{"vulnerability": "CVE-2024-1235", "sightings": [{"uuid": "64a258a0-f9a7-49b9-afeb-ac5c34410ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12355", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620426749129311", "content": "", "creation_timestamp": "2024-12-09T02:08:45.414534Z"}, {"uuid": "05d038de-8317-44e1-9e32-2c5bff720dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12357", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113621002512435595", "content": "", "creation_timestamp": "2024-12-09T04:35:11.198656Z"}, {"uuid": "4ed7de8e-32e4-444b-9c31-196bc203ca46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12358", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113621002546203926", "content": "", "creation_timestamp": "2024-12-09T04:35:11.483842Z"}, {"uuid": "0f2b7733-31cc-4157-a521-4f6c2527b9a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12352", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620269681226570", "content": "", "creation_timestamp": "2024-12-09T01:28:48.828358Z"}, {"uuid": "30af1dce-d425-4628-b2ca-fce900af4f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12353", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620269696056677", "content": "", "creation_timestamp": "2024-12-09T01:28:49.183114Z"}, {"uuid": "eefe4640-7888-4b94-99ff-04a29720885b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12350", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620132007840001", "content": "", "creation_timestamp": "2024-12-09T00:53:48.117288Z"}, {"uuid": "0d9d70e3-dde4-4d14-836b-a7df7e37dead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12359", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113621121467551191", "content": "", "creation_timestamp": "2024-12-09T05:05:26.239493Z"}, {"uuid": "6a31fdd0-2ca1-48fe-8008-58c2b278ac47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12351", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620132022593728", "content": "", "creation_timestamp": "2024-12-09T00:53:48.450365Z"}, {"uuid": "a25f7b77-dd56-47c0-af4a-3038892fe6f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12352", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620257246409127", "content": "", "creation_timestamp": "2024-12-09T01:25:39.153768Z"}, {"uuid": "467b4c1a-a74c-4ee3-a97c-472b0d193fa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12353", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620257262125048", "content": "", "creation_timestamp": "2024-12-09T01:25:39.472378Z"}, {"uuid": "68274c5a-bb59-4ecd-a933-65f4901b09b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12354", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620426733666913", "content": "", "creation_timestamp": "2024-12-09T02:08:45.217352Z"}, {"uuid": "53b0d8f7-a62f-4011-82b2-cec6f2bea6fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/113679807953214433", "content": "", "creation_timestamp": "2024-12-19T13:50:10.585079Z"}, {"uuid": "452f1153-7c7a-4f73-a9e8-9d477ebb35be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113680863936409244", "content": "", "creation_timestamp": "2024-12-19T18:18:44.046684Z"}, {"uuid": "5a795f32-e36f-434f-a9ef-bfdbcbce8436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldnjxkvcza2x", "content": "", "creation_timestamp": "2024-12-19T09:16:10.892707Z"}, {"uuid": "a7bbf909-22e1-4f17-8908-cc06a97d5d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3ldnzbpuvyk2g", "content": "", "creation_timestamp": "2024-12-19T13:50:18.399575Z"}, {"uuid": "e32c5c2b-1967-4b6d-9cee-8b3240a6eb18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/innovirtuoso.bsky.social/post/3ldq2tyrox22h", "content": "", "creation_timestamp": "2024-12-20T09:23:44.115176Z"}, {"uuid": "72e32105-0bf2-4140-b37e-d30ac7121ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113675746677327052", "content": "", "creation_timestamp": "2024-12-18T20:37:20.449080Z"}, {"uuid": "6af40375-e97d-4b7a-8c05-515dcace8b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3ldojp4iy5p2g", "content": "", "creation_timestamp": "2024-12-19T18:44:05.882386Z"}, {"uuid": "c5e4148c-abf4-40cd-a76e-50ad6ba308b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/thedigitalempress.bsky.social/post/3ldu5nfwfw22h", "content": "", "creation_timestamp": "2024-12-22T00:24:22.806545Z"}, {"uuid": "39987bc3-52b4-4d22-ac3e-b7efdaf0d12b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113666290051812274", "content": "", "creation_timestamp": "2024-12-17T04:32:23.865200Z"}, {"uuid": "29288f59-049b-4886-b5c7-26a3c2cce5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113674781797208347", "content": "", "creation_timestamp": "2024-12-18T16:31:59.907945Z"}, {"uuid": "ad625530-faf5-4ec5-8e26-c2a91ea6d9d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113680642347342261", "content": "", "creation_timestamp": "2024-12-19T17:22:24.433402Z"}, {"uuid": "873aae53-7623-4311-841d-1b23e75bff08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldpmui2i3s2u", "content": "", "creation_timestamp": "2024-12-20T05:13:27.151421Z"}, {"uuid": "1eb8760a-5961-43f7-8377-0b3b4dcdaa5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldpna7ekec2u", "content": "", "creation_timestamp": "2024-12-20T05:20:01.656310Z"}, {"uuid": "c9138e42-0823-4306-8ebf-a35f4395a97c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ldpofs5zh224", "content": "", "creation_timestamp": "2024-12-20T05:41:01.914823Z"}, {"uuid": "e5a60726-fdaf-4100-98e0-80e514760548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2937927", "content": "", "creation_timestamp": "2024-12-19T19:31:15.256191Z"}, {"uuid": "6e53de4f-bece-4961-93c5-c386c39ce44b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-12-19T18:10:02.000000Z"}, {"uuid": "6a03b0fb-9f44-42c0-b5a5-310b3b233605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3ldp6c7gyss2o", "content": "", "creation_timestamp": "2024-12-20T00:52:41.468614Z"}, {"uuid": "889a65c6-486f-4aa4-b007-878daf6bb9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113666821461240345", "content": "", "creation_timestamp": "2024-12-17T06:47:32.662698Z"}, {"uuid": "8e39f124-7e12-43fa-8ed2-0e91b96063d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://thehackernews.com/2024/12/cisa-adds-critical-flaw-in-beyondtrust.html", "content": "", "creation_timestamp": "2024-12-20T03:30:00.000000Z"}, {"uuid": "ab7d9cc6-2de3-47f8-b8a1-78b3614b6251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldppoigjis23", "content": "", "creation_timestamp": "2024-12-20T06:03:47.409293Z"}, {"uuid": "431fd1e7-7c48-41d4-8d38-ff2fa69bfe71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ldqcxk45qx2d", "content": "", "creation_timestamp": "2024-12-20T11:48:52.851462Z"}, {"uuid": "eae5f2ba-9c93-405e-a5e1-590bff7d5130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfoplefh7c2l", "content": "", "creation_timestamp": "2025-01-14T07:19:55.705483Z"}, {"uuid": "19ed10a2-1e97-4b34-8988-690d0a1d6f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lfnnawweus2y", "content": "", "creation_timestamp": "2025-01-13T21:05:28.989373Z"}, {"uuid": "05488a01-15be-45cd-9a63-0e64a79a6e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/cybersecurity.page/post/3lf6chqmsny2t", "content": "", "creation_timestamp": "2025-01-07T18:42:29.668521Z"}, {"uuid": "f45307dc-55e4-4472-a393-d78f3dbf4d65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/wiretor.bsky.social/post/3leh4xwt46c2h", "content": "", "creation_timestamp": "2024-12-29T13:33:02.388047Z"}, {"uuid": "27c72199-366c-4f60-ad49-5837fd63d247", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/m00nstreake.bsky.social/post/3lemiosdza22f", "content": "", "creation_timestamp": "2024-12-31T16:45:53.908401Z"}, {"uuid": "c69062d1-2918-4c1d-9d81-8affa6d044d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12356", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/113767052661066815", "content": "", "creation_timestamp": "2025-01-03T23:37:41.673008Z"}, {"uuid": "a8998fae-3a37-4b79-bb43-ae25d50b3469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/rodtrent.bsky.social/post/3lf3bfdn32c2h", "content": "", "creation_timestamp": "2025-01-06T13:45:16.465583Z"}, {"uuid": "ccb6cb7d-a580-45f1-92db-79f8490ccb22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://www.darkreading.com/cyberattacks-data-breaches/cisa-third-party-data-breach-limited-treasury-dept", "content": "", "creation_timestamp": "2025-01-07T16:20:00.000000Z"}, {"uuid": "740e4a5c-95d7-