{"vulnerability": "CVE-2024-21410", "sightings": [{"uuid": "1b13587b-10bb-4d64-adf6-c4b03160f378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-02-16T00:10:03.000000Z"}, {"uuid": "389c232d-451a-4210-8879-f6460975b9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "MISP/b370b5ff-98f2-484e-923f-f6f7c0358bdc", "content": "", "creation_timestamp": "2024-03-21T19:09:01.000000Z"}, {"uuid": "12df2c7b-f504-4cc5-bcf3-466b5eacc480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://msrc.microsoft.com/blog/2024/12/mitigating-ntlm-relay-attacks-by-default/", "content": "", "creation_timestamp": "2024-12-09T07:00:00.000000Z"}, {"uuid": "f104ee7e-0a12-48b9-af0a-35ef9d640f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:52.000000Z"}, {"uuid": "bbaf3e60-4e34-41a6-9c16-822bebe4b337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lktlp6ppyp2u", "content": "", "creation_timestamp": "2025-03-20T20:59:35.874615Z"}, {"uuid": "a534be0d-98f0-4273-979e-c2974617bf80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lq5nnekgu422", "content": "", "creation_timestamp": "2025-05-27T12:06:57.806332Z"}, {"uuid": "2ce429dc-e8d1-4972-a0e8-3b97e10ab642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1227", "content": "", "creation_timestamp": "2024-02-14T04:00:00.000000Z"}, {"uuid": "8ce68e0a-b486-4978-84c8-1f40d244b388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/72e9e44d-6aec-4e9b-a745-febf71de7272", "content": "", "creation_timestamp": "2026-02-02T12:26:41.169467Z"}, {"uuid": "9a1431e6-7532-463e-bf6c-ae24492f94f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/true_sec/63", "content": "\u044d\u0442\u043e \u0435\u0449\u0435 \u0438 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 CVE-2024-21410 (CVSS: 9,8). \ud83d\ude02 \u0447\u0442\u043e \u043a\u0443\u0440\u044f\u0442 \u0432 \u043c\u0430\u0439\u043a\u0440\u043e\u0441\u043e\u0444\u0442, \u044d\u0442\u043e\u0439 \u0442\u0435\u043c\u0435 100 \u043b\u0435\u0442 \u0443\u0436\u0435 \u0438 \u0440\u0430\u0437\u043d\u044b\u0445 \u0442\u0443\u043b\u0437 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0442\u0443\u043b\u0437 \u0443\u0436\u0435 \u043f\u0440\u043e\u0442\u0443\u0445\u043b\u0438 \u0438 \u0443\u043c\u0435\u0440\u043b\u0438.\n\n\u043f\u043e \u044d\u0442\u0438\u043c \u0447\u0435\u0440\u0442\u043e\u0432\u044b\u043c netntlmv2 \u043c\u043e\u0436\u043d\u043e \u0431\u0440\u0443\u0442\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043d\u0443\u0436\u043d\u043e \u0441\u0440\u043e\u0447\u043d\u043e \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438.\n\u0436\u0434\u0443 \u0447\u0435\u0440\u0435\u0437 5 \u043b\u0435\u0442 \u0444\u0438\u043a\u0441\u043e\u0432 \u0432 \u0443\u0442\u0435\u0447\u043a\u0430\u0445 ntlm \u0445\u044d\u0448\u0435\u0439 \u0447\u0435\u0440\u0435\u0437 html \u0444\u0430\u0439\u043b\u044b, \u0431\u0443\u0434\u0435\u0442 000day\ud83e\udd28\n\n\n\u041f\u0421 \u043c\u0430\u0439\u043a\u0438, \u0442\u0430\u043c \u0435\u0449\u0435 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c sharepoint \u0431\u0435\u0434\u0430)))", "creation_timestamp": "2024-02-15T08:56:04.000000Z"}, {"uuid": "d190a6b4-cc1b-4075-a590-17a49c29ef71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/7Ml4_lMheQFWoLP8HS6G4y2kPw4O-CbsZ96PEHQtUpuC3WA", "content": "", "creation_timestamp": "2025-05-04T05:10:20.000000Z"}, {"uuid": "ea7dfe8d-0ae9-4530-83df-bb9f57142722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/P054ImMwjqD_rl7lBAm-hCz5MlTq06QbnDeiIVFMTFFsHy4", "content": "", "creation_timestamp": "2025-05-04T05:11:16.000000Z"}, {"uuid": "6884c5a4-dceb-42b3-abf2-ccccecffcc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/w2sQVYJqPhbRHT9akHM-iGzWKC3IsG1yKSbs6TyOkRlzfbo", "content": "", "creation_timestamp": "2026-03-27T15:00:06.000000Z"}, {"uuid": "49541409-eb7a-4330-93dd-1c4b17f28f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/itsec_news/4112", "content": "\u200b\u26a1\ufe0f\u0412 Windows \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u0430\u044f 24-\u043b\u0435\u0442\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udcac \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 Patch Tuesday \u043e\u0442 Microsoft, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u043c \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430, \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 73 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0438 \u043e\u0434\u043d\u0430 \u043f\u043e-\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0434\u0440\u0435\u0432\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 Windows \u0443\u0436\u0435 24 \u0433\u043e\u0434\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 5 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0443\u0441 \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb, 65 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u00ab\u0432\u0430\u0436\u043d\u044b\u0435\u00bb, \u0430 \u0435\u0449\u0451 3 \u2014 \u043a\u0430\u043a \u00ab\u0443\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435\u00bb. