{"vulnerability": "CVE-2024-1394", "sightings": [{"uuid": "2f3a3269-e0c7-4ce0-8b66-762918779e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13944", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqsk5kkdag2", "content": "", "creation_timestamp": "2025-05-09T16:05:03.074129Z"}, {"uuid": "bb0302e4-a45c-48b1-b8aa-86e8b5edfcab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13946", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lq433mbfhz2c", "content": "", "creation_timestamp": "2025-05-26T21:02:15.868889Z"}, {"uuid": "2d45bc7e-4228-42da-9cb2-04a4d6a87879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13945", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lptjbxlxxn2y", "content": "", "creation_timestamp": "2025-05-23T11:22:22.697933Z"}, {"uuid": "170e867c-95ca-444d-ba9e-52426dc39a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13943", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo2rxj4zvm2e", "content": "", "creation_timestamp": "2025-04-30T21:55:56.683342Z"}, {"uuid": "40eb455c-edb3-47ff-9178-ed7482a0e8d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13943", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-262/", "content": "", "creation_timestamp": "2025-04-30T03:00:00.000000Z"}, {"uuid": "7baa5d9e-1315-434b-91be-d1a85646cae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13944", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114478753232862764", "content": "", "creation_timestamp": "2025-05-09T16:12:29.079555Z"}, {"uuid": "7c2ee446-152d-499b-bacc-25398acaddde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13943", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14147", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13943\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the QCMAP_ConnectionManager component. An attacker can abuse the service to assign LAN addresses to the WWAN. An attacker can leverage this vulnerability to access network services that were only intended to be exposed to the internal LAN. Was ZDI-CAN-23199.\n\ud83d\udccf Published: 2025-04-30T20:00:33.419Z\n\ud83d\udccf Modified: 2025-04-30T20:00:33.419Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-262/", "creation_timestamp": "2025-04-30T20:14:22.000000Z"}, {"uuid": "46ca0ec3-12d5-4c8c-b72a-96b402c64cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13940", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4o2u7gc232", "content": "", "creation_timestamp": "2025-05-14T09:19:31.342475Z"}, {"uuid": "5461dadb-32c5-43c1-8689-b846b16346df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13944", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-695/", "content": "", "creation_timestamp": "2025-07-29T03:00:00.000000Z"}, {"uuid": "ad7f9402-ee59-4419-be79-9b15d558d105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13944", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-693/", "content": "", "creation_timestamp": "2025-07-29T03:00:00.000000Z"}, {"uuid": "94d6fe62-2a00-41b8-9d05-1e40e4f4b9ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1394", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1356", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1394\n\ud83d\udd39 Description: A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them.\n\ud83d\udccf Published: 2024-03-21T12:16:38.790Z\n\ud83d\udccf Modified: 2025-01-13T08:35:31.150Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:1462\n2. https://access.redhat.com/errata/RHSA-2024:1468\n3. https://access.redhat.com/errata/RHSA-2024:1472\n4. https://access.redhat.com/errata/RHSA-2024:1501\n5. https://access.redhat.com/errata/RHSA-2024:1502\n6. https://access.redhat.com/errata/RHSA-2024:1561\n7. https://access.redhat.com/errata/RHSA-2024:1563\n8. https://access.redhat.com/errata/RHSA-2024:1566\n9. https://access.redhat.com/errata/RHSA-2024:1567\n10. https://access.redhat.com/errata/RHSA-2024:1574\n11. https://access.redhat.com/errata/RHSA-2024:1640\n12. https://access.redhat.com/errata/RHSA-2024:1644\n13. https://access.redhat.com/errata/RHSA-2024:1646\n14. https://access.redhat.com/errata/RHSA-2024:1763\n15. https://access.redhat.com/errata/RHSA-2024:1897\n16. https://access.redhat.com/errata/RHSA-2024:2562\n17. https://access.redhat.com/errata/RHSA-2024:2568\n18. https://access.redhat.com/errata/RHSA-2024:2569\n19. https://access.redhat.com/errata/RHSA-2024:2729\n20. https://access.redhat.com/errata/RHSA-2024:2730\n21. https://access.redhat.com/errata/RHSA-2024:2767\n22. https://access.redhat.com/errata/RHSA-2024:3265\n23. https://access.redhat.com/errata/RHSA-2024:3352\n24. https://access.redhat.com/errata/RHSA-2024:4146\n25. https://access.redhat.com/errata/RHSA-2024:4371\n26. https://access.redhat.com/errata/RHSA-2024:4378\n27. https://access.redhat.com/errata/RHSA-2024:4379\n28. https://access.redhat.com/errata/RHSA-2024:4502\n29. https://access.redhat.com/errata/RHSA-2024:4581\n30. https://access.redhat.com/errata/RHSA-2024:4591\n31. https://access.redhat.com/errata/RHSA-2024:4672\n32. https://access.redhat.com/errata/RHSA-2024:4699\n33. https://access.redhat.com/errata/RHSA-2024:4761\n34. https://access.redhat.com/errata/RHSA-2024:4762\n35. https://access.redhat.com/errata/RHSA-2024:4960\n36. https://access.redhat.com/errata/RHSA-2024:5258\n37. https://access.redhat.com/errata/RHSA-2024:5634\n38. https://access.redhat.com/errata/RHSA-2024:7262\n39. https://access.redhat.com/security/cve/CVE-2024-1394\n40. https://bugzilla.redhat.com/show_bug.cgi?id=2262921\n41. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136\n42. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6\n43. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f\n44. https://pkg.go.dev/vuln/GO-2024-2660\n45. https://vuln.go.dev/ID/GO-2024-2660.json", "creation_timestamp": "2025-01-13T09:11:16.000000Z"}, {"uuid": "984abbff-84b3-4ecd-abab-ec6b0db30aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13943", "type": "seen", "source": "https://t.me/cvedetector/24162", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13943 - Tesla Model S Iris Modem Sandbox Escape Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13943 \nPublished : April 30, 2025, 8:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.  \n  \nThe specific flaw exists within the QCMAP_ConnectionManager component. An attacker can abuse the service to assign LAN addresses to the WWAN. An attacker can leverage this vulnerability to access network services that were only intended to be exposed to the internal LAN. Was ZDI-CAN-23199. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T00:37:03.000000Z"}, {"uuid": "47bb95ab-9cd4-4798-a0ab-79d13fb031aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13944", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15823", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13944\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate Version 24.2.16862.6344 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via the creation of a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.\n\ud83d\udccf Published: 2025-05-09T15:18:34.124Z\n\ud83d\udccf Modified: 2025-05-09T19:09:17.086Z\n\ud83d\udd17 References:\n1. https://www.gendigital.com/us/en/contact-us/security-advisories/", "creation_timestamp": "2025-05-09T19:26:18.000000Z"}, {"uuid": "b5e82eef-64b0-4994-98bd-f31eb3bd4e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13940", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16293", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13940\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.7 via the form webhook functionality. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.\n\ud83d\udccf Published: 2025-05-14T08:22:08.413Z\n\ud83d\udccf Modified: 2025-05-14T08:22:08.413Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/4cf2af62-2b5a-4c0a-9e82-f80dde204a9d?source=cve\n2. https://ninjaforms.com/extensions/webhooks/", "creation_timestamp": "2025-05-14T08:31:21.000000Z"}, {"uuid": "49c2e8c5-44fe-4a67-aa57-7aace21746c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13945", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17375", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13945\n\ud83d\udd25 CVSS Score: 8.4 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L)\n\ud83d\udd39 Description: Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data \nif administrator credentials become compromised.\n\nThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.\n\ud83d\udccf Published: 2025-05-23T09:18:18.385Z\n\ud83d\udccf Modified: 2025-05-23T09:18:18.385Z\n\ud83d\udd17 References:\n1. https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch", "creation_timestamp": "2025-05-23T09:47:55.000000Z"}, {"uuid": "deeb43dd-ffbf-4cc9-a3e7-d70499d3181f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13944", "type": "seen", "source": "https://t.me/cvedetector/24971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13944 - Norton Utilities Ultimate Link Following Local Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13944 \nPublished : May 9, 2025, 4:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate Version 24.2.16862.6344 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via the creation of a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T20:23:40.000000Z"}, {"uuid": "d2789675-bcb7-4bd8-8916-dc4e78f27d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1394", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16071", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1394\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them.\n\ud83d\udccf Published: 2024-03-21T12:16:38.790Z\n\ud83d\udccf Modified: 2025-05-12T23:02:02.486Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:1462\n2. https://access.redhat.com/errata/RHSA-2024:1468\n3. https://access.redhat.com/errata/RHSA-2024:1472\n4. https://access.redhat.com/errata/RHSA-2024:1501\n5. https://access.redhat.com/errata/RHSA-2024:1502\n6. https://access.redhat.com/errata/RHSA-2024:1561\n7. https://access.redhat.com/errata/RHSA-2024:1563\n8. https://access.redhat.com/errata/RHSA-2024:1566\n9. https://access.redhat.com/errata/RHSA-2024:1567\n10. https://access.redhat.com/errata/RHSA-2024:1574\n11. https://access.redhat.com/errata/RHSA-2024:1640\n12. https://access.redhat.com/errata/RHSA-2024:1644\n13. https://access.redhat.com/errata/RHSA-2024:1646\n14. https://access.redhat.com/errata/RHSA-2024:1763\n15. https://access.redhat.com/errata/RHSA-2024:1897\n16. https://access.redhat.com/errata/RHSA-2024:2562\n17. https://access.redhat.com/errata/RHSA-2024:2568\n18. https://access.redhat.com/errata/RHSA-2024:2569\n19. https://access.redhat.com/errata/RHSA-2024:2729\n20. https://access.redhat.com/errata/RHSA-2024:2730\n21. https://access.redhat.com/errata/RHSA-2024:2767\n22. https://access.redhat.com/errata/RHSA-2024:3265\n23. https://access.redhat.com/errata/RHSA-2024:3352\n24. https://access.redhat.com/errata/RHSA-2024:4146\n25. https://access.redhat.com/errata/RHSA-2024:4371\n26. https://access.redhat.com/errata/RHSA-2024:4378\n27. https://access.redhat.com/errata/RHSA-2024:4379\n28. https://access.redhat.com/errata/RHSA-2024:4502\n29. https://access.redhat.com/errata/RHSA-2024:4581\n30. https://access.redhat.com/errata/RHSA-2024:4591\n31. https://access.redhat.com/errata/RHSA-2024:4672\n32. https://access.redhat.com/errata/RHSA-2024:4699\n33. https://access.redhat.com/errata/RHSA-2024:4761\n34. https://access.redhat.com/errata/RHSA-2024:4762\n35. https://access.redhat.com/errata/RHSA-2024:4960\n36. https://access.redhat.com/errata/RHSA-2024:5258\n37. https://access.redhat.com/errata/RHSA-2024:5634\n38. https://access.redhat.com/errata/RHSA-2024:7262\n39. https://access.redhat.com/security/cve/CVE-2024-1394\n40. https://bugzilla.redhat.com/show_bug.cgi?id=2262921\n41. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136\n42. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6\n43. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f\n44. https://pkg.go.dev/vuln/GO-2024-2660\n45. https://vuln.go.dev/ID/GO-2024-2660.json", "creation_timestamp": "2025-05-12T23:29:31.000000Z"}]}