4e6d-b4e7-669026941d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/pabloyglesias.com/post/3lgfrcpkjr62o", "content": "", "creation_timestamp": "2025-01-23T11:21:58.269248Z"}, {"uuid": "83e542ed-514e-4962-bc00-04a5a8bb4861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113929186538299046", "content": "", "creation_timestamp": "2025-02-01T14:50:26.670376Z"}, {"uuid": "dd85beb7-d89d-44fc-a4cc-82272ca60306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2yt4p5jk2x", "content": "", "creation_timestamp": "2025-02-13T15:27:29.989540Z"}, {"uuid": "299e3be3-b896-4c35-9338-efbef056ba35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:06.000000Z"}, {"uuid": "734e4bd3-3c79-4f31-ad74-fe72229cec25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2ypsjlts2x", "content": "", "creation_timestamp": "2025-02-13T15:25:39.306898Z"}, {"uuid": "952fb32c-68ef-4c18-8063-b5e91d4a2981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2yr4siss2x", "content": "", "creation_timestamp": "2025-02-13T15:26:24.939850Z"}, {"uuid": "df42ad92-252c-48df-8327-15c1b6314a4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2ys2fv7s2x", "content": "", "creation_timestamp": "2025-02-13T15:26:53.845425Z"}, {"uuid": "edd7c28a-db40-4efe-8461-4ca7ef0116f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2ysfl7s22x", "content": "", "creation_timestamp": "2025-02-13T15:27:05.535553Z"}, {"uuid": "6fd252ed-4472-4f5f-9903-a89ec76426aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2yxfuij22x", "content": "", "creation_timestamp": "2025-02-13T15:29:55.672176Z"}, {"uuid": "401fae88-2152-405b-90dd-401b52fa1454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113997296172337824", "content": "", "creation_timestamp": "2025-02-13T15:31:36.493850Z"}, {"uuid": "468dcbfd-b4cf-4d48-88fb-012532251df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113997298617317751", "content": "", "creation_timestamp": "2025-02-13T15:32:13.831416Z"}, {"uuid": "1efb3f3c-ffd9-41dd-8fd6-03956b2c8827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113997300008493846", "content": "", "creation_timestamp": "2025-02-13T15:32:35.374376Z"}, {"uuid": "cf1b7bdd-b0f8-4fe0-9af6-7d38f1c20661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113997303178922204", "content": "", "creation_timestamp": "2025-02-13T15:33:23.333530Z"}, {"uuid": "d9d8d36b-00a6-4d38-8e41-1906e637c528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113997306001643223", "content": "", "creation_timestamp": "2025-02-13T15:34:06.511699Z"}, {"uuid": "996a45f5-b78a-4765-aa30-35f5f64782b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/113997310706296426", "content": "", "creation_timestamp": "2025-02-13T15:35:18.274696Z"}, {"uuid": "c88b0f0e-0126-4b3d-8484-d034bc1222d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/stephenfewer.bsky.social/post/3li32xf5dnc2r", "content": "", "creation_timestamp": "2025-02-13T16:05:43.697181Z"}, {"uuid": "4a6e9f7f-4501-495f-993d-8f3192e657e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/stephenfewer.bsky.social/post/3li32xg6l4k2r", "content": "", "creation_timestamp": "2025-02-13T16:05:45.120200Z"}, {"uuid": "2b41ba96-96ee-49d9-a2e2-036b5a60d216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/stephenfewer.bsky.social/post/3li32xg6l4l2r", "content": "", "creation_timestamp": "2025-02-13T16:05:46.538045Z"}, {"uuid": "d26e994d-d527-4a55-afaf-1e38bd86ca08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3li33h4fmkk2c", "content": "", "creation_timestamp": "2025-02-13T16:14:29.433403Z"}, {"uuid": "534f25ac-fe10-4bb7-9b64-0c8aca137fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3li33h4fqhk2c", "content": "", "creation_timestamp": "2025-02-13T16:14:30.843074Z"}, {"uuid": "49be39e1-79de-4f73-b4d5-415515530251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3li33h4frgs2c", "content": "", "creation_timestamp": "2025-02-13T16:14:32.170556Z"}, {"uuid": "254170a9-90c3-48c7-8dbd-17a7c4252f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113997983576466350", "content": "", "creation_timestamp": "2025-02-13T18:26:25.344987Z"}, {"uuid": "2b263184-a1e4-4a80-a9c6-fa27b60a2474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://threatintel.cc/2025/02/13/cve-postgresql-psql-sql-injection.html", "content": "", "creation_timestamp": "2025-02-13T17:26:11.000000Z"}, {"uuid": "77a9a002-8129-4300-9a76-ea477f0b449e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3li2ytzor4k2x", "content": "", "creation_timestamp": "2025-02-13T15:28:00.468746Z"}, {"uuid": "94970beb-db1f-4c2e-b615-5335fed0ab88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3liui36x3bc22", "content": "", "creation_timestamp": "2025-02-23T18:37:04.901190Z"}, {"uuid": "f070af06-02aa-43b3-afa1-249731634452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/ajsdecepida.bsky.social/post/3li6h7jb2zk27", "content": "", "creation_timestamp": "2025-02-15T00:22:57.780052Z"}, {"uuid": "302fc86e-6528-4e60-a6f3-a89156a62912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114008420002784130", "content": "", "creation_timestamp": "2025-02-15T14:40:32.608538Z"}, {"uuid": "4b2b6cb9-ac15-484b-94a1-53c965ee4100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3li7x575itk25", "content": "", "creation_timestamp": "2025-02-15T14:40:40.297992Z"}, {"uuid": "609925d1-1587-4ad4-a04d-7d88fa8004e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114013581624577454", "content": "", "creation_timestamp": "2025-02-16T12:33:12.691661Z"}, {"uuid": "b88a1d46-c680-482d-954b-7d620c9909e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3licpct7k6m2w", "content": "", "creation_timestamp": "2025-02-16T16:58:37.392749Z"}, {"uuid": "145472d5-6ea8-4b34-ac86-f964c9676fb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-0cbbcc54-2537dcbcd7677eb4", "content": "", "creation_timestamp": "2025-02-17T09:58:14.586455Z"}, {"uuid": "537adb6a-72d6-4011-afac-28689c469701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3liekvexaos2r", "content": "", "creation_timestamp": "2025-02-17T10:44:53.558439Z"}, {"uuid": "d9d08beb-79b8-4921-a60c-9eff3bd37ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lifkmly4il2z", "content": "", "creation_timestamp": "2025-02-17T20:12:35.880377Z"}, {"uuid": "77fd273d-522f-4484-a039-8e1b0fed1b38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/code/cves/2024/CVE-2024-12356.yaml", "content": "", "creation_timestamp": "2025-02-21T09:10:50.000000Z"}, {"uuid": "98f597de-b15a-408b-9e67-13b993d4342f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-18T02:34:31.000000Z"}, {"uuid": "de0b1d9c-bfdc-46ce-9dfb-cc813d1aed63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3lihvdfgvbs2v", "content": "", "creation_timestamp": "2025-02-18T18:29:40.719360Z"}, {"uuid": "9fdd0233-3f83-495e-a2fe-2bcc7aeff8ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lii5urzcac2i", "content": "", "creation_timestamp": "2025-02-18T21:02:31.052165Z"}, {"uuid": "41712591-dffa-4fd6-8533-cad975cbcc05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18", "content": "", "creation_timestamp": "2025-08-19T18:29:28.000000Z"}, {"uuid": "eb5dd161-e063-411d-ac51-241e1923d67d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:03.000000Z"}, {"uuid": "2ebcfcd4-c320-4d38-b5d3-bcb8491cb6e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "2c3e0dca-a5f1-456e-9b5d-267e1b281b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/73b19dc5-0069-45a1-b2b3-ac14f1f04fe5", "content": "", "creation_timestamp": "2026-02-02T12:26:17.653144Z"}, {"uuid": "3119846b-2fdf-4134-9233-5f950a2e486d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/beyondtrust_pra_rs_unauth_rce.rb", "content": "", "creation_timestamp": "2025-02-17T16:51:25.000000Z"}, {"uuid": "5c68fd89-14bc-455d-9c30-9ccc73074a09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://t.me/itsec_news/5029", "content": "\u200b\u26a1\ufe0f\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 BeyondTrust: CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u0410\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u043e\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (CISA) \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u043e \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (KEV) \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 BeyondTrust Privileged Remote Access (PRA) \u0438 Remote Support (RS). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2024-12356 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS). \u042d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 Command Injection, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CISA, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b BeyondTrust PRA \u0438 RS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f. \u0422\u0435\u043c, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438 BT24-10-ONPREM1 \u0438\u043b\u0438 BT24-10-ONPREM2.\n\n\u0421\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a BeyondTrust \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0435, \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u0442\u0430\u043b\u0430 \u0435\u0451 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 Remote Support SaaS. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API-\u043a\u043b\u044e\u0447\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432 \u0435\u0433\u043e \u0434\u043b\u044f \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u044f\u0445.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u043e\u0433\u043e \u0441 \u043f\u0440\u0438\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0431\u044b\u043b\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0451 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u2014 CVE-2024-12686 (CVSS 6.6). \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430. \u042d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\u0414\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 PRA \u0438 RS \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u0430\u0442\u0447\u0438 BT24-11-ONPREM1 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435, \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438. BeyondTrust \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u0447\u0442\u043e \u0432\u0441\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0431\u044b\u043b\u0438 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u044b, \u043e\u0434\u043d\u0430\u043a\u043e \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u0430\u0442\u0430\u043a\u0438 \u0438 \u043b\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-12356 \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 CISA \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0435\u0451 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-20T09:11:48.000000Z"}, {"uuid": "cf2bdc03-7017-4d00-9ee2-5be71401d716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9467", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-12356: Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)\nURL\uff1ahttps://github.com/cloudefence/CVE-2024-12356\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-17T15:09:54.000000Z"}, {"uuid": "e7d0a3a3-a131-4bb1-a782-0d2b5dab087a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://t.me/itsec_news/5130", "content": "\u200b\u26a1\ufe0f\u041e\u0434\u0438\u043d API-\u043a\u043b\u044e\u0447 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043a\u043b\u044e\u0447\u043e\u043c \u043a \u043a\u0430\u0437\u043d\u0435 \u0421\u0428\u0410\n\n\ud83d\udcac \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u043e \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b BeyondTrust Privileged Remote Access (PRA) \u0438 Remote Support (RS), \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 KEV. \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u043d\u0430 \u0444\u043e\u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\nCVE-2024-12686 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.2) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u0441 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430. \u0412 CISA \u0443\u0442\u043e\u0447\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 CVE-2024-12686 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u0441\u043f\u0443\u0441\u0442\u044f \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 \u2014 CVE-2024-12356 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\nBeyondTrust \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430, \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u0434\u0448\u0435\u0433\u043e \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430. \u0422\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 API-\u043a\u043b\u044e\u0447 Remote Support \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439. \u0425\u043e\u0442\u044f \u043a\u043b\u044e\u0447 \u0431\u044b\u043b \u043e\u0442\u043e\u0437\u0432\u0430\u043d, \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0432\u044b\u044f\u0441\u043d\u0435\u043d\u044b. \u041f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0443\u0433\u0440\u043e\u0437\u044b \u0441\u0442\u0430\u043b\u0438 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043a\u0430\u043a \u043d\u0443\u043b\u0435\u0432\u044b\u0445 \u0434\u043d\u0435\u0439.\n\n\u0412 \u043d\u0430\u0447\u0430\u043b\u0435 \u044f\u043d\u0432\u0430\u0440\u044f \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0421\u0428\u0410 \u0437\u0430\u044f\u0432\u0438\u043b\u043e, \u0447\u0442\u043e \u0441\u0435\u0442\u044c \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u0431\u044b\u043b\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0439 API-\u043a\u043b\u044e\u0447. \u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0443 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Silk Typhoon (Hafnium). \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0446\u0435\u043b\u044f\u043c\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441\u0442\u0430\u043b\u0438 \u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e \u0437\u0430 \u0438\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u043d\u044b\u043c\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u043c\u0438 (OFAC), \u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u041a\u043e\u043c\u0438\u0442\u0435\u0442 \u043f\u043e \u0438\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u043d\u044b\u043c \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0446\u0438\u044f\u043c \u0421\u0428\u0410 (CFIUS).\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-01-15T10:53:21.000000Z"}, {"uuid": "97a2e5fb-dc5b-4ad8-a44b-9582201cdce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12359", "type": "seen", "source": "https://t.me/cvedetector/12361", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12359 - Code-projects Admin Dashboard Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12359 \nPublished : Dec. 9, 2024, 5:15 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /vendor_management.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting product names. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T07:10:07.000000Z"}, {"uuid": "4d23b17b-cba3-47a9-b032-856a2e91e914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5028", "content": "\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043b\u044e\u0447 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a API, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u043c\u0443 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043e\u043a\u0430\u0437\u0430\u043d\u0438\u044f \u0443\u0441\u043b\u0443\u0433 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c SaaS-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 BeyondTrust. \u0414\u0430\u043d\u043d\u044b\u0439 API \u0431\u044b\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0421\u0428\u0410, \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438 BeyondTrust. \u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0430\u0431\u043e\u0447\u0438\u043c \u0441\u0442\u0430\u043d\u0446\u0438\u044f\u043c \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u043c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 libpq, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 API \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0421\u0423\u0411\u0414 \u0438\u0437 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u043d\u0430 \u044f\u0437\u044b\u043a\u0435 \u0421\u0438 (\u043f\u043e\u0432\u0435\u0440\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438-\u043e\u0431\u0432\u044f\u0437\u043a\u0438 \u0434\u043b\u044f C++, Perl, PHP \u0438 Python). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0434\u043b\u044f \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u0438 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u0430\u0432\u044b\u0447\u0435\u043a \u0444\u0443\u043d\u043a\u0446\u0438\u0438 PQescapeLiteral(), PQescapeIdentifier(), PQescapeString() \u0438\u043b\u0438 PQescapeStringConn().