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 24 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0432 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Microsoft \u043d\u0430 \u0431\u0430\u0437\u0435 Chromium \u2014 Edge.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c:\n\nCVE-2024-21351 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.6), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b Windows SmartScreen;\nCVE-2024-21412 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.1), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 \u044f\u0440\u043b\u044b\u043a\u043e\u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.\nMicrosoft \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-21351, \u0443\u043a\u0430\u0437\u0430\u0432 \u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0441\u0431\u043e\u044f\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0410 CVE-2024-21412 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0436\u0435\u0440\u0442\u0432\u0435.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 Known Exploited Vulnerabilities (KEV) \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 (CISA), \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0435\u0439 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430\u043c \u0421\u0428\u0410 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a 5 \u043c\u0430\u0440\u0442\u0430 2024 \u0433\u043e\u0434\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\nCVE-2024-20684 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 6.5) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Hyper-V, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438;\nCVE-2024-21357 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.5) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Windows Pragmatic General Multicast (PGM);\nCVE-2024-21380 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.0) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Dynamics Business Central / NAV, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438;\nCVE-2024-21410 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Microsoft Exchange Server;\nCVE-2024-21413 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Microsoft Outlook.\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 CVE-2023-50387 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.5) \u0432 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 DNSSEC, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u0432\u0448\u0435\u0439 \u0432 Windows \u0446\u0435\u043b\u044b\u0445 24 \u0433\u043e\u0434\u0430 . \u041e\u043d\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 CPU \u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 DNS-\u0440\u0435\u0437\u043e\u043b\u0432\u0435\u0440\u043e\u0432, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 Microsoft, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u2014 Adobe, AMD, ASUS, Cisco, Intel, Ivanti, Lenovo \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435, \u0447\u0442\u043e \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u0440\u0430\u0431\u043e\u0442\u0443 \u043f\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-14T16:13:10.000000Z"}, {"uuid": "3b3be606-7e90-4fe5-8c2b-407d7ae88dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/BleepingComputer/19459", "content": "\u200aOver 28,500 Exchange servers vulnerable to actively exploited bug\n\nUp to 97,000 Microsoft Exchange servers may be vulnerable\u00a0to a critical severity privilege escalation flaw tracked as\u00a0CVE-2024-21410 that hackers are actively exploiting. [...]\n\nhttps://www.bleepingcomputer.com/news/security/over-28-500-exchange-servers-vulnerable-to-actively-exploited-bug/", "creation_timestamp": "2024-02-19T22:33:57.000000Z"}, {"uuid": "7fd7d014-fd19-439e-a149-e250030d2f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/Cyber_Watch_insider/389", "content": "https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-21410\n\nCVSS 9.8 \u26a0\ufe0f \u26a0\ufe0f", "creation_timestamp": "2024-02-15T13:54:54.000000Z"}, {"uuid": "6ce0f75d-813b-4197-815b-929675acca1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1137", "content": "\ud83d\udd34 \u0417\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u0432\u0447\u0435\u0440\u0430 CVE-2024-21410 \u0432 Exchange  \u0432\u0438\u0434\u0438\u043c\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u0430 \u0434\u043b\u044f CVE-2024-21413 (RCE \u0432 Outlook) \u0432\u044b\u0448\u0435\u043b PoC. \u041c\u044b \u043f\u043e\u0448\u0443\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0435\u0433\u043e\u0434\u043d\u044f, \u0442\u0430\u043a \u0443\u0436 \u0437\u0430\u0432\u0442\u0440\u0430 \u043d\u0430\u0434\u043e \u043f\u0430\u0442\u0447\u0438\u0442\u044c, \u043d\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u044d\u0442\u043e \u0441\u0432\u044f\u0442\u0430\u044f \u043f\u0440\u0430\u0432\u0434\u0430. \u041f\u0430\u0442\u0447\u0438\u0442\u044c \u043d\u0430\u0434\u043e \u0441\u0435\u0433\u043e\u0434\u043d\u044f.