u0438 UNC5221) \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u043e\u0441\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043d\u043e\u0432\u044b\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-22T14:41:11.000000Z"}, {"uuid": "79d36d72-8bbf-4349-8f69-77fa5331df30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/itsec_news/4028", "content": "\u200b\u26a1\ufe0f\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0435\u043b\u044c\u0437\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c: \u041a\u0438\u0442\u0430\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 0day \u0432 VPN Ivanti \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0437\u0430 \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u043e\u043c\n\n\u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Censys \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e, \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 (VPN) \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Ivanti, \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Censys, \u0438\u0437 26 \u0442\u044b\u0441\u044f\u0447 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443, 492 VPN Ivanti \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u043c\u0438\u0440\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0421\u0428\u0410 (121 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e), \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044e (26), \u042e\u0436\u043d\u0443\u044e \u041a\u043e\u0440\u0435\u044e (24) \u0438 \u041a\u0438\u0442\u0430\u0439 (21). \u041d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0435 Microsoft (13), \u0437\u0430 \u043d\u0438\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b Amazon (12) \u0438 Comcast (10).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Censys \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Ivanti Connect Secure \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 412 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432 \u0441 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c, \u0430 \u0442\u0430\u043a\u0436\u0435 22 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438\u043b\u0438 \u043d\u0430 \u043e\u0434\u043d\u043e\u0433\u043e, \u043c\u0435\u043d\u044f\u044e\u0449\u0435\u0433\u043e \u0441\u0432\u043e\u0438 \u0442\u0430\u043a\u0442\u0438\u043a\u0438.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (zero-day) \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 (9.x, 22.x):\n\nCVE-2023-46805 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.2): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u2013 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u043c\u0438\u043d\u0443\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438;\n\nCVE-2024-21887 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.1): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u2013 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0445\u0430\u043a\u0435\u0440\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u043f\u043e \u0441\u0435\u0442\u0438. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u043e\u0434\u0445\u043e\u0434 Living off the Land (LotL), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c \u041f\u041e \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438, \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Censys, \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044e\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0446\u0435\u043b\u044f\u043c\u0438 \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430. \u042d\u0442\u0430 \u0442\u0435\u043e\u0440\u0438\u044f \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u0435\u0442 \u0441 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c\u0438 \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 Volexity \u0438 Mandiant. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Volexity \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u0433\u0440\u043e\u0437\u0430 \u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u00ab\u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u00bb UTA0178. Mandiant, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0443 \u0433\u0440\u0443\u043f\u043f\u0443 \u043a\u0430\u043a UNC5221, \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043c\u0435\u0442\u043e\u0434\u044b \u0433\u0440\u0443\u043f\u043f\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0443\u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 (Advanced Persistent Threat, APT).\n\n\u0412\u0441\u0435 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. Ivanti \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041f\u043e\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u043b\u0438, CISA \u0438 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Ivanti \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0441\u0438\u0441\u0442\u0435\u043c. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e: \u043f\u0435\u0440\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c 22 \u044f\u043d\u0432\u0430\u0440\u044f, \u0430 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u2014 19 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u0432\u0437\u043b\u043e\u043c\u044b \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c 11 \u044f\u043d\u0432\u0430\u0440\u044f, \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Ivanti \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041e\u0448\u0438\u0431\u043a\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u044b \u0438\u0437-\u0437\u0430 \u0438\u0445 \u0432\u043b\u0438\u044f\u043d\u0438\u044f, \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u043c\u0435\u0442\u043e\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u0445 Volexity \u0438 Mandiant. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0432\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043e\u043b\u0436\u043d\u044b \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f VPN.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-25T10:23:27.000000Z"}, {"uuid": "5c4fefd8-d84d-449a-ade0-d6025387badc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/itsec_news/4068", "content": "\u200b\u26a1\ufe0f\u0423 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432 \u0421\u0428\u0410 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0441\u0435 \u043c\u0435\u043d\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti\n\n\ud83d\udcac \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e \u043e\u0442 \u0432\u0441\u0435\u0445 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0438\u0437-\u0437\u0430 \u0442\u0440\u0435\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u0434\u0432\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, CVE-2023-46805 (\u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438) \u0438 CVE-2024-21887 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434), \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0441 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0434\u043b\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u2014 CVE-2024-21893. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0448\u043b\u044e\u0437\u0430\u0445 Ivanti Connect Secure \u0438 Ivanti Policy Secure.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041f\u041e, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u044d\u0442\u0438\u043c \u0443\u0433\u0440\u043e\u0437\u0430\u043c. Ivanti \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043b\u044c\u0437\u044f \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u043f\u0440\u044f\u043c\u043e \u0441\u0435\u0439\u0447\u0430\u0441.\n\n\u041a\u0440\u0430\u0439\u043d\u0438\u043c \u0441\u0440\u043e\u043a\u043e\u043c \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0447\u044c \u043f\u044f\u0442\u043d\u0438\u0446\u044b, 2 \u0444\u0435\u0432\u0440\u0430\u043b\u044f. \u0417\u0430\u0442\u0435\u043c \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c \u043f\u043e\u0438\u0441\u043a \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u043a \u0441\u0435\u0442\u0438, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u043d\u0443\u0436\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0440\u044f\u0434 \u043c\u0435\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043a \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f, \u0437\u0430\u043d\u043e\u0432\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0440\u0430\u043d\u0435\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043e\u0437\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u043a\u043b\u044e\u0447\u0438 \u0438 \u043f\u0430\u0440\u043e\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan, \u0441\u0435\u0439\u0447\u0430\u0441 \u0431\u043e\u043b\u0435\u0435 22 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Shadowserver \u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0441\u043e\u0442\u043d\u0438 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0438\u0445 \u0432\u0437\u043b\u043e\u043c\u0430 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u043f\u0430\u0441\u0430\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u043e\u0433\u043b\u0438 \u0442\u0430\u0439\u043d\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u0421\u0428\u0410 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u043d\u0435\u0434\u0435\u043b\u044c \u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u0430 \u044d\u0442\u043e \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0432\u043e\u043f\u0440\u043e\u0441 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u00ab\u042d\u0442\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u0438\u043b\u0435, \u043f\u043e\u043a\u0430 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e CISA \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 Ivanti, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0432\u0441\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0435. \u0414\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0442\u043c\u0435\u043d\u0435\u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c\u00bb, \u2014 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 CISA.