\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u0432\u043e\u0435\u0433\u043e SQL-\u043a\u043e\u0434\u0430, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c\u044b\u0439 \u0438\u0437\u0432\u043d\u0435 \u0442\u0435\u043a\u0441\u0442 \u043f\u0435\u0440\u0435\u0434 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u043d\u0443\u0442\u0440\u0438 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0432\u044b\u0448\u0435\u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 libpq. \u0412 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 BeyondTrust \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0447\u0435\u0440\u0435\u0437 \u0443\u0442\u0438\u043b\u0438\u0442\u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 psql. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u0445 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0442\u0435\u043a\u0441\u0442\u0435 Unicode-\u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043d\u043e\u0440\u043c\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043a\u0430\u0432\u044b\u0447\u0435\u043a \u0447\u0435\u0440\u0435\u0437 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0445 \u043c\u043d\u043e\u0433\u043e\u0431\u0430\u0439\u0442\u043e\u0432\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 UTF-8.\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0439 UTF-8 \u0441\u0438\u043c\u0432\u043e\u043b, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0438\u0439 \u0438\u0437 \u0431\u0430\u0439\u0442 0xC0 \u0438 0x27 (\"\u2514'\"). \u0411\u0430\u0439\u0442 0x27 \u0432 ASCII-\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043e\u0434\u0438\u043d\u0430\u0440\u043d\u043e\u0439 \u043a\u0430\u0432\u044b\u0447\u043a\u0435 (\"'\"), \u043f\u043e\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e. \u0412 \u043a\u043e\u0434\u0435 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0435 \u0431\u0430\u0439\u0442\u043e\u0432 0xC0 \u0438 0x27 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043e\u0434\u0438\u043d Unicode-\u0441\u0438\u043c\u0432\u043e\u043b. \u0421\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0431\u0430\u0439\u0442 0x27 \u0432 \u0442\u0430\u043a\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u043d\u0435 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d, \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 psql \u043e\u043d \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0430\u0432\u044b\u0447\u043a\u0430.\n\n\u041f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0443\u0442\u0438\u043b\u0438\u0442\u044b psql \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0432 \u0441\u0442\u0440\u043e\u043a\u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \"\\!\", \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 psql \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0443\u0442\u0438\u043b\u0438\u0442\u044b \"id\" \u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \"hax\\xC0'; \\! id #\". \u0412 \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u043d\u0438\u0436\u0435 \u0434\u043b\u044f \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f PHP-\u0441\u043a\u0440\u0438\u043f\u0442 dbquote, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 PHP-\u0444\u0443\u043d\u043a\u0446\u0438\u044e pg_escape_string, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0443\u044e \u043f\u043e\u0432\u0435\u0440\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 PQescapeString \u0438\u0437 libpq:\n\n   $ echo -e \"hello \\xC0'world'\" | ./dbquote  \n   'hello \u2514'world'''\n\n   $ quoted=$(echo -e \"hax\\xC0'; \\! id # \" | ./dbquote)\n\n   $ echo \"SELECT COUNT(1) FROM gw_sessions WHERE session_key = $quoted AND session_type = 'sdcust' AND (expiration IS NULL OR expiration>NOW())\" | psql -e\n\n   SELECT COUNT(1) FROM gw_sessions WHERE session_key = 'hax\u2514';\n   ERROR:  invalid byte sequence for encoding \"UTF8\": 0xc0 0x27\n\n   uid=1000(myexamplecompany) gid=1000(myexamplecompany) \n\u0412 PostgreSQL \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 BeyondTrust\nhttps://www.opennet.ru/opennews/art.shtml?num=62722\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0431\u0430\u0433\u0438\nCVE-2024-12356\nhttps://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis", "creation_timestamp": "2025-02-16T19:00:33.000000Z"}, {"uuid": "8c2a2041-7f42-4239-a92f-0f6ec331175b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12353", "type": "seen", "source": "https://t.me/cvedetector/12348", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12353 - SourceCodester Phone Contact Manager System Local Input Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12353 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in SourceCodester Phone Contact Manager System 1.0. This issue affects the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation of the argument name leads to improper input validation. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:25.000000Z"}, {"uuid": "679f4f75-b289-4966-8798-ff89496eb24d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12352", "type": "seen", "source": "https://t.me/cvedetector/12347", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12352 - TOTOLINK EX1800T Remote Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12352 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function sub_40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:24.000000Z"}, {"uuid": "f529f05b-5af1-4c97-b7f6-6c33d78e8195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/true_secator/7892", "content": "BeyondTrust \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u041f\u041e \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 (Remote Support, RS) \u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (Privileged Remote Access, PRA).\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-1731 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0425\u0430\u0440\u0448\u0443 \u0414\u0436\u0430\u0439\u0441\u0443\u0430\u043b\u0443 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 Hacktron AI. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 BeyondTrust Remote Support 25.3.1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 Privileged Remote Access 24.3.4 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043d\u0435 \u043e\u0431\u043b\u0430\u0434\u0430\u044e\u0449\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u043a\u043b\u0438\u0435\u043d\u0442\u0443. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0443\u0442\u0435\u0447\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0441\u0431\u043e\u0438 \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432.\n\nBeyondTrust \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u043b\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0432\u0441\u0435\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c RS/PRA \u043a 2 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u0432\u0441\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0445 \u0434\u043e Remote Support 25.3.2 \u0438 Privileged Remote Access 25.1.1 (\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439).\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043f\u0440\u0438\u0431\u043b\u0438\u0437\u0438\u0442\u0435\u043b\u044c\u043d\u043e 11 000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043a \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 (\u043a\u0430\u043a \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435, \u0442\u0430\u043a \u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f). \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u043a\u043e\u043b\u043e 8500 \u0438\u0437 \u043d\u0438\u0445 - \u044d\u0442\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438, \u0435\u0441\u043b\u0438 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\nBeyondTrust \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-1731 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0433\u043e\u0434\u044b \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 BeyondTrust RS/PRA \u043d\u0435 \u0440\u0430\u0437 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044c \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 \u0430\u0442\u0430\u043a.