\n\n\u0414\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u044d\u0442\u043e\u0439 \u0438 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, Microsoft \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Exchange \u043e\u043f\u0446\u0438\u044e Extended Protection. \u041d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 2024 H1 Cumulative Update (CU14), \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0431\u0443\u0434\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-02-15T09:20:34.000000Z"}, {"uuid": "14837c1e-4468-4087-9b70-6c5610767434", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/kasperskyb2b/1136", "content": "Microsoft Patch Tuesday: \u043b\u0443\u0447\u0448\u0435\u0435, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0432\u043f\u0435\u0440\u0435\u0434\u0438! \ud83d\ude0e \n\n\u0414\u043b\u044f \u0432\u043b\u044e\u0431\u043b\u0451\u043d\u043d\u044b\u0445 \u0432 \u0441\u0432\u043e\u044e \u0440\u0430\u0431\u043e\u0442\u0443, \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 \u043f\u0440\u0438\u0448\u0451\u043b\u0441\u044f \u043a\u0430\u043a \u0440\u0430\u0437 \u0432 \u043a\u0430\u043d\u0443\u043d \u0434\u043d\u044f \u0432\u043b\u044e\u0431\u043b\u0451\u043d\u043d\u044b\u0445, \u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0439 \u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u043d \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Office \u0438 Exchange Server.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Outlook (CVE-2024-21413, CVSS 9.8) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0441\u044b\u043b\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0431\u0443\u0434\u0443\u0447\u0438 \u043f\u0440\u0438\u0441\u043b\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u043f\u043e\u0447\u0442\u0435, \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 (protected view) \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 NTLMv2 \u0438 \u0434\u0430\u0436\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u041f\u0430\u0442\u0447\u0438 \u043d\u0430 2016-\u044e \u043b\u0438\u043d\u0435\u0439\u043a\u0443 Office \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u043d\u043e \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Exchange Server (CVE-2024-21410, CVSS 9.8) \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 PtH, \u043f\u043e\u0432\u044b\u0448\u0430\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u044d\u0442\u043e\u0439 \u0434\u044b\u0440\u044b \u0432 Microsoft \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442 \u043a\u0430\u043a \u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0443\u044e.\n\n\u0425\u043e\u0442\u044f \u043e\u0431\u0430 \u0431\u0430\u0433\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043d\u0430 \u043d\u0438\u0445 \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u043f\u0440\u044f\u043c\u043e \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u043c\u043e\u0442\u0440\u044f\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 APT, \u0443\u0436 \u043e\u0447\u0435\u043d\u044c \u043e\u043d\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u0445 \u0430\u0442\u0430\u043a. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0435\u0433\u043e\u0434\u043d\u044f, \u0442\u043e \u0437\u0430\u0432\u0442\u0440\u0430 \u0443\u0436\u0435 \u0442\u043e\u0447\u043d\u043e \u043d\u0430\u0434\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u0442\u044c \u043f\u0430\u0442\u0447\u0438\u043d\u0433. \n\n\u041c\u0435\u043d\u0435\u0435 \u0432\u043f\u0435\u0447\u0430\u0442\u043b\u044f\u044e\u0449\u0438\u0435, \u043d\u043e \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u044d\u0442\u043e\u0442 \u0432\u0442\u043e\u0440\u043d\u0438\u043a: CVE-2024-21412  \u0438 -21351 (CVSS 8.1 \u0438 7.6).  \u041e\u0431\u0435 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Windows Smartscreen. \u041f\u0440\u043e \u043f\u0435\u0440\u0432\u0443\u044e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u043e\u0439 DarkCasino/WaterHydra \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.   \n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 MS Edge, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u0435\u043b\u0435\u0439 \u0440\u0430\u043d\u0435\u0435, Microsoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 73 \u0434\u044b\u0440\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 30 RCE, 16 EoP, 9 DoS \u0438 10 Spoofing. \u0420\u0435\u0439\u0442\u0438\u043d\u0433 critical \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 5 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, important \u2014 65.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0434\u0435\u043b\u044f\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435\u043c \u0438 \u043f\u0430\u0442\u0447\u0438 Adobe, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043a\u0440\u044b\u043b\u0430 29 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Acrobat \u0438 Reader, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 5 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 RCE. \u041f\u0440\u0430\u0432\u0434\u0430, \u043d\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u0431\u0430\u0433\u043e\u0432 \u043d\u0435 \u043e\u0442\u043c\u0435\u0447\u0435\u043d \u043a\u0430\u043a \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-02-15T08:35:24.000000Z"}, {"uuid": "b4b08861-3475-4e3e-ad9e-e728d1c61f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/kasperskyb2b/1201", "content": "\ud83d\udcbb BSI: \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\nBSI, \u043d\u0435\u043c\u0435\u0446\u043a\u043e\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0437\u0430\u0449\u0438\u0442\u0435, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0432\u0438\u0434\u0438\u043c\u043e\u0439 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b MS Exchange.\n\n\u0418\u0437 45 \u0442\u044b\u0441\u044f\u0447 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, 12% \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0438 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0441 2020 \u0433\u043e\u0434\u0430 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 2010 \u0438 2013. \n28% \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043e\u0442\u0441\u0442\u0430\u044e\u0442 \u043e\u0442 \u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430 \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043d\u0430 4 \u043c\u0435\u0441\u044f\u0446\u0430.\n\u0421\u0440\u0435\u0434\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043f\u043e\u043b\u0443\u0447\u0430\u0432\u0448\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u043e, \u0432\u0435\u043b\u0438\u043a\u0430 \u0434\u043e\u043b\u044f \u0442\u0435\u0445, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u044b \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u043d\u044b\u0445 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0438 \u043c\u0430\u0440\u0442\u0435  CVE-2024-21410 \u0438 CVE-2024-26198. \u041f\u0435\u0440\u0432\u0430\u044f, \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a 0day.\n\n\u0412 \u0438\u0442\u043e\u0433\u0435, \u043a\u0430\u0436\u0434\u044b\u0439 \u0432\u0442\u043e\u0440\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u2014 \u0434\u044b\u0440\u044f\u0432\u044b\u0439, \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u044e\u0442 BSI.\n\u0414\u0443\u043c\u0430\u0435\u0442\u0435, \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u043b\u0443\u0447\u0448\u0435? \u0420\u0435\u0434\u0430\u043a\u0446\u0438\u044f \u0432 \u044d\u0442\u043e\u043c \u0441\u0438\u043b\u044c\u043d\u043e \u0441\u043e\u043c\u043d\u0435\u0432\u0430\u0435\u0442\u0441\u044f.\n\n\u0414\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c Exchange \u0441\u0432\u0435\u0436\u0430\u0439\u0448\u0438\u043c\u0438 security updates, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a OWA \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c Exchange (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e VPN), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c Exchange Extended Protection.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 @\u041f2\u0422", "creation_timestamp": "2024-03-28T15:11:46.000000Z"}, {"uuid": "f379ef2d-5508-4147-a9e5-00b12fbb4e22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "Telegram/gd6PEEus2Q3qrpvDIne3A5EWvxw_Sb_E5b2dVq1mD4ECtQ", "content": "", "creation_timestamp": "2024-02-15T06:22:12.000000Z"}, {"uuid": "ec299b47-babe-4326-9d04-1ff5c2d78d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/cibsecurity/75306", "content": "\ud83d\udd8b\ufe0f Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation \ud83d\udd8b\ufe0f\n\nMicrosoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its\u00a0Patch Tuesday updates. Tracked as\u00a0CVE202421410\u00a0CVSS score 9.8, the issue has been described as a case of privilege escalation impacting the Exchange Server. \"An attacker.