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-02T10:08:27.000000Z"}, {"uuid": "209aafc8-288d-48a9-bb96-f25f016b804f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/codeby_sec/9384", "content": "\ud83c\udde8\ud83c\uddf3 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \n\n\ud83d\udc32 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Salt Typhon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b 600 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\ud83c\udf0e \u0414\u0430\u043d\u043d\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0441\u0432\u043e\u0438 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0442\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430, \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0438 \u0432\u043e\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\ud83c\udfe2 \u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 , \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u043c \u0432\u043b\u0430\u0441\u0442\u044f\u043c\u0438 13 \u0441\u0442\u0440\u0430\u043d, \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0440\u0435\u043c\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438: Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd. \u0438 Sichuan Zhixin Ruijie Network Technology Co., Ltd.\n\n\ud83d\udc69\u200d\ud83d\udcbb Salt Typhoon \u0431\u044b\u043b \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0442 Cisco ( CVE-2018-0171 , CVE-2023-20198 \u0438 CVE-2023-20273 ), Ivanti ( CVE-2023-46805 \u0438 CVE-2024-21887 ) \u0438 Palo Alto Networks ( CVE-2024-3400 ).", "creation_timestamp": "2025-09-12T15:42:01.000000Z"}, {"uuid": "6fa394f6-cbbd-4702-af27-2d894fdd7501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "2299409b-dfb7-47ff-85cb-a0d6d7588fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_Watch_insider/361", "content": "https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", "creation_timestamp": "2024-01-31T10:02:56.000000Z"}, {"uuid": "cc7c96ec-3c14-43a8-94d9-aadf62206251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6446", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aHere is a script to check vulns CVE-2023-46805 and CVE-2024-21887\nURL\uff1ahttps://github.com/TheRedDevil1/Check-Vulns-Script\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-17T10:32:51.000000Z"}, {"uuid": "bc733bc8-7c10-4042-92b8-b6d44a157d0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10832", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA Python script for examining Ivanti Secure Connect (ICS) event logs, designed to support investigations into vulnerabilities CVE-2025-0282, CVE-2023-46805, and CVE-2024-21887.\nURL\uff1ahttps://github.com/Hexastrike/Ivanti-Secure-Connect-Logs-Parser\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-01-19T09:05:47.000000Z"}, {"uuid": "507baf96-0c1e-465b-a10b-c3cf193a3d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1092", "content": "\ud83d\udc40 \u0428\u043b\u044e\u0437\u043e\u0432\u043e\u0435 \u041f\u041e Ivanti \u0441\u043d\u043e\u0432\u0430 \u043f\u0440\u043e\u0434\u044b\u0440\u044f\u0432\u0438\u043b\u0438\n\n\u041d\u043e\u0432\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c Ivanti \u0434\u043b\u044f \u0436\u0435\u043b\u0430\u044e\u0449\u0438\u0445 \u0432\u0437\u0431\u043e\u0434\u0440\u0438\u0442\u044c\u0441\u044f: \u0434\u0432\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u044f \u0432 Ivanti Connect Secure \u0438 Policy Secure. \u041f\u0430\u0440\u043e\u0447\u043a\u0430 \u0438\u0437 CVE-2023-46805 (\u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438) \u0438 CVE-2024-21887 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434) \u0432 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0438\u0447\u044c RCE \u043d\u0430 \u0448\u043b\u044e\u0437\u0435. \u0412 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0442\u043e\u0440\u0447\u0438\u0442 \u043f\u043e\u0447\u0442\u0438 15 \u0442\u044b\u0441\u044f\u0447 \u0442\u0430\u043a\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0432 \u0421\u0428\u0410, \u042f\u043f\u043e\u043d\u0438\u0438, \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u041a\u0438\u0442\u0430\u0435. \n\n\u0414\u044b\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435, \u043d\u043e \u043d\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e, Ivanti \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 \u043e \u00ab\u043c\u0435\u043d\u0435\u0435 10\u00bb \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445  \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u0435\u0449\u0430\u044e\u0442 \u0432 \u0434\u0432\u0435 \u043f\u0430\u0440\u0442\u0438\u0438: \u0431\u0435\u0442\u0430 22 \u044f\u043d\u0432\u0430\u0440\u044f, \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u2014 19 \u0444\u0435\u0432\u0440\u0430\u043b\u044f. \u0422\u0435\u043c, \u043a\u043e\u043c\u0443 \u0436\u0438\u0442\u044c \u0441 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c\u0438 \u0434\u044b\u0440\u0430\u043c\u0438 \u0432 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0434\u0438\u0441\u043a\u043e\u043c\u0444\u043e\u0440\u0442\u043d\u043e, \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0442 \u0432\u0437\u044f\u0442\u044c \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0440\u0442\u0430\u043b\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0430\u0442\u0447 mitigation.release.20240107.1.xml (\u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0443 \u0442\u0443\u0442).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-01-11T15:38:03.000000Z"}, {"uuid": "c69aef2d-9eaa-47fb-8ad7-d39e4f8b94a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/true_secator/7103", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 2024 \u0433\u043e\u0434\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0438\u0445 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043c\u043d\u043e\u0433\u0438\u0435 CWE \u0438\u0437 TOP 10 \u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Microsoft \u0438 \u044f\u0434\u0440\u0430 Linux \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043b\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0430\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0447\u0430\u0441\u0442\u043e \u043a \u00ab\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e\u00bb \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0442\u0430\u043a \u0434\u043b\u044f Linux \u043d\u0430 Windows \u0438 \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0430\u0449\u0435 \u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2018-0802, CVE-2017-11882 (\u043e\u0431\u0435 RCE \u0432 Equation Editor), CVE-2017-0199 (Microsoft Office \u0438 WordPad).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 2024 \u0433\u043e\u0434\u0430, \u0438 \u043c\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 WinRAR \u0438 \u0432 \u0441\u0430\u043c\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (WinRAR), CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0ks.sys) \u0438 CVE-2022-3699 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Lenovo Diagnostics).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2022-0847 (Dirty Pipe), CVE-2019-13272 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-3156 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435\u00a0sudo).\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u0430\u043a \u0441\u0430\u043c\u043e\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043b\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c - \u044d\u0442\u0430 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft Office.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 APT, \u0432 \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430: CVE-2025-0282, CVE-2024-21887 \u0438 CVE-2025-0283 (Ivanti Connect Secure), CVE-2020-1472 (Netlogon Windows), CVE-2023-46805 (Ivanti ICS), CVE-2023-48788 (Fortinet) \u0438 \u0434\u0440.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0432 TOP 10 \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438: \n\n- ZDI-CAN-25373: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 lnk-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 Windows;\n\n- CVE-2025-21333: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 vkrnlintvsp.sys;\n\n- CVE-2025-24071: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 NetNTLM-\u0445\u044d\u0448\u0430 \u0432 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-04T18:00:07.000000Z"}, {"uuid": "8b4df533-d110-44d8-818b-3ee38d059058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/YD6mpe3TwIj5mekCtHmupokYwnKq56rX_43Fm9Af1mnNIg", "content": "", "creation_timestamp": "2024-05-09T15:53:36.000000Z"}, {"uuid": "532091e6-b3cb-488a-bec2-eb92bcc40600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/6864", "content": "https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/\nCVE-2023-46805 & CVE-2024-21887\n#poc", "creation_timestamp": "2024-06-08T00:15:49.000000Z"}, {"uuid": "88302a63-bdae-4b60-b652-5d7715e6c56f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "Telegram/haAkjxuNgk5xBmTvFiRT801ERGlDk_Oz2LRf7VL3quAPKg", "content": "", "creation_timestamp": "2024-01-18T15:37:53.000000Z"}, {"uuid": "52e359bb-a044-4939-8e8b-5ad558921547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/Q2Wb1gTo4-yPIel4el29lFnXORS7KBW-EynGz4H2VTwYbg", "content": "", "creation_timestamp": "2024-04-05T11:23:56.000000Z"}, {"uuid": "e7efa89d-7ce2-4f51-80f5-474ce4737624", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "Telegram/DK4zpnt2hY9_uaXvFlL8qKzoZITEe3zVAwuxple3iLHOBQ", "content": "", "creation_timestamp": "2024-01-15T20:33:19.000000Z"}, {"uuid": "66bb8f41-cfbf-4e17-8983-980ce2f10ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/HackingInsights/175", "content": "\u200aMirai Botnet Exploits Ivanti Vulnerabilities (CVE-2023-46805 & CVE-2024-21887)\n\nhttps://securityonline.info/mirai-botnet-exploits-ivanti-vulnerabilities-cve-2023-46805-cve-2024-21887/", "creation_timestamp": "2024-05-08T11:26:00.000000Z"}, {"uuid": "cf324b86-f5c0-4240-a3c4-3ea70647c6a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/7245", "content": "The Hacker News\nMirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery\n\nTwo recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet.\nThat's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload.\nWhile CVE-2023-46805 is an authentication bypass flaw,", "creation_timestamp": "2024-05-09T15:53:37.000000Z"}, {"uuid": "bb07434e-b5e4-44ff-9bec-1b2df47bb180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/5026", "content": "The Hacker News\nResearchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws\n\nMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).\nThe clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.\nThe Google Cloud", "creation_timestamp": "2024-04-05T11:23:57.000000Z"}, {"uuid": "2ef1f5ce-e39a-4419-aca3-0fff9d5fe0d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/arpsyndicate/2788", "content": "#ExploitObserverAlert\n\nCVE-2023-46805\n\nDESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-46805. An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.\n\nNVD-IS: 4.2\nNVD-ES: 3.9", "creation_timestamp": "2024-01-15T13:45:19.000000Z"}, {"uuid": "d8f37b21-431a-4c4c-83d3-cdab4b0c9767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/9Ua6neMVoMO2WjRB4-v1ZrEEi3AN2FVVatnipDBB0n9bcQ", "content": "", "creation_timestamp": "2024-04-05T11:22:50.000000Z"}, {"uuid": "97d2edbb-b25e-4f27-a166-d4235f239b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/arpsyndicate/2869", "content": "#ExploitObserverAlert\n\nCVE-2023-46805\n\nDESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-46805. An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.\n\nNVD-IS: 4.2\nNVD-ES: 3.9", "creation_timestamp": "2024-01-16T18:29:28.000000Z"}, {"uuid": "324cce18-606a-4728-9d1a-118c497316a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/939", "content": "The Hacker News\nResearchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws\n\nMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).\nThe clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.\nThe Google Cloud", "creation_timestamp": "2024-04-05T11:23:57.000000Z"}, {"uuid": "d147ffe0-a26d-44f2-b2ac-3fc232916b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/1358", "content": "The Hacker News\nMirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery\n\nTwo recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet.\nThat's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload.\nWhile CVE-2023-46805 is an authentication bypass flaw,", "creation_timestamp": "2024-05-09T15:53:37.000000Z"}, {"uuid": "684abf87-8dea-47c6-9670-56d41c6ad8aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/YhPCDR0YMLzZ9QBAc-P2uB1KGyb_ka2H-QrgAoGp7YzzjA", "content": "", "creation_timestamp": "2024-05-09T14:27:44.000000Z"}, {"uuid": "c0e6ff76-fc5a-4050-ac2c-12c13e1acf31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "Telegram/nDe9IWqszS3xUEziPtsnrG0iNuY-q73SuCpBTPQD82ejAg", "content": "", "creation_timestamp": "2024-01-31T08:47:43.000000Z"}, {"uuid": "da86dc46-d9ab-459a-8c5e-ef54e6ce84cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/KomunitiSiber/1738", "content": "Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws\nhttps://thehackernews.com/2024/04/researchers-identify-multiple-china.html\n\nMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).\nThe clusters are being tracked by Mandiant under the monikers\u00a0UNC5221, UNC5266, UNC5291,\u00a0UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is\u00a0UNC3886.\nThe Google Cloud", "creation_timestamp": "2024-04-05T10:41:57.000000Z"}, {"uuid": "767e88f2-b024-4909-9f79-d83e7a2fcafc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "Telegram/_ErAAUmmT0z_9UhvPaStjtbfdVhHFLpQV31ozXBuNPyfep8", "content": "", "creation_timestamp": "2025-01-19T16:00:08.000000Z"}, {"uuid": "987933b5-031c-4981-9672-ec9dbd5f51fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/KomunitiSiber/1419", "content": "Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware\nhttps://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html\n\nA pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called\u00a0KrustyLoader\u00a0that's used to drop the open-source Sliver adversary simulation tool.\nThe\u00a0security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused", "creation_timestamp": "2024-01-31T08:46:59.000000Z"}, {"uuid": "234f3bb3-6681-4335-9bf3-0ce7acebf995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/KomunitiSiber/1914", "content": "Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery\nhttps://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html\n\nTwo recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous\u00a0Mirai botnet.\nThat's according to\u00a0findings\u00a0from Juniper Threat Labs, which said the vulnerabilities\u00a0CVE-2023-46805 and CVE-2024-21887\u00a0have been leveraged to deliver the botnet payload.\nWhile CVE-2023-46805 is an authentication bypass flaw,", "creation_timestamp": "2024-05-09T13:48:35.000000Z"}, {"uuid": "1b5b71f4-682b-473e-ad4d-5a1c5087ba68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "Telegram/nQrdilQjQl99lIMRwlBIzfx1gXvNFdI2V5simBs1rgDfZ-k", "content": "", "creation_timestamp": "2025-01-14T22:00:06.000000Z"}, {"uuid": "7a5b05b9-2d70-4a37-ae87-ef5368829f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "Telegram/AoTh20eJfP8344orP2xRahZLy0eANhtkd2IQ0wCN21aSR88", "content": "", "creation_timestamp": "2024-01-31T14:27:41.000000Z"}, {"uuid": "071b6774-0309-4f4a-a6bd-a4ad6358ae62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "Telegram/2ZJRl6kj35bpV8cE0y3_laNFG0_cPupuWOOpZwB2O4Aai5A", "content": "", "creation_timestamp": "2024-03-24T06:43:04.000000Z"}, {"uuid": "400bae28-91e8-4817-95f7-b40d4f2911e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/5661", "content": "\u0413\u0435\u0440\u043e\u0435\u043c \u043d\u043e\u0432\u043e\u0439 \u0441\u0435\u0440\u0438\u0438 Ivanti Zero-Days \u0432\u0441\u043b\u0435\u0434 \u0437\u0430 CISA \u0441\u0442\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 - MITRE, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u0440\u0430\u043f\u043e\u0440\u0442\u043e\u0432\u0430\u0442\u044c \u043e \u043a\u0438\u0431\u0435\u0440\u0438\u043d\u0446\u0438\u0434\u043b\u0435\u043d\u0442\u0435.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0435\u0435 \u0441\u0435\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a NERVE \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044f\u043d\u0432\u0430\u0440\u044f \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u0430\u044f APT \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043d\u0443\u043b\u044f\u043c \u0432 Ivanti, \u043d\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0441\u0440\u0435\u0434\u0443 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 MITRE NERVE \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a \u0438 \u043f\u0440\u043e\u0442\u043e\u0442\u0438\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f MITRE \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure VPN \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0443\u043b\u044f\u043c\u0438 \u0432 Ivanti \u0438 \u043e\u0431\u043e\u0448\u043b\u0438 \u0435\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043c\u043d\u043e\u0433\u043e\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0441\u0435\u0430\u043d\u0441\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0433\u043b\u0443\u0431\u043e\u043a\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043b\u0438 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 VMware \u0441\u0435\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0410 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432.\n\nCVE-2023-46805 \u0438 CVE-2024-21887 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u043b\u0438\u0441\u044c \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 0-day \u0438 10 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f Volexity \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0438\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0422\u043e\u0433\u0434\u0430 Ivanti \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0431\u0435\u0441\u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043b\u0438\u0448\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u0442\u0440\u0438 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0437\u0430\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0439 Ivanti \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043b\u0430\u0433 \u0431\u044b\u043b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u043b\u0435\u0439. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438 MITRE \u043f\u043e\u043f\u0430\u043b\u0430 \u043f\u043e\u0434 \u0440\u0430\u0437\u0434\u0430\u0447\u0443.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 MITRE \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432, \u0447\u0442\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-04-22T15:14:32.000000Z"}, {"uuid": "1b01bd92-c856-4d51-bd65-a1f3399ecdd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/6912", "content": "\u041d\u043e\u0432\u0430\u044f \u043a\u043e\u0440\u0438\u0447\u043d\u0435\u0432\u0430\u044f \u043f\u043e\u043b\u043e\u0441\u0430 \u0432 \u0436\u0438\u0437\u043d\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Ivanti \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e Connect Secure, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u044b \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430.\n\nCVE-2025-22457 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u0442\u0435\u043a\u0430 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 Pulse Connect Secure 9.1x (\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0437\u0430\u043a\u043e\u043d\u0447\u0438\u043b\u0430\u0441\u044c \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435), Ivanti Connect Secure 22.7R2.5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, Policy Secure \u0438 Neurons \u0434\u043b\u044f \u0448\u043b\u044e\u0437\u043e\u0432 ZTA.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Ivanti, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0432 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u041e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 11 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2025 \u0433\u043e\u0434\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Ivanti Connect Secure 22.7R2.6.