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0439 \u043a\u043b\u044e\u0447 API \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 17 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 SaaS-\u0441\u0435\u0440\u0432\u0438\u0441\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438,\u00a0\u0432\u0437\u043b\u043e\u043c\u0430\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b BeyondTrust\u00a0\u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0432\u0443\u0445 0-day RS/PRA (CVE-2024-12356 \u0438 CVE-2024-12686).\n\n\u0422\u043e\u0433\u0434\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u044d\u0442\u0438\u043c \u043d\u0443\u043b\u044f\u043c \u043f\u043e\u0434 \u043a\u0430\u0442\u043e\u043a Silk Typhoon \u043f\u043e\u043f\u0430\u043b\u043e \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0421\u0428\u0410, \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u044b\u043a\u0440\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0438\u0437 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b BeyondTrust.\n\n\u0422\u0430\u043a \u0447\u0442\u043e, \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u0443 BeyondTrust \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 20 000 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0432 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 100 \u0441\u0442\u0440\u0430\u043d\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 75% \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 100 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043d\u043e\u0432\u0443\u044e CVE-2026-1731 \u0432 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u0442\u043e\u0447\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u043e\u0442\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2026-02-09T17:30:06.000000Z"}, {"uuid": "b4200f6a-3c31-40e7-a9f8-eeec5dc09b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://t.me/true_secator/7934", "content": "Palo Alto Networks \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u0437\u043a\u043e\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u0435 \u0447\u0438\u0441\u043b\u0430 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 0-day Ivanti Endpoint Manager Mobile (EPMM).\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 CVE-2026-1281 \u0438 CVE-2026-1340 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c\u0438, \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f RCE \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 (MDM).\n\nIvanti \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0432 \u043a\u043e\u043d\u0446\u0435 \u044f\u043d\u0432\u0430\u0440\u044f, \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0435\u0439 \u0431\u044b\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u00ab\u043e\u0447\u0435\u043d\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432\u00bb.\n\n\u0412\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0441 \u0447\u0435\u043c \u0438 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0432 Palo Alto Networks, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0430\u0442\u0430\u043a.\u00a0\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Ivanti, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043c\u0430\u0439\u043d\u0435\u0440\u044b \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b \u0438 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440.\n\n\u0412 Palo Alto \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0443\u0442\u0438\u043b\u0438\u0442\u0443 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c\u00a0Nezha\u00a0(\u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u041a\u041d\u0420), \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0435 \u0448\u0435\u043b\u043b-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u044f\u0442 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430\u0445 \u043d\u0435\u0442 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0439 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 CVE-2026-1281 \u0438 CVE-2026-1340, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0435\u0441\u043b\u0438 \u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0435\u043c\u0435\u0446\u043a\u043e\u0439 BSI, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0441 \u0438\u044e\u043b\u044f 2025 \u0433\u043e\u0434\u0430.\n\n\u041d\u0430\u0440\u044f\u0434\u0443 \u0441 Ivanti \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0432 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435, \u043a\u0430\u043a \u043c\u044b \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438 BeyondTrust \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 CVE-2026-1731\u00a0(CVSS: 9,9) \u0432 Remote Support (RS) \u0438 Privileged Remote Access (PRA), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439:\n\n\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u044b \u0430\u0442\u0430\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u0430\u0440\u044c\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043e\u0442 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 \u0434\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f:\n\n- \u0417\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u043d\u0430 Python \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n- \u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f PHP-\u0431\u044d\u043a\u0434\u043e\u0440, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 PHP-\u043a\u043e\u0434 \u0438\u043b\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 PHP-\u043a\u043e\u0434 \u0431\u0435\u0437 \u0437\u0430\u043f\u0438\u0441\u0438 \u043d\u043e\u0432\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0434\u0438\u0441\u043a, \u0430 \u0442\u0430\u043a\u0436\u0435 bash-\u0434\u0440\u043e\u043f\u043f\u0435\u0440, \u0441\u043e\u0437\u0434\u0430\u044e\u0449\u0438\u0439 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443.\n\n- \u0420\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0442\u0430\u043a\u043e\u0433\u043e \u043a\u0430\u043a\u00a0VShell \u0438 Spark RAT.\n\n- \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0432\u043d\u0435\u043f\u043e\u043b\u043e\u0441\u043d\u043e\u0433\u043e \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 (OAST) \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432 \u043f\u0430\u043b\u044c\u0446\u0435\u0432.\n\n- \u0412\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0434\u043b\u044f \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438, \u0441\u0436\u0430\u0442\u0438\u044f \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u0430\u043c\u043f PostgreSQL, \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0441\u0435\u043a\u0442\u043e\u0440\u044b \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0443\u0441\u043b\u0443\u0433, \u044e\u0440\u0438\u0434\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u0441\u043b\u0443\u0433, \u0432\u044b\u0441\u043e\u043a\u0438\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439, \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f, \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u0421\u0428\u0410, \u0424\u0440\u0430\u043d\u0446\u0438\u0438, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0438 \u0438 \u041a\u0430\u043d\u0430\u0434\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a \u0441\u0431\u043e\u0439 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 thin-scc-wrapper, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 WebSocket, \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0430\u043a\u0446\u0435\u043d\u0442\u0438\u0440\u0443\u044e\u0442 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0432\u0437\u0430\u0438\u043c\u043e\u0441\u0432\u044f\u0437\u044c \u043c\u0435\u0436\u0434\u0443 CVE-2026-1731 \u0438\u00a0CVE-2024-12356, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0443\u044e \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u0443\u044e, \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u044e\u0449\u0443\u044e\u0441\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0441 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043f\u0443\u0442\u044f\u0445 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\n\n\u0418, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0441\u043b\u0443\u0447\u0430\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CVE-2024-12356 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 APT, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Silk Typhoon, \u0432 Palo Alto \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e CVE-2026-1731 