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-02-15T07:15:55.000000Z"}, {"uuid": "bc41f632-8eef-42d9-95c7-f5cbfbc69f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/56148", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:54.000000Z"}, {"uuid": "6bf6adc8-068a-4313-a017-65bb3d6c0eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/119126", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:53.000000Z"}, {"uuid": "a28ffe24-8aa3-40cf-8f79-f3f84317f55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/CRo72oop6ZwQnESqwzNS9o-UvXAtRRZBbTaMpkpQIbIEQGCv", "content": "", "creation_timestamp": "2025-01-19T09:05:11.000000Z"}, {"uuid": "58b4f23f-0699-4d0c-b49a-99a584883e16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/m_uXFR_n3tw3cdqXp4eNTFp75GNkXoZP5JCdghj_BLdvWjAh", "content": "", "creation_timestamp": "2025-01-19T10:54:11.000000Z"}, {"uuid": "844bc6e1-1697-43c9-ae8d-2f0eea388317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/1o3RyjbxkBAdqVV1IakPcUVDj3AIfLmG662gmZzR_AzpiWSm", "content": "", "creation_timestamp": "2025-01-20T11:03:21.000000Z"}, {"uuid": "09f28cf2-0a7f-46ea-ab35-abec1e5a7d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/sSOYy9sa0Jc9yTev23pVTCXx5ZwCCV54W3-F49CmFMjcWAGd", "content": "", "creation_timestamp": "2025-01-19T10:45:19.000000Z"}, {"uuid": "94a5d3f0-89e1-4c5a-a7bd-083f73ff3639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/UrNq84zyBC1oMAufBesPTpXAbedIsqXaSNJFq3mfmDUScAM", "content": "", "creation_timestamp": "2024-10-04T00:51:11.000000Z"}, {"uuid": "5506a8cf-601f-4ae9-8e45-e26d00f35cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/V1VUnV7rs7gBAtSdtSG9YU8DOLHIzu1kUZjtLh94w5_yW5C9", "content": "", "creation_timestamp": "2024-12-22T22:15:30.000000Z"}, {"uuid": "14047e30-9248-4259-9ebd-13a67b319dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/1Z5p7xYqKVRAHiS5stM6LcQjCrKKZtV6q5K3lriQD01vETjY", "content": "", "creation_timestamp": "2025-01-20T11:03:16.000000Z"}, {"uuid": "493dea27-ed0b-4135-a25e-62f90bdc9c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/MI65lLGsaGTIv40PK1J154YyMiL63QZNJWuw9XlT_YRsFb40", "content": "", "creation_timestamp": "2025-01-19T09:05:12.000000Z"}, {"uuid": "3df10e4b-0299-45f8-9cfc-c05de5d09992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/1yNdYtjM167PWJ8z4QCuhWfayRW6CDLYSnp7378ajV5EDt8", "content": "", "creation_timestamp": "2024-10-04T00:51:08.000000Z"}, {"uuid": "c9f29105-3589-434b-bab5-d630bac90a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/PfifvZz7tMW-Pq-u9dIIWpX49EGHHaNBJSKvwqdUIESB65tP", "content": "", "creation_timestamp": "2025-01-19T10:54:13.000000Z"}, {"uuid": "ac594296-b9be-4b5d-8723-606971ee790c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/OIy-vi5ELr4cctl8ownkSK8SkQmdcofc4nGKbyP-zK6wBJzg", "content": "", "creation_timestamp": "2025-01-19T10:45:24.000000Z"}, {"uuid": "55af20f6-fe44-453d-a188-6950abace2f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "Telegram/7b0KDMH2WfquipCst9Tv71iesbtnEU4bQJg16OEgDf9nbvsj", "content": "", "creation_timestamp": "2024-12-22T22:15:27.000000Z"}, {"uuid": "7f45c78b-1f66-4047-aa52-2f9dc069da08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "Telegram/rmxJ6i5Z1Mdp5d92koJ6FGf60coEbGd_QfqoxmIwe7Q2_Q", "content": "", "creation_timestamp": "2024-02-15T08:20:06.000000Z"}, {"uuid": "15046833-c188-47d1-97f5-1934729d2ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/KomunitiSiber/1492", "content": "Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation\nhttps://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html\n\nMicrosoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its\u00a0Patch Tuesday updates.\nTracked as\u00a0CVE-2024-21410\u00a0(CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server.\n\"An attacker", "creation_timestamp": "2024-02-15T07:43:58.000000Z"}, {"uuid": "0930053a-d633-441d-b930-5b9cf4d9a251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/448300", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"CVE-2024-21410: \u0434\u043e 97 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange \u0432 \u043a\u0440\u0430\u0441\u043d\u043e\u0439 \u0437\u043e\u043d\u0435\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"20 Feb 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-02-20T18:18:19.000000Z"}, {"uuid": "d2b7e09c-230d-40ed-9d2e-c7479f06b996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "Telegram/ks6r7lcSl2u38jLfeEjl2WvwYf3mZCutYGPh0JEr9-kbuco", "content": "", "creation_timestamp": "2024-02-15T07:43:28.000000Z"}, {"uuid": "b00b1010-6329-412c-933e-dc5832e6f6d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/MrVGunz/1114", "content": "\u26a0\ufe0f \u062a\u0648\u062c\u0647\u060c \u0645\u062f\u06cc\u0631\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645! \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062c\u062f\u06cc\u062f (CVE-2024-21410) \u062f\u0631 \u0633\u0631\u0648\u0631 Microsoft Exchange \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u0628\u0647\u200c\u0637\u0648\u0631 \u0641\u0639\u0627\u0644 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u062c\u0632\u0626\u064a\u0627\u062a: https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html\n\n\u062d\u0645\u0644\u0647\u200c\u06a9\u0646\u0646\u062f\u06af\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u062d\u0633\u0627\u0628\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0631\u0627 \u062a\u0635\u0627\u062d\u0628 \u06a9\u0631\u062f\u0647 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0633\u0637\u062d \u0645\u062f\u06cc\u0631\u06cc\u062a\u06cc \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u0646\u062f. \u0628\u0647\u200c\u0633\u0631\u0639\u062a \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f!\n\n\u26a0\ufe0f Attention, Sysadmins! A newly discovered critical vulnerability (CVE-2024-21410) in Microsoft Exchange Server is currently being actively exploited. \n \nDetails: https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html \n \nAttackers can hijack user accounts & gain admin-level control. Update ASAP!", "creation_timestamp": "2024-05-15T12:22:20.000000Z"}, {"uuid": "de712bf8-6e5d-4222-8842-eabeef7ae3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/MrVGunz/1216", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0627\u06a9\u0633\u0686\u0646\u062c \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a: \u0628\u06cc\u0634 \u0627\u0632 28,500 \u0633\u0631\u0648\u0631 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631\n\n\u0637\u0628\u0642 \u06af\u0632\u0627\u0631\u0634 \u0627\u062e\u06cc\u0631 Bleeping Computer\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0627\u06a9\u0633\u0686\u0646\u062c \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2024-21410 \u0648 \u0627\u0645\u062a\u06cc\u0627\u0632 9.8 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 CVSS \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u062d\u0645\u0644\u0627\u062a NTLM-relay \u0648 \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u062e\u062a\u06cc\u0627\u0631\u0627\u062a \u062f\u0631\u0648\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\u0628\u0647 \u06af\u0632\u0627\u0631\u0634 Shadowservers \u06a9\u0647 \u0646\u0632\u062f\u06cc\u06a9 \u0628\u0647 97,000 \u0633\u0631\u0648\u0631 \u0627\u06a9\u0633\u0686\u0646\u062c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0631 \u0645\u0639\u0631\u0636 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0642\u0631\u0627\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f\u060c \u06a9\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062a\u0639\u062f\u0627\u062f\u060c \u062d\u062f\u0648\u062f 68,500 \u0633\u0631\u0648\u0631 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0627\u0642\u062f\u0627\u0645\u0627\u062a Mitigation \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0647\u0645\u0686\u0646\u0627\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f. \u0647\u0645\u0686\u0646\u06cc\u0646\u060c 28,500 \u0633\u0631\u0648\u0631 \u0628\u0647 \u0637\u0648\u0631 \u0642\u0637\u0639\u06cc \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647\u200c\u0627\u0646\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0645\u0633\u062a\u0642\u0631 \u062f\u0631 \u06a9\u0634\u0648\u0631\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0646\u06cc\u0632 \u0634\u06cc\u0648\u0639 \u062f\u0627\u0631\u062f\u060c \u0628\u0647 \u0637\u0648\u0631\u06cc \u06a9\u0647 \u0628\u06cc\u0634\u062a\u0631\u06cc\u0646 \u062a\u0639\u062f\u0627\u062f \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u062f\u0631 \u0622\u0644\u0645\u0627\u0646 (22,903 \u0633\u0631\u0648\u0631) \u0648 \u0627\u06cc\u0627\u0644\u0627\u062a \u0645\u062a\u062d\u062f\u0647 (19,434 \u0633\u0631\u0648\u0631) \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0627 \u0627\u06cc\u0646\u06a9\u0647 \u0647\u0646\u0648\u0632 \u0647\u06cc\u0686 Proof-of-Concept \u0639\u0645\u0648\u0645\u06cc \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0646\u062a\u0634\u0631 \u0646\u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u062d\u062a\u0645\u0627\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06af\u0633\u062a\u0631\u062f\u0647 \u0627\u0632 \u0622\u0646 \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u062d\u062f\u0648\u062f \u0627\u0633\u062a. \u0627\u0645\u0627 \u0645\u0639\u0645\u0648\u0644\u0627\u064b\u060c \u067e\u0633 \u0627\u0632 \u0627\u0641\u0634\u0627\u06cc \u0686\u0646\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc\u060c \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0628\u0647 \u0633\u0631\u0639\u062a \u0631\u0648\u0634\u200c\u0647\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0646\u200c\u0647\u0627 \u0631\u0627 \u062a\u0648\u0633\u0639\u0647 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3ahttps://www.cert.dk/da/news/2024-02-20/Over-28500-Exchange-servere-saarbare-over-for-aktivt-udnyttet-fejl\n\n\ud83d\udccd Microsoft Exchange Server Vulnerability: Over 28,500 Servers at Risk\n\nAccording to a recent report by Bleeping Computer, a critical vulnerability identified as CVE-2024-21410 with a CVSS score of 9.8 has been found in Microsoft Exchange servers. This vulnerability allows unauthorized attackers to perform NTLM relay attacks and escalate privileges within the system.\n\nShadowservers reports that nearly 97,000 Exchange servers might be exposed to this vulnerability. Out of these, approximately 68,500 servers remain vulnerable despite mitigation efforts, and about 28,500 servers are confirmed to be vulnerable.\n\nThe vulnerability is widespread across servers in various countries, with the highest numbers reported in Germany (22,903 servers) and the United States (19,434 servers).\n\nAlthough no public Proof-of-Concept (PoC) for this vulnerability has been released yet, the potential for attackers to exploit it quickly is high. Generally, after such vulnerabilities are disclosed, attackers swiftly develop methods to exploit them.\n\n\ud83d\udd17 For further reading, please visit:\n\n\ud83d\udd3ahttps://www.cert.dk/da/news/2024-02-20/Over-28500-Exchange-servere-saarbare-over-for-aktivt-udnyttet-fejl", "creation_timestamp": "2024-07-23T16:30:10.000000Z"}, {"uuid": "c5dddc40-dbbc-46cd-8a01-cab0853b4bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/CyberSecurityIL/38136", "content": "\u05e9\u05d9\u05de\u05d5 \u05dc\u05d1 - \u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d7\u05d3\u05e9\u05d4 \u05d1\u05e9\u05e8\u05ea\u05d9 Exchange \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\"\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd (CVE-2024-21410)\n\n\u05e4\u05e8\u05d8\u05d9\u05dd \u05e0\u05d5\u05e1\u05e4\u05d9\u05dd \u05e2\u05dc \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 - \u05db\u05d0\u05df\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2024-02-18T19:43:31.000000Z"}, {"uuid": "0da07bcc-3dc9-407b-bf5f-ea39bec4cede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/true_secator/5417", "content": "\u041d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0438 \u0434\u0432\u0443\u0445 \u0434\u043d\u0435\u0439 \u043a\u0430\u043a Microsoft \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442 \u0441\u0432\u043e\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043a \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u043e\u043c\u0443 \u0441\u043f\u0438\u0441\u043a\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Exchange Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-21410 (CVSS: 9,8).\n\n\u0417\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u043e\u043c PatchTuesday 0-day \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0435\u0439 NTLM, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Microsoft Exchange Server.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u043c\u0435\u043d\u0430) \u043f\u0440\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 NTLM, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0441\u044f \u043f\u043e\u0434 \u0435\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0434\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u0422\u0430\u043a, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043d\u0430\u0446\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u043a\u043b\u0438\u0435\u043d\u0442 NTLM, \u0442\u0430\u043a\u043e\u0439 \u043a\u0430\u043a Outlook, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0438\u043f\u0430 \u0443\u0442\u0435\u0447\u043a\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 NTLM.\n\n\u0423\u0442\u0435\u0447\u043a\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 Exchange, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430-\u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exchange \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u0443\u0442\u0435\u043a\u0448\u0438\u0439 \u0445\u044d\u0448 Net-NTLMv2 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 Exchange \u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c.