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c \u043a\u0430\u043a \u043d\u0435\u043f\u0440\u0438\u0433\u043e\u0434\u043d\u0430\u044f \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043d\u0435 \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0430\u044f \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043a \u0443\u0434\u0438\u0432\u043b\u0435\u043d\u0438\u044e Ivanti \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432, \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0448\u043b\u044e\u0437\u043e\u0432 ZTA \u0438 Ivanti Policy Secure \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0438 \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043a 19 \u0438 21 \u0430\u043f\u0440\u0435\u043b\u044f \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043d\u043e Ivanti \u0437\u0430\u0432\u0435\u0440\u044f\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u00ab\u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb \u0448\u043b\u044e\u0437\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 Ivanti \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f \u043d\u0430 ICT \u0438 \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c\u0438 \u0441\u0431\u043e\u044f\u043c\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0415\u0441\u043b\u0438 \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0438\u0445 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.6.\n\n\u041f\u043e\u043a\u0430 \u0432 Ivanti \u043e\u0442\u043c\u0430\u043b\u0447\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Mandiant \u0438 Google Threat Intelligence Group (GTIG) \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a (UNC5221) \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u044b \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430.\n\nUNC5221 \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 0-day \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 2023 \u0433\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti \u0438 NetScaler.\n\n\u0421\u043e\u0432\u0441\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 CVE-2025-0282, \u0435\u0449\u0435 \u043e\u0434\u043d\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 Ivanti Connect Secure \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Dryhook \u0438 Phasejam \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 VPN.\n\n\u0413\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043b\u0430 \u0434\u0432\u0435 0-day Connect Secure \u0438 Policy Secure (CVE-2023-46805 \u0438 CVE-2024-21887) \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 ICS VPN \u0438 IPS network access control (NAC). \u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u0441\u0442\u0430\u043b\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u044f MITRE.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Volexity, \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 UNC5221\u00a0\u0432\u0437\u043b\u043e\u043c\u0430\u043b \u0431\u043e\u043b\u0435\u0435 2100 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti,\u00a0\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432\u0435\u0431-\u0448\u0435\u043b\u043b  GIFTEDVISITOR, \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0438\u0445 \u0434\u0432\u0435 0-day.\n\n\u0412 \u043d\u043e\u0432\u044b\u0445 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0434\u0432\u0443\u0445 \u043d\u043e\u0432\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e: \u0434\u0440\u043e\u043f\u043f\u0435\u0440\u0430 TRAILBLAZE, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u0438 \u043f\u0430\u0441\u0441\u0438\u0432\u043d\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 BRUSHFIRE.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439  \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e SPAWN, \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u043c\u043e\u0439 UNC5221.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0437\u0443\u0447\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 ICS 22.7R2.6, \u043e\u0442\u044b\u0441\u043a\u0430\u0432 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 22.7R2.5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0442\u0430\u043a\u0438\u043c\u0438 \u0442\u0435\u043c\u043f\u0430\u043c\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434\u044b \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u043a\u043e\u0440\u043e \u043d\u0430\u0437\u0440\u0435\u044e\u0442.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0437\u043e\u043d \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Ivanti, \u043c\u043e\u0436\u043d\u043e \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, - \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f.", "creation_timestamp": "2025-04-04T15:00:48.000000Z"}, {"uuid": "b0b2f9c7-2fd6-4f1f-a964-b2b0c1529edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/true_secator/6473", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Trend Micro \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 GhostSpider, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0441\u044f Salt Typhoon (Earth Estries, GhostEmperor \u0438\u043b\u0438 UNC2286) \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433.\n\n\u041f\u043e\u043c\u0438\u043c\u043e GhostSpider Salt Typhoon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0431\u043e\u0440 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u0441\u0442\u0440\u043e\u0433\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u044b\u0445 \u0430\u0442\u0430\u043a: SNAPPYBEE (Deed RAT), SparrowDoor, CrowDoor \u0438 MASOL RAT \u0434\u043b\u044f Linux, \u0440\u0443\u0442\u043a\u0438\u0442 DEMODEX, ShadowPad, NeoReGeorg, frpc\u00a0\u0438 Cobalt Strike.\n\nSalt Typhoon - \u044d\u0442\u043e \u0441\u043b\u043e\u0436\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 2019 \u0433\u043e\u0434\u0430 \u0438 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0438 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Verizon, AT&T, Lumen Technologies \u0438\u00a0T-Mobile.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Washington Post, Salt Typhoon \u0442\u0430\u043a\u0436\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c\u00a0\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0435\u00a0\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 150 \u0434\u043e\u043b\u0436\u043d\u043e\u0441\u0442\u043d\u044b\u0445 \u043b\u0438\u0446 \u0438\u0437 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0421\u0428\u0410 \u0438 \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043d\u044b\u0445 \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u043e\u0432.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0Trend Micro, Salt Typhoon \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u0442\u0435\u043b\u0435\u043a\u043e\u043c, \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u043e\u0432\u044b\u0435, \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0421\u0428\u0410, \u0410\u0437\u0438\u0430\u0442\u0441\u043a\u043e-\u0422\u0438\u0445\u043e\u043e\u043a\u0435\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0435, \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435, \u0432 \u042e\u0436\u043d\u043e\u0439 \u0410\u0444\u0440\u0438\u043a\u0435 \u0438 \u0434\u0440.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0434\u0432\u0430\u0434\u0446\u0430\u0442\u0438 \u0441\u043b\u0443\u0447\u0430\u0435\u0432, \u043a\u043e\u0433\u0434\u0430 Salt Typhoon \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f, \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0443\u0434\u0435\u043b\u0435\u043d\u043e \u0434\u0432\u0443\u043c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u043c: \n- \u0410\u043b\u044c\u0444\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Demodex \u0438 SnappyBee,\n- \u0411\u0435\u0442\u0430 - \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0439 \u0448\u043f\u0438\u043e\u043d\u0430\u0436 \u043f\u0440\u043e\u0442\u0438\u0432 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c GhostSpider \u0438 Demodex.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c: CVE-2023-46805, CVE-2024-21887\u00a0(VPN-\u0441\u0435\u0440\u0432\u0438\u0441 Ivanti Connect), CVE-2023-48788 (FortiClient EMS), CVE-2022-3236 (\u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440 Sophos), CVE-2021-26855, CVE-2021-26857 - 26858, CVE-2021-27065 (ProxyLogon).\n\nSalt Typhoon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b LOLbin \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, GhostSpider - \u044d\u0442\u043e \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u0437\u0430 \u0441\u0447\u0435\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041e\u043d \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 DLL \u0438 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 regsvr32.exe, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043c\u0430\u044f\u043a\u043e\u0432, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u044c.\n\nGhostSpider \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f (C2), \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 HTTP \u0438\u043b\u0438 \u0444\u0430\u0439\u043b\u0430\u0445 cookie, \u0447\u0442\u043e\u0431\u044b \u0441\u043c\u0435\u0448\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u0421\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0431\u044d\u043a\u0434\u043e\u0440\u0443 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0430\u0440\u0441\u0435\u043d\u0430\u043b Salt Typhoon \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0431\u0448\u0438\u0440\u0435\u043d \u0438 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u0443\u0435\u0442 \u0435\u0435 \u043a\u0430\u043a \u043e\u0434\u043d\u0443 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0430\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u044b\u0445 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 APT.", "creation_timestamp": "2024-11-26T13:40:05.000000Z"}, {"uuid": "695faae3-9f89-4faf-93ab-bb32a8055290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/6604", "content": "\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Ivanti \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0438 \u0440\u043e\u0436\u0434\u0435\u0441\u0442\u0432\u0435\u043d\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0430\u0440\u043e\u0447\u043a\u0438 \u0432 \u0432\u0438\u0434\u0435 \u043d\u043e\u0432\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day, \u043d\u0430 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0443 \u043f\u043e\u0437\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Mandiant \u0438\u0437 Google Cloud.