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2026-02-20T18:00:09.000000Z"}, {"uuid": "cd20ff60-b2c2-4454-b039-760b58914e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12358", "type": "seen", "source": "https://t.me/cvedetector/12360", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12358 - Weiyedatax-Web Os Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12358 \nPublished : Dec. 9, 2024, 5:15 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T07:10:06.000000Z"}, {"uuid": "7fa41137-d67c-4a9f-b8cd-3f7f0027d677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12357", "type": "seen", "source": "https://t.me/cvedetector/12363", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12357 - SourceCodester Best House Rental Management System Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12357 \nPublished : Dec. 9, 2024, 5:15 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T07:10:08.000000Z"}, {"uuid": "6aa7ee47-d78a-4123-b26e-a0f761de25fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12355", "type": "seen", "source": "https://t.me/cvedetector/12344", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12355 - SourceCodester Phone Contact Manager System Local Input Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12355 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified as problematic. Affected by this vulnerability is the function ContactBook::adding of the file ContactBook.cpp. The manipulation leads to improper input validation. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:19.000000Z"}, {"uuid": "a5b95321-c534-4f13-92e5-22636d5c9faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12354", "type": "seen", "source": "https://t.me/cvedetector/12342", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12354 - SourceCodester Phone Contact Manager Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12354 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:17.000000Z"}, {"uuid": "fcf4c2d6-b3fe-40dc-83b4-d9f0a33b53f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12351", "type": "seen", "source": "https://t.me/cvedetector/12340", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12351 - JFinalCMS SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12351 \nPublished : Dec. 9, 2024, 1:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in JFinalCMS 1.0. This affects the function findPage of the file src\\main\\java\\com\\cms\\entity\\ContentModel.java of the component File Content Handler. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:16.000000Z"}, {"uuid": "a6b443ec-a878-4d85-bb9a-0a67c65db738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12350", "type": "seen", "source": "https://t.me/cvedetector/12339", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12350 - A vulnerability was found in JFinalCMS 1.0. It has\", \n  \"Content\": \"CVE ID : CVE-2024-12350 \nPublished : Dec. 9, 2024, 1:15 a.m. | 39\u00a0minutes ago \nDescription : A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue is the function update of the file \\src\\main\\java\\com\\cms\\controller\\admin\\TemplateController.java of the component Template Handler. The manipulation of the argument content leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T02:59:06.000000Z"}, {"uuid": "b9dd244c-7c98-4189-bf1b-e90861921a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "Telegram/SVynSwajLsN1aWxvMEuqgdPOPDTFCIEIjBJU5TY6OBLU3A", "content": "", "creation_timestamp": "2025-02-16T13:31:31.000000Z"}, {"uuid": "f25efb14-071f-4351-9cb0-40eeb9de0bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/cvedetector/13067", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12356 - Citrix Privileged Remote Access Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12356 \nPublished : Dec. 17, 2024, 5:15 a.m. | 20\u00a0minutes ago \nDescription : A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T06:44:55.000000Z"}, {"uuid": "26586ba4-ed62-4348-bfce-3e46fc53212e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "Telegram/d3wapHx4e5UMaurKFu99a9rpgFA32RWvNf4YSo1Syv_vjw", "content": "", "creation_timestamp": "2024-12-31T20:05:48.000000Z"}, {"uuid": "e491a012-6c78-4751-9b1c-9a626d61e41d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "Telegram/slg1e6S7t9mR9WD5Aitsk1Ar3hGjfLQUDfVVAeV9iDmR5w", "content": "", "creation_timestamp": "2024-12-20T07:07:16.000000Z"}, {"uuid": "e725e7d5-f3dc-43d5-9bb3-41b050673bdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "Telegram/VTZvlUds-e0I9I86NsIp-SN_vZhA86g44TfXGddazxO5fBDE", "content": "", "creation_timestamp": "2025-02-17T23:39:44.000000Z"}, {"uuid": "333ce903-7226-45df-b076-7ced04ab4b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12358", "type": "published-proof-of-concept", "source": "https://t.me/Leak_DBMS/1529", "content": "\ud83d\udee1Datax-Web rce CVE-2024-12358\n\ud83d\udca5https://github.com/jxp98/VulResearch/blob/main/2024/12/1.Datax-Web%20-%20Remote%20Code%20Execution.md\n\ud83d\udd16@Leak_DBMS", "creation_timestamp": "2024-12-10T23:15:47.000000Z"}, {"uuid": "ede8ea67-69e0-4019-95bf-1811cc3155bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/CyberSecurityIL/63765", "content": "\u05db\u05de\u05d4 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e9\u05db\u05d3\u05d0\u05d9 \u05dc\u05e9\u05d9\u05dd \u05d0\u05dc\u05d9\u05d4\u05df \u05dc\u05d1:\n\n- \u05d7\u05d1\u05e8\u05ea Fortinet \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 FortiWLM. \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 - CVE-2023-34990 \u05de\u05e9\u05e4\u05d9\u05e2\u05d4 \u05e2\u05dc \u05d2\u05e8\u05e1\u05d0\u05d5\u05ea 8.6.0-8.6.5, 8.5.0-8.5.4.\n\n\u05d4\u05d7\u05dc\u05e7 \u05d4\u05de\u05e2\u05e0\u05d9\u05d9\u05df \u05d1\u05e1\u05d9\u05e4\u05d5\u05e8 \u05d4\u05d5\u05d0 \u05e9\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d3\u05d5\u05d5\u05d7\u05d4 \u05dc\u05e4\u05d5\u05e8\u05d8\u05d9 \u05db\u05d1\u05e8 \u05d1\u05de\u05e8\u05e5 23 \u05e2\u05dc \u05d9\u05d3\u05d9 \u05d7\u05d5\u05e7\u05e8 \u05d0\u05d1\u05d8\"\u05de \u05d0\u05da \u05dc\u05d0 \u05d8\u05d5\u05e4\u05dc\u05d4.\n\u05dc\u05e4\u05e0\u05d9 \u05d9\u05d5\u05de\u05d9\u05d9\u05dd \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05d7\u05d1\u05e8\u05d4 \u05d4\u05ea\u05d9\u05d9\u05d7\u05e1\u05d5\u05ea \u05dc\u05e0\u05d5\u05e9\u05d0 \u05e2\u05dd \u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05de\u05ea\u05d5\u05e7\u05e0\u05d5\u05ea.\n\n\u05d1\u05e7\u05d9\u05e6\u05d5\u05e8, \u05d3\u05d9\u05d5\u05d5\u05d7 \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e0\u05e9\u05dc\u05d7 \u05d1\u05de\u05e8\u05e5 2023 \u05d0\u05da \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e0\u05e1\u05d2\u05e8\u05d4 \u05e8\u05e7 \u05d0\u05d7\u05e8\u05d9 \u05d9\u05d5\u05ea\u05e8 \u05de\u05e9\u05e0\u05d4 \u05d5\u05d7\u05e6\u05d9...\n\u05d4\u05e8\u05d7\u05d1\u05d4 \u05d1\u05e0\u05d5\u05e9\u05d0 \u05db\u05d0\u05df \u05d5\u05db\u05d0\u05df\n\n- \u05d7\u05d1\u05e8\u05ea BeyondTrust \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05e1\u05d2\u05d9\u05e8\u05d4 \u05e9\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea CVE-2024-12356 \u05e9\u05e0\u05d5\u05e6\u05dc\u05d4 \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05de\u05e1\u05d1\u05d9\u05d1 \u05dc\u05e2\u05d5\u05dc\u05dd. (CISA \u05d4\u05d5\u05e1\u05d9\u05e4\u05d5 \u05d0\u05ea \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05dc\u05de\u05d0\u05d2\u05e8 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05d1\u05e9\u05e0\u05ea 2024).\n\n- \u05d7\u05d1\u05e8\u05ea Sophos \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc 3 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9 \u05d4-FW \u05e9\u05dc \u05d4\u05d7\u05d1\u05e8\u05d4 (2 \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d5\u05d0\u05d7\u05ea \u05d2\u05d1\u05d5\u05d4\u05d4).\n\u05d0\u05dd \u05de\u05d5\u05d2\u05d3\u05e8 \u05d0\u05e6\u05dc\u05db\u05dd \u05dc\u05d1\u05e6\u05e2 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9\u05dd \u05d1\u05d0\u05d5\u05e4\u05df \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9 \u05d0\u05d6 \u05d0\u05ea\u05dd \u05de\u05db\u05d5\u05e1\u05d9\u05dd.