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 Ivanti \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0432 \u0435\u0435 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Connect Secure (ICS) \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - CVE-2025-0282 \u0438 CVE-2025-0283.\u00a0\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0435 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430\u00a0\u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0417\u0430\u0442\u0435\u043c Mandiant, \u043f\u0440\u0438\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u0430\u044f Ivanti \u043a \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0430\u0442\u0430\u043a, \u0432\u044b\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0431\u044b\u043b\u0430\u00a0\u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0430 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0435\u0449\u0435 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2025-0282 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u041d\u043e \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Spawn, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0431\u044b\u043b\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 UNC5337.\n\nSpawn \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a SpawnAnt, \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0440 SpawnMole \u0438 SSH-\u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c SpawnSnail.\n\n\u0412 Mandiant \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e UNC5337 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e\u00a0\u0433\u0440\u0443\u043f\u043f\u044b \u0443\u0433\u0440\u043e\u0437 UNC5221, \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Ivanti (CVE-2023-46805 \u0438 CVE-2024-21887). \u0416\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a \u0442\u043e\u0433\u0434\u0430 \u0441\u0442\u0430\u043b\u0438\u00a0MITRE\u00a0\u0438\u00a0CISA.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u043d\u043e\u0432\u044b\u043c \u043d\u0443\u043b\u0435\u043c Ivanti ICS Mandiant \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f DryHook \u0438 PhaseJam, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0449\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043d\u044b \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 \u0443\u0433\u0440\u043e\u0437.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043a\u043e\u0434\u043e\u0432 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Spawn, DryHook \u0438 PhaseJam) \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u043d\u043e \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0442\u0447\u0435\u0442\u0430 \u0442\u043e\u0447\u043d\u043e \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0447\u0438\u0441\u043b\u043e \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0443\u0433\u0440\u043e\u0437, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 CVE-2025-0282, \u0432 Mandiant \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438.\n\n\u0412 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 CVE-2025-0282, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u043b\u0438 SELinux, \u0432\u043d\u0435\u0441\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 PhaseJam - \u044d\u0442\u043e \u0434\u0440\u043e\u043f\u043f\u0435\u0440, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Ivanti Connect Secure, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u043e\u0431\u043b\u0435\u0433\u0447\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043b\u0430\u0446\u0434\u0430\u0440\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435.\n\nDryHook \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\u00a0\n\n\u0412 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e SpawnAnt, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0431\u044f \u0438 \u0441\u0432\u043e\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0434\u0435\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e PhaseJam \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u043e \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u0448\u043a\u0430\u043b\u0443 \u043f\u0440\u043e\u0433\u0440\u0435\u0441\u0441\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u0439.\n\nMandiant \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e CVE-2025-0282, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC.\u00a0\n\n\u041f\u043e\u043a\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0440\u0430\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, Ivanti \u0432\u043d\u043e\u0432\u044c \u0443\u0441\u0435\u0440\u0434\u043d\u043e \u043f\u0438\u043b\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043b\u0438\u0448\u044c \u0434\u043b\u044f Connect Secure.\n\n\u041e\u0434\u043d\u0430\u043a\u043e Policy Secure \u0438 Neurons \u0434\u043b\u044f ZTA \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0442\u043e\u043b\u044c\u043a\u043e 21 \u044f\u043d\u0432\u0430\u0440\u044f.\u00a0", "creation_timestamp": "2025-01-09T17:46:04.000000Z"}, {"uuid": "63fabcd2-5824-4728-9d0a-3f8a3c345e45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/5297", "content": "\u041a\u0430\u043a \u0438 \u043e\u0431\u0435\u0449\u0430\u043b\u0438, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u043c\u043d\u043e\u0433\u043e\u0441\u0435\u0440\u0438\u0439\u043d\u043e\u0439 \u0441\u0430\u0433\u0438 Ivanti \u043d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0431\u0435\u0437 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0433\u043e epic fail.\n\n\u0414\u0432\u0435 0-day \u0432 Connect Secure VPN \u0438 Policy Secure Network Access Control (NAC) \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Volexity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f  \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e 0-day \u0435\u0449\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435.\n\n\u0423\u0436\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0430\u043a\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u0438\u0441\u043f\u043e\u0441\u043e\u0431\u0438\u043b\u0438\u0441\u044c \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2023-46805 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2024-21887 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u043d\u0441\u043f\u0438\u0440\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 11 \u044f\u043d\u0432\u0430\u0440\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0436\u0435\u0440\u0442\u0432\u044b \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u044b \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443 \u0438 \u0441\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0443: \u043e\u0442 \u043c\u0430\u043b\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0434\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432 \u043c\u0438\u0440\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u043e\u0442\u0440\u0430\u0441\u043b\u044f\u0445.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 GIFTEDVISITOR, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 14 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Volexity \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 1700 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 ICS VPN, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u043d\u0435\u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u043c\u0443 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044e.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u0432\u043e\u0448\u043b\u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u044f\u0434\u0447\u0438\u043a\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0438 \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0438 \u0438\u043d\u0436\u0438\u043d\u0438\u0440\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u0444\u0438\u0440\u043c\u044b.\n\n\u0410 Ivanti \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u0434\u0432\u0443\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 0-day, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043b\u0438\u0448\u044c\u00a0\u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0440\u0438\u0441\u043a\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 Ivanti.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Shadowserver \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 16 800 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ICS VPN (\u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan - \u0431\u043e\u043b\u0435\u0435 15 000), \u0438\u0437 \u043d\u0438\u0445 \u0434\u043e 5 000\u00a0\u0432 \u0421\u0428\u0410.\n\n\u0422\u0430\u043a \u0447\u0442\u043e to be continued.", "creation_timestamp": "2024-01-16T16:05:06.000000Z"}, {"uuid": "40d1f3fe-e3e3-4ddb-b8b2-6804b5da2152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/5280", "content": "\u041c\u043e\u0436\u043d\u043e \u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043d\u0430 \u0442\u0440\u0438 \u0432\u0435\u0449\u0438:\u00a0\u043a\u0430\u043a \u0433\u043e\u0440\u0438\u0442 \u043e\u0433\u043e\u043d\u044c, \u043a\u0430\u043a \u0442\u0435\u0447\u0435\u0442 \u0432\u043e\u0434\u0430 \u0438 \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u0443\u044e\u0442 \u043d\u043e\u0432\u044b\u0435 0-day \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Ivanti.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0434\u0432\u0443\u0445 0-day \u0432 Connect Secure (ICS) \u0438 Policy Secure, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0448\u043b\u044e\u0437\u0430\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Mandiant \u0438 Volexity.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2023-46805 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0448\u043b\u044e\u0437\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043f\u0443\u0442\u0435\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-21887, - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b.\n\n\u041f\u0440\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0438 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441 22 \u044f\u043d\u0432\u0430\u0440\u044f, \u0430 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f - \u0441 19 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f 0-day \u043c\u043e\u0436\u043d\u043e\u00a0\u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c,\u00a0\u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0432\u00a0\u0444\u0430\u0439\u043b mitigation.release.20240107.1.xml, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u00a0\u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442\u0430\u043b Ivanti.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043e\u0431\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0410\u0420\u0422-\u0430\u0442\u0430\u043a\u0430\u0445, \u0447\u0442\u043e \u0435\u0449\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u00a0Volexity, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 10 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445.\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0432 \u043a\u0440\u0443\u0433\u0430\u0445 \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430 \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442 \u0442\u0430\u043a\u0436\u0435\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 MFA \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f RCE, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043a\u0440\u0438\u0442\u0438\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043a\u0440\u044b\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u043f\u043b\u0430\u0442\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c.\n\n\u0412\u043e\u043e\u0431\u0449\u0435, \u0435\u0441\u043b\u0438 \u0432\u0435\u0440\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u043c Shodan, \u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0441\u0435\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0431\u043e\u043b\u0435\u0435 15 000 \u0448\u043b\u044e\u0437\u043e\u0432 Connect Secure (ICS) \u0438 Policy Secure.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043d\u043e\u0432\u0430\u044f 3567-\u0430\u044f \u0441\u0435\u0440\u0438\u044f \u043e\u0441\u0442\u0440\u043e\u0441\u044e\u0436\u0435\u0442\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Ivanti 0-day \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0443\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-01-11T12:00:07.000000Z"}, {"uuid": "a97dde6b-9662-480a-8b87-79e37478c2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/5378", "content": "\u041d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0438 \u043d\u0435\u0434\u0435\u043b\u0438, \u0430 \u0443\u0436\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 Ivanti 0-day \u043d\u0430\u0447\u0430\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u044f \u0441\u0443\u0434\u044c\u0431\u0443 \u0438\u0445 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u0435\u0434\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u043e \u043d\u043e\u0432\u043e\u0439 SSRF-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-21893, \u0432 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 31 \u044f\u043d\u0432\u0430\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432 CVE-2023-46805 \u0438 CVE-2024-21887 \u043e\u0442 10 \u044f\u043d\u0432\u0430\u0440\u044f.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-21893 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 (\u0432\u0435\u0440\u0441\u0438\u0438 9.x \u0438 22.x).\n\nShadowserver \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 SSRF, \u0441\u043e 170 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043e\u0431\u044a\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0443 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 Ivanti, \u0447\u0442\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c 2 \u0444\u0435\u0432\u0440\u0430\u043b\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430,\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Rapid7.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0438\u043c\u0435\u0435\u0442\u0441\u044f \u043f\u043e\u0447\u0442\u0438 22 500 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti Connect Secure (\u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c ShadowServer), \u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0435\u0449\u0435 \u0434\u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f PoC \u043f\u0440\u0438\u0434\u0443\u043c\u0430\u043b\u0438, \u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2024-21893 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c Ivanti, \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u044b \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0431\u0443\u0434\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u0437\u0440\u0430\u0441\u0442\u0430\u0442\u044c.\n\n\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 0-day \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043c\u0435\u0440 \u043f\u043e \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u00a0\u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti Connect Secure \u0438 Policy Secure VPN.\n\n\u041a \u0441\u0435\u0442\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0441\u0431\u0440\u043e\u0448\u0435\u043d\u044b \u0434\u043e \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.", "creation_timestamp": "2024-02-06T09:26:46.000000Z"}, {"uuid": "11ac69c1-4871-4cd0-8baa-3f505310c1f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/true_secator/5313", "content": "\u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0447\u0438\u0441\u043b\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti Connect Secure VPN, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 0-day (CVE-2023-46805 \u0438 CVE-2024-21887), \u043d\u0435\u0443\u043a\u043b\u043e\u043d\u043d\u043e \u0440\u0430\u0441\u0442\u0435\u0442, \u0441\u043f\u0438\u0441\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0433\u043e\u0440\u0435-\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u043c\u0435\u043d\u044c\u0448\u0435 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e\u043f\u0430\u043b\u0430 \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f CVE-2023-35082, \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f Ivanti Endpoint Manager Mobile (EPMM), \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435.\n\nCVE-2023-35082 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2023 \u0433\u043e\u0434\u0430 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2023-35078, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 EPMM, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a 0-day \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u041d\u043e\u0440\u0432\u0435\u0433\u0438\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439 CISA \u0434\u0430\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 CVE-2023-35082\u00a0\u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-01-19T16:44:06.000000Z"}, {"uuid": "e7de2c5b-feb5-47cb-985f-f4d8710e1bf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/true_secator/5361", "content": "\u0421\u043e \u0441\u043a\u0440\u0438\u043f\u043e\u043c \u0437\u0430\u043f\u0438\u043b\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day \u0441 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435\u043c \u0432\u0441\u0435\u0445 \u0441\u0440\u043e\u043a\u043e\u0432, Ivanti \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u0442 \u0434\u0432\u0435 \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Connect Secure \u0438 Policy Secure VPN \u0438 Ivanti Neurons for ZTA, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0430\u043a\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 Ivanti \u043e \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u0445, \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c CVE-2023-46805 \u0438 CVE-2024-21887, \u0432\u044b\u0448\u043b\u043e \u0440\u043e\u0432\u043d\u043e \u0442\u043e\u0433\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0437\u0430\u043f\u043e\u0437\u0434\u0430\u043b\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0432 \u043e\u0431\u0438\u0445\u043e\u0434\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f.\n\nShadowserver\u00a0\u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044f\u043c Ivanti VPN \u0438 \u0442\u043e\u043b\u044c\u043a\u043e 30 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e\u00a0\u0431\u043e\u043b\u0435\u0435 460 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\nMandiant\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u044f\u0442\u044c \u0448\u0442\u0430\u043c\u043c\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0445\u043e\u0434\u0435 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u043a\u0440\u0430\u0436\u0443 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0443 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Volexity \u0438 GreyNoise \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u044b XMRig \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Rust \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0436\u0435\u0440\u0442\u0432.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0432\u043d\u043e\u0432\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u0430\u044f CVE-2024-21893 (CVSS 8,2 \u0438\u0437 10) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 SAML \u0448\u043b\u044e\u0437\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-21888 \u0441 CVSS 8,8/10) \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0448\u043b\u044e\u0437\u043e\u0432 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432. \u041d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u2014 \u0432\u0435\u0440\u0441\u0438\u044e 9.x \u0438 22.x.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 (CVE-2024-21893) \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.\n\nIvanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043e\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 ZTA \u0438 Connect Secure, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e\u00a0\u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u0441\u0435 \u043e\u0436\u0438\u0434\u0430\u044e\u0449\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2024-02-01T11:24:46.000000Z"}, {"uuid": "48994955-477a-46e9-930c-387b0af2c7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/true_secator/5289", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0441 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0432\u0443\u0445 0-day (CVE-2023-46805 \u0438 CVE-2024-21887) \u0432 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure (ICS).