\n\nhttps://t.me/CyberSecurityIL/6274\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2024-12-20T11:32:34.000000Z"}, {"uuid": "9a41c803-44e2-4fe0-8c19-a5b68716b164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/thehackernews/6065", "content": "\ud83d\udea8 A critical flaw (CVE-2024-12356, CVSS score: 9.8) has been discovered in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) products. \n \nAn unauthenticated attacker could exploit this to inject commands and execute arbitrary OS actions, posing a serious security risk. \n \nLearn more: https://thehackernews.com/2024/12/beyondtrust-issues-urgent-patch-for.html", "creation_timestamp": "2024-12-18T15:43:59.000000Z"}, {"uuid": "6e94b354-4029-44d2-bb10-973ffd1afe36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/true_secator/6563", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0430 Privileged Access Management \u0438 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 BeyondTrust \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0430\u0441\u044c \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0435\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 SaaS-\u0441\u0435\u0440\u0432\u0438\u0441\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438.\n\n\u041f\u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u043c\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0444\u0438\u0440\u043c\u0430\u043c\u0438, \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c\u0438 \u0440\u043e\u0437\u043d\u0438\u0447\u043d\u043e\u0439 \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438 \u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u0438, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 \u043a\u043e\u043c\u043c\u0443\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u043c \u0441\u0435\u043a\u0442\u043e\u0440\u043e\u043c.\n\n2 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430\u00a0\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b BeyondTrust \u0437\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u043b\u0438 \u0430\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Remote Support SaaS.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043b\u044e\u0447\u0443 API \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 SaaS, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0438\u043c \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0434\u043b\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.\n\nBeyondTrust \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0442\u043e\u0437\u0432\u0430\u043b\u0430 \u043a\u043b\u044e\u0447 API, \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b SaaS-\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u0441\u043c\u043e\u0433\u043b\u0438 \u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b SaaS-\u0441\u0435\u0440\u0432\u0438\u0441\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a \u043d\u0430 \u043a\u043b\u0438\u0435\u043d\u0442.\n\n\u041d\u043e \u0437\u0430\u0442\u043e \u0432 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \u043e\u0434\u043d\u0443 16 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0438 \u0434\u0440\u0443\u0433\u0443\u044e 18 \u0447\u0438\u0441\u043b\u0430.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2024-12356 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Remote Support (RS) \u0438 Privileged Remote Access (PRA).\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0431\u0430\u0437\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441\u0430\u0439\u0442\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, CVE-2024-12686, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u0442\u0435\u0445 \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043e\u0431\u044a\u0435\u043a\u0442.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u044f\u0432\u043d\u043e \u043d\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c BeyondTrust \u0438\u043b\u0438 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435  \u0441\u0432\u043e\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a \u0434\u043b\u044f \u043e\u0445\u0432\u0430\u0442\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u041d\u043e \u044d\u0442\u043e \u0432\u043f\u043e\u043b\u043d\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f, \u0434\u0430\u0436\u0435 \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 \u043f\u043e \u043d\u0438\u043c \u043e\u0442\u043c\u0435\u0442\u043a\u0438 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.\n\nBeyondTrust \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043d\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430 \u0432\u0441\u0435\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445, \u043d\u043e \u0442\u0435\u043c, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0410 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0442\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f.", "creation_timestamp": "2024-12-20T12:20:05.000000Z"}, {"uuid": "fa26c540-9b74-41b0-9e67-d8504b8a6ff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1235", "type": "seen", "source": "https://t.me/ctinow/198160", "content": "https://ift.tt/0opTgjO\nCVE-2024-1235 | Livemesh Elementor Addons Plugin up to 8.3.2 on WordPress cross site scripting", "creation_timestamp": "2024-03-02T00:26:33.000000Z"}, {"uuid": "ab164ba1-a03b-42fc-b137-d0e8fce64473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/true_secator/6736", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Rapid7 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 0-day PostgreSQL, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0442\u0430\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 BeyondTrust Privileged Remote Access \u0438 Remote Support, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u041c\u0438\u043d\u0444\u0438\u043d \u0421\u0428\u0410.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-1094 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,1) \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0438\u043d\u0442\u0435\u0440\u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b PostgreSQL\u00a0psql\u00a0\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c SQL, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0435, \u043d\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e.\u00a0\n\n\u041d\u0430\u0439\u0442\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u00a0CVE-2024-12356, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u041f\u041e BeyondTrust, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Rapid7 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u043a\u0430\u0436\u0434\u043e\u043c \u0438\u0437 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043d\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 BeyondTrust (CVE-2024-12356) \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 PostgreSQL \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e BeyondTrust \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-12356 \u0438 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u0443\u044e CVE-2024-12686, \u0431\u0430\u0437\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PostgreSQL \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u043e\u043f\u043e\u0440\u044b \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Rapid7, \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0442\u0435\u043c, \u043a\u0430\u043a\u00a0psql \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043d\u0435\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0431\u0430\u0439\u0442\u043e\u0432 \u0438\u0437 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 UTF-8.\n\n\u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f\u00a0\u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u00ab\\!\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2025-1094 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043c\u0435\u0442\u0430\u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u0443\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u0447\u0435\u0440\u0435\u0437 CVE-2025-1094, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 SQL-\u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0435\u0436\u0434\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 SQL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0438 \u0434\u0430\u0436\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0447\u0435\u0440\u0435\u0437\u00a0\u043c\u0435\u0442\u0430\u043a\u043e\u043c\u0430\u043d\u0434\u0443 psql.\n\n\u041f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0445 \u0442\u0435\u0441\u0442\u043e\u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u0443\u00a0id\u00a0\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u0432 \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\u00a0\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 PostgreSQL \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e PostgreSQL 17.3, 16.7, 15.11, 14.16 \u0438 13.19 \u0443\u044f\u0437\u0432\u0438\u043c\u044b.