\n\n\u041f\u0440\u0438\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u044b\u0435 Ivanti \u043a \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Mandiant \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0437\u0430 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u043a\u0430 \u0435\u0449\u0435 \u043d\u0435\u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0410\u0420\u0422 (\u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 Volexity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 UTA0178 \u043a \u041a\u041d\u0420), \u043f\u0440\u0435\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f \u0446\u0435\u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u0442\u0435\u043f\u0435\u0440\u044c \u043a\u0430\u043a UNC5221.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Mandiant, UNC5221 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 \u043f\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0441\u0440\u0435\u0434\u0443 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445: ThinSpool, LightWire, WireFire, WarpWire \u0438 ZipLine, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 Mandiant, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 Ivanti \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0434\u0435\u043b\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f, UNC5221 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 Perl (sessionserver.pl) \u0434\u043b\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0447\u0442\u0435\u043d\u0438\u044f/\u0437\u0430\u043f\u0438\u0441\u0438 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f THINSPOOL.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, ThinSpool \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a \u043a\u043b\u044e\u0447\u0435\u0432\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u044f\u0432\u043b\u044f\u044f\u0441\u044c \u0442\u0430\u043a\u0436\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0440\u043e\u043f\u043f\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 LightWire.\n\n\u0412\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 LightWire \u0438 WireFire \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u043b\u0438 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c CS. \u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043f\u0435\u0440\u0432\u0430\u044f \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0430 \u043d\u0430 Perl CGI, \u0434\u0440\u0443\u0433\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 Python.\n\n\u041f\u0430\u0441\u0441\u0438\u0432\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 ZIPLINE \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c/\u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0442\u0443\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u0435\u043b\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 WarpWire Javascript \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u044b\u0432\u0430\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c \u0434\u043b\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u043f\u0443\u0442\u0435\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430.\n\n\u041a\u0430\u0441\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442, \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0432\u0448\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ConnectAround, \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0436\u0435\u0440\u0442\u0432, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0431\u0443\u0434\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0443 \u043c\u043d\u043e\u0433\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0442\u0430\u043a\u0438\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u0412 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 \u044d\u0442\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u044b\u0441\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Rapid7, \u0441\u0441\u044b\u043b\u0430\u044f\u0441\u044c \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 7000\u00a0\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a (\u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u0421\u0428\u0410, \u042f\u043f\u043e\u043d\u0438\u0438 \u0438 \u0415\u0432\u0440\u043e\u043f\u0435).", "creation_timestamp": "2024-01-12T17:51:58.000000Z"}, {"uuid": "c18c20cc-a32e-48dc-aaa5-da1331cdda24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/true_secator/5508", "content": "\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0442\u044c \u043e\u0431 \u0443\u0433\u0440\u043e\u0437\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 Ivanti, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0441\u0430\u043c\u0430 \u0431\u044b\u043b\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0443\u044e \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, CISA \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c (\u043a\u0430\u043a\u0438\u0445 \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0435 \u043f\u043e\u043d\u044f\u0442\u043d\u043e), \u0434\u0430\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u0422\u0430\u043a\u0436\u0435 CISA \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u043b\u0430\u0441\u044c \u043e\u0442 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u043e\u0433\u043e, \u043a\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u043e\u044f\u0442\u044c \u0437\u0430 \u044d\u0442\u0438\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u043c \u0438 \u0431\u044b\u043b\u0438 \u043b\u0438 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u044b \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u041d\u043e \u0437\u043d\u0430\u043a\u043e\u043c\u044b\u0435 \u0441 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043a\u0430\u0437\u0430\u043b\u0438, \u0447\u0442\u043e \u0441\u0440\u0435\u0434\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u044b\u043b \u0448\u043b\u044e\u0437 \u0437\u0430\u0449\u0438\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b (IP Gateway) \u0438 \u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (CSAT).\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432 CSAT \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u0430\u044f \u0438 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0438\u0444\u043d\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0421\u0428\u0410, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 Top Screen \u0434\u043b\u044f \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430, \u043f\u043b\u0430\u043d\u044b \u0438 \u043e\u0446\u0435\u043d\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432.\n\nCISA \u043e\u043f\u0440\u043e\u0432\u0435\u0440\u0433\u043b\u0430 \u0441\u043b\u0443\u0445\u0438, \u043d\u043e \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0435\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043a\u043e\u043d\u0441\u0443\u043b\u044c\u0442\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043e\u0442 29 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0449\u0435\u0435 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0448\u043b\u044e\u0437\u0430\u0445 Ivanti Connect Secure \u0438 Ivanti Policy Secure CVE-2023-46805, CVE-2024-21887 \u0438 CVE-2024-21893.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0434\u0435\u043b\u0430\u044f \u0430\u043a\u0446\u0435\u043d\u0442 \u043d\u0430 \u0442\u043e\u043c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u043e\u0431\u0445\u043e\u0434\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Ivanti \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438.\n\n\u0421\u044e\u0436\u0435\u0442 \u043d\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0437\u043e\u043d\u0430 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Ivanti 0 day \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0443\u0434\u0438\u0432\u043b\u044f\u0442\u044c, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u0436\u0435\u0439.\n\n\u041d\u043e \u043a\u043e\u043d\u0446\u043e\u0432\u043a\u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0438 \u043d\u0435 \u043f\u0440\u0435\u0434\u0432\u0438\u0434\u0438\u0442\u0441\u044f.", "creation_timestamp": "2024-03-11T18:50:05.000000Z"}, {"uuid": "21f0a56f-567c-489a-a825-1eab906c9ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/ctinow/168805", "content": "https://ift.tt/GSyHmkD\nScans for Ivanti Connect \"Secure\" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887), (Tue, Jan 16th)", "creation_timestamp": "2024-01-16T14:06:58.000000Z"}, {"uuid": "b27d9402-df1f-4e7b-9267-f4dd6ad655c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/ctinow/167438", "content": "https://ift.tt/FjAYJ8C\nCVE-2023-46805", "creation_timestamp": "2024-01-12T18:52:07.000000Z"}, {"uuid": "a012df99-9173-4deb-af89-b128124a62f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/ctinow/166485", "content": "https://ift.tt/9MXxJi7\nIvanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887) - Help Net Security", "creation_timestamp": "2024-01-11T12:56:43.000000Z"}, {"uuid": "abaae7c4-9418-405c-ba96-e8a398dd22b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/ctinow/166499", "content": "https://ift.tt/eDzUXpx\nCVE-2023-46805 Exploitation", "creation_timestamp": "2024-01-11T13:32:05.000000Z"}, {"uuid": "92510eb3-79a8-4aac-a355-5aa37899858d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/ctinow/166895", "content": "https://ift.tt/dXEv1ug\nDual Zero-Day Threats in Ivanti Connect Secure and Policy Secure Gateways \u2013 CVE-2023-46805 and CVE-2024-21887\u00a0", "creation_timestamp": "2024-01-11T23:07:06.000000Z"}, {"uuid": "643e3654-a558-4e86-9ef9-913fb1ef30c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/ctinow/166520", "content": "https://ift.tt/9MXxJi7\nIvanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)", "creation_timestamp": "2024-01-11T14:02:15.000000Z"}, {"uuid": "f4898c61-10dc-436e-a170-2b6ff35dcc40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/ctinow/166193", "content": "https://ift.tt/lmBaz8A\nCVE-2023-46805 | Ivanti Connect Secure/Policy Secure Web improper authentication", "creation_timestamp": "2024-01-10T23:16:36.000000Z"}, {"uuid": "1323ef1b-5289-4032-85ef-7f2e66c4ebbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "e39153b3-b555-459b-a315-ee1cd4b9b70b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/theninjaway1337/1421", "content": "MAGNET GOBLIN TARGETS PUBLICLY FACING SERVERS USING 1-DAY VULNERABILITIES\n\nOn January 10, 2024, Ivanti\u00a0published\u00a0a security advisory regarding two vulnerabilities in Ivanti Connect Secure VPN. These vulnerabilities, which were exploited in the wild, are identified as CVE-2023-46805 and CVE-2023-21887. The exploitation of these vulnerabilities was quickly adopted by a number of threat actors, resulting in a broad\u00a0range\u00a0of malicious activities.