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e 0-day, \u043d\u043e \u0442\u0435\u043c \u043d\u0435\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 Rapid7.\n\nRapid7 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043c\u043e\u0434\u0443\u043b\u044c Metasploit, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b BeyondTrust \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0443 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u0427\u0442\u043e \u0436\u0435 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f, \u0441\u0430\u043c\u043e\u0433\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 - \u043f\u043e\u043c\u0438\u043c\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u00ab\u043a\u0440\u0443\u043f\u043d\u043e\u0433\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00bb, \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u043e\u0446\u0435\u043d\u043a\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0449\u0435\u0440\u0431\u0430 \u0432\u043b\u0430\u0441\u0442\u0438 \u0421\u0428\u0410 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442.\n\n\u0418 \u0432\u0440\u044f\u0434 \u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u043e\u044e\u0442, \u043d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2025-02-14T11:30:06.000000Z"}, {"uuid": "1a49473c-04b7-45f6-8686-784c58169efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "seen", "source": "https://t.me/true_secator/6612", "content": "\u041a\u0430\u043a \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442 \u0421\u041c\u0418, \u0432 \u0445\u043e\u0434\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0421\u0428\u0410 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0434\u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 \u0442\u0435, \u0447\u0442\u043e \u0437\u0430\u043d\u0438\u043c\u0430\u044e\u0442\u0441\u044f \u0438\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u043d\u044b\u043c\u0438 \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0446\u0438\u044f\u043c\u0438.\n\n\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0439\u043d\u0435 \u043c\u0430\u043b\u043e.\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0421\u0428\u0410, \u043a\u0430\u043a\u0438\u043c \u0438\u043c\u0435\u043d\u043d\u043e \u0438 \u0447\u0442\u043e \u0438\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c - \u0432 \u043f\u043e\u043b\u043d\u043e\u043c \u043e\u0431\u044a\u0435\u043c\u0435 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u043e \u043d\u0430\u0447\u0430\u043b\u0443 \u0432 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435 \u0421\u0428\u0410 \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u00a0\u043d\u0435\u0441\u0435\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u043d\u0430 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u0441\u0442\u0430\u043d\u0446\u0438\u0438 \u041a\u0430\u0437\u043d\u0430\u0447\u0435\u0439\u0441\u0442\u0432\u0430.\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0431\u044b\u043b \u043f\u043e\u043b\u0443\u0447\u0435\u043d \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 API \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 BeyondTrust.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e 0-day, CVE-2024-12356, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u043d\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u044d\u0442\u043e \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438.\n\n\u0416\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u0430\u043c CNN\u00a0\u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0437\u043d\u0430\u0442\u044c \u043e\u0442 \u0442\u0440\u0435\u0445 \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043b\u0438\u0446 \u0421\u0428\u0410, \u0437\u043d\u0430\u043a\u043e\u043c\u044b\u0445 \u0441 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u041a\u043e\u043c\u0438\u0442\u0435\u0442\u043e\u043c \u043f\u043e \u0438\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u043d\u044b\u043c \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0446\u0438\u044f\u043c \u0432 \u0421\u0428\u0410 (CFIUS).\n\n\u0420\u0430\u043d\u0435\u0435 \u0432 Washington Post\u00a0\u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, \u0447\u0442\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e \u0437\u0430 \u0438\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u043d\u044b\u043c\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u043c\u0438 (OFAC), \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0438 \u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c CNN, \u0447\u0438\u043d\u043e\u0432\u043d\u0438\u043a\u0438 \u043e\u0431\u0435\u0441\u043f\u043e\u043a\u043e\u0435\u043d\u044b \u0442\u0435\u043c, \u0447\u0442\u043e \u041a\u0438\u0442\u0430\u0439 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0431\u0449\u0438\u0442\u044c \u0432\u0441\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u00ab\u043d\u0435\u0441\u0435\u043a\u0440\u0435\u0442\u043d\u0443\u044e\u00bb \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0430\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0438\u043c \u0432\u044b\u0443\u0434\u0438\u0442\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0434\u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u0412 Bloomberg \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u0430 \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u043e\u044f\u0442\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT,\u00a0\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Silk Typhoon \u0438\u043b\u0438\u00a0Hafnium.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u044b \u0438 \u0437\u043d\u0430\u043a\u043e\u043c\u044b\u0435 \u0441 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439 \u0447\u0438\u043d\u043e\u0432\u043d\u0438\u043a\u0438 \u0435\u0434\u0438\u043d\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043a\u0430\u043a \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \u0412\u0438\u0434\u0438\u043c\u043e, \u0432\u0441\u0435 \u0436\u0435 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0433\u0440\u0438\u0444\u0430 \u0432 \u0443\u0442\u0435\u043a\u0448\u0438\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0445 \u0432\u0441\u0435 \u0436\u0435 \u0431\u044b\u043b\u043e.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c.", "creation_timestamp": "2025-01-13T14:17:04.000000Z"}, {"uuid": "204a9d18-86aa-4554-b45c-4c5958c5114a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://t.me/thehackernews/6100", "content": "\ud83d\udea8 Suspected Chinese state-sponsored hackers breached the U.S. Treasury via a compromised API key from BeyondTrust, a third-party vendor. \n \n\ud83d\udca1 Here\u2019s what happened: \n\u00bb Attackers gained access to a key securing BeyondTrust\u2019s cloud-based remote support service. \n\u00bb They bypassed security to remotely access Treasury workstations and unclassified documents. \n\u00bb CVE-2024-12356, a critical vulnerability (CVSS 9.8), was actively exploited. \n \n\u27a1\ufe0f Read More: https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html", "creation_timestamp": "2024-12-31T06:46:44.000000Z"}, {"uuid": "4ed9abae-a5fc-4ebb-9368-882e15e3ce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://t.me/thehackernews/6074", "content": "\ud83d\udea8 CISA warns of an actively exploited critical flaw (CVE-2024-12356, CVSS: 9.8) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) products. \n \nAttackers can exploit this flaw to run arbitrary commands\u2014no authentication required. \n \nRead: https://thehackernews.com/2024/12/cisa-adds-critical-flaw-in-beyondtrust.html", "creation_timestamp": "2024-12-20T05:32:32.000000Z"}, {"uuid": "94f8949a-06ec-48fe-a481-aa5a863bc55c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/7443", "content": "\ud83d\udea8 CVE-2025-1094: PostgreSQL psql SQL injection\n\ud83d\udd25PoC:https://github.com/rapid7/metasploit-framework/pull/19877\n\ud83e\uddd0Deep Dive :https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis\n\n\ud83d\udc47Dorks:\nHUNTER : protocol=\"postgresql\"\nFOFA : product=\"PostgreSQL\"\nSHODAN : \"port:5432 PostgreSQL\"\n\n\ud83d\udcf0Refer:https://thecyberthrone.in/2025/02/15/cve-2025-1094-impacts-postgresql-with-sql-injection/\n\n\nhttps://t.me/SuBoXoneSoCiety", "creation_timestamp": "2025-04-01T12:42:19.000000Z"}]}