\nCheck Point Research has been tracking these exploitations and identified several activity clusters targeting vulnerable Connect Secure VPN appliances. As in many other mass-exploitation of 1-day vulnerabilities cases, differentiating and identifying the different actors is quite challenging. With this in mind, we decided to investigate the inner workings of one distinct cluster that caught our attention, by a threat actor we called Magnet Goblin.\n\nhttps://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/", "creation_timestamp": "2024-03-12T11:57:05.000000Z"}, {"uuid": "8eda170f-3de7-42cc-b266-b7d01e744f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/thehackernews/4382", "content": "\u26a0\ufe0f Urgent Alert: Chinese hackers exploiting two NEW ZERO-DAY vulnerabilities (CVE-2023-46805 & CVE-2024-21887) in Ivanti Connect Secure and Policy Secure.  \n \nRead more: https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html \n \nPatches incoming, but immediate action (temporary workarounds) is needed.", "creation_timestamp": "2024-01-11T06:56:19.000000Z"}, {"uuid": "8b9562aa-4ca7-456f-9af9-d9bfeb555812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/Russian_OSINT/4051", "content": "\u0413\u0435\u0440\u043e\u0435\u043c \u043d\u043e\u0432\u043e\u0439 \u0441\u0435\u0440\u0438\u0438 Ivanti Zero-Days \u0432\u0441\u043b\u0435\u0434 \u0437\u0430 CISA \u0441\u0442\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 - MITRE, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u0440\u0430\u043f\u043e\u0440\u0442\u043e\u0432\u0430\u0442\u044c \u043e \u043a\u0438\u0431\u0435\u0440\u0438\u043d\u0446\u0438\u0434\u043b\u0435\u043d\u0442\u0435.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0435\u0435 \u0441\u0435\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a NERVE \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044f\u043d\u0432\u0430\u0440\u044f \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u0430\u044f APT \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043d\u0443\u043b\u044f\u043c \u0432 Ivanti, \u043d\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0441\u0440\u0435\u0434\u0443 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 MITRE NERVE \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a \u0438 \u043f\u0440\u043e\u0442\u043e\u0442\u0438\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f MITRE \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure VPN \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0443\u043b\u044f\u043c\u0438 \u0432 Ivanti \u0438 \u043e\u0431\u043e\u0448\u043b\u0438 \u0435\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043c\u043d\u043e\u0433\u043e\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0441\u0435\u0430\u043d\u0441\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0433\u043b\u0443\u0431\u043e\u043a\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043b\u0438 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 VMware \u0441\u0435\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0410 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432.\n\nCVE-2023-46805 \u0438 CVE-2024-21887 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u043b\u0438\u0441\u044c \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 0-day \u0438 10 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f Volexity \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0438\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0422\u043e\u0433\u0434\u0430 Ivanti \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0431\u0435\u0441\u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043b\u0438\u0448\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u0442\u0440\u0438 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0437\u0430\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0439 Ivanti \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043b\u0430\u0433 \u0431\u044b\u043b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u043b\u0435\u0439. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438 MITRE \u043f\u043e\u043f\u0430\u043b\u0430 \u043f\u043e\u0434 \u0440\u0430\u0437\u0434\u0430\u0447\u0443.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 MITRE \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432, \u0447\u0442\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-04-23T15:58:25.000000Z"}, {"uuid": "74b3817a-08da-4e14-8899-db1e185328f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2535", "content": "#tools\n#Blue_Team_Techniques\nTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805/CVE-2024-21887\nhttps://github.com/rxwx/pulse-meter", "creation_timestamp": "2024-08-16T09:02:38.000000Z"}, {"uuid": "ecd39408-cafb-4638-87e8-d6dd6c12fc6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/Rootsec_2/2611", "content": "#Threat_Research\n1. NextGen Mirth Connect Pre-Auth RCE (CVE-2023-43208)\nhttps://www.horizon3.ai/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce\n2. The SSLVPN Chaos Continues - Ivanti CVE-2023-46805, CVE-2024-21887\nhttps://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887", "creation_timestamp": "2024-08-16T09:09:01.000000Z"}, {"uuid": "42a8ffc3-40da-413d-bba4-fe9dda8fc92f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/thehackernews/4932", "content": "Researchers have uncovered a sophisticated attack chain targeting Ivanti Connect Secure devices. \n \nTwo vulnerabilities (CVE-2023-46805 and CVE-2024-21887) are being exploited to deliver the infamous Mirai botnet payload. \n \nMore details: https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html", "creation_timestamp": "2024-05-09T13:06:46.000000Z"}, {"uuid": "2bb1fd82-872f-42ec-ad75-ce1ae8c69650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/thehackernews/4780", "content": "\ud83d\uded1 Multiple China-based hackers are on a spree exploiting zero-day flaws in Ivanti appliances. \n \nVulnerabilities CVE-2023-46805, CVE-2024-21887, CVE-2024-21893 are being abused. \n \nLearn more: https://thehackernews.com/2024/04/researchers-identify-multiple-china.html \n \nEven financially motivated groups are in on the action.", "creation_timestamp": "2024-04-05T09:18:31.000000Z"}, {"uuid": "43b84fc6-168d-4539-bd9d-9c92d063cd03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "exploited", "source": "https://t.me/xakep_ru/15256", "content": "0-day \u0431\u0430\u0433\u0438 \u0432 Ivanti Connect Secure VPN \u0438 Policy Secure \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c\n\n\u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 Ivanti Connect Secure VPN \u0438 Policy Secure, \u043f\u043e\u0434\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u043c \u0430\u0442\u0430\u043a\u0430\u043c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2023-46805 \u0438 CVE-2024-21887 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0430\u0442\u0447\u0435\u0439 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 0-day \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442.\n\nhttps://xakep.ru/2024/01/18/ivanti-0days/", "creation_timestamp": "2024-01-18T14:41:32.000000Z"}, {"uuid": "e01774dd-89bf-4f90-8157-343c26f78ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1882", "content": "https://github.com/rxwx/pulse-meter\n\nTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805 and CVE-2024-21887\n#github", "creation_timestamp": "2024-01-21T06:15:38.000000Z"}, {"uuid": "b9551345-6738-4b32-82cb-9950b7195f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1850", "content": "https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/\nCVE-2023-46805 & CVE-2024-21887\n#poc", "creation_timestamp": "2024-01-16T05:57:56.000000Z"}, {"uuid": "c14b7d80-d7a9-4e79-bb22-6cd351476717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9821", "content": "#tools\n#Blue_Team_Techniques\nTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805/CVE-2024-21887\nhttps://github.com/rxwx/pulse-meter\n]-> https://github.com/tucommenceapousser/CVE-2024-21887", "creation_timestamp": "2024-01-21T17:17:19.000000Z"}, {"uuid": "c5ccc0ba-e0f6-4e22-a90d-4c149c6d557d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9791", "content": "#Threat_Research\n1. NextGen Mirth Connect Pre-Auth RCE (CVE-2023-43208)\nhttps://www.horizon3.ai/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce\n2. The SSLVPN Chaos Continues - Ivanti CVE-2023-46805, CVE-2024-21887\nhttps://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887", "creation_timestamp": "2024-01-15T18:04:14.000000Z"}, {"uuid": "fa132e1b-2072-4bad-a52b-9ca126397ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46805", "type": "seen", "source": "https://t.me/kasraone_com/644", "content": "\ud83d\udd34 CISA\n \u062f\u0633\u062a\u0648\u0631\u0627\u0644\u0639\u0645\u0644 \u0627\u0636\u0637\u0631\u0627\u0631\u06cc \u0631\u0627 \u0628\u0647 \u0622\u0698\u0627\u0646\u0633 \u0647\u0627\u06cc \u0641\u062f\u0631\u0627\u0644 \u062f\u0631 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0647\u0627\u06cc Ivanti Zero-Day \u0635\u0627\u062f\u0631 \u0645\u06cc \u06a9\u0646\u062f\n\n\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.\n\n\nThe development arrives as the vulnerabilities \u2013 an authentication bypass (CVE-2023-46805) and a code injection bug (CVE-2024-21887) \u2013 have come under widespread exploitation by multiple threat actors. The flaws allow a malicious actor to craft malicious requests and execute arbitrary commands on the system.\n\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2024-01-24T08:44:16.000000Z"}]}