\n\n\u041d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 14 (CU14) Exchange Server 2019 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u044f \u0437\u0430\u0449\u0438\u0442\u0443 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 NTLM (\u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043a\u0430\u043a \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 EPA).\n\nMicrosoft \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f, \u0447\u0442\u043e\u00a0\u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 (EP) \u0431\u0443\u0434\u0435\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e\u00a0\u043d\u0430 \u0432\u0441\u0435\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Exchange \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f H1 2024 \u0433\u043e\u0434\u0430 (\u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043a\u0430\u043a CU14).\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell ExchangeExtendedProtectionManagement\u00a0\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 EP \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Exchange Server, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a  Server 2016, \u0447\u0442\u043e \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0449\u0438\u0442\u0438\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438  \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 CVE-2024-21410.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u0435\u0440\u0435\u0434 \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c EP \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Exchange \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0441\u0432\u043e\u044e \u0441\u0440\u0435\u0434\u0443 \u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0435 \u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 Microsoft \u043f\u043e EP, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e CVE-2024-21410\u00a0Microsoft \u0442\u0430\u043a\u0436\u0435 \u043f\u043e \u043e\u0448\u0438\u0431\u043a\u0435 \u043f\u043e\u043c\u0435\u0442\u0438\u043b\u0430\u00a0\u0434\u0440\u0443\u0433\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Outlook (CVE-2024-21413) \u043a\u0430\u043a \u044d\u043a\u043f\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0443\u044e \u0437\u0430 \u0444\u0435\u0432\u0440\u0430\u043b\u044c 0-day, \u043f\u043e\u0437\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u043a\u0443 \u0441\u043d\u044f\u043b\u0438.", "creation_timestamp": "2024-02-15T09:41:04.000000Z"}, {"uuid": "f5c6ab30-3f0b-4e9c-badb-d79dcba2a062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/true_secator/5435", "content": "\u0414\u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432 \u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c 3... 2... 1...\n\n\u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0440\u0430\u0441\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 Shadowserver, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u0441\u0435\u0442\u0438 97 000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft Exchange, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 0-day \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0441\u0430\u043c\u0430 \u0436\u0435 Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0430 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 CVE-2024-21410 \u0435\u0449\u0435 13 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 NTLM \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0430\u043c\u044b\u0435 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f.\n\n\u0418\u0437 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 97 000 \u0440\u0435\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 68 500 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0442\u043e\u0433\u043e, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u0430 28 500 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2024-21410.\n\n\u041b\u0438\u0434\u0435\u0440\u0430\u043c\u0438 \u0430\u043d\u0442\u0438\u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044f (22 903), \u0421\u0428\u0410 (19 434), \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044f (3 665), \u0424\u0440\u0430\u043d\u0446\u0438\u044f (3 074), \u0410\u0432\u0441\u0442\u0440\u0438\u044f (2 987), \u0420\u043e\u0441\u0441\u0438\u044f (2 771), \u041a\u0430\u043d\u0430\u0434\u0430 (2 554) \u0438 \u0428\u0432\u0435\u0439\u0446\u0430\u0440\u0438\u044f (2 119).\n\n\u0411\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u043e, \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2024-21410 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442, \u0447\u0442\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u041d\u043e \u044d\u0442\u043e \u043b\u0438\u0448\u044c \u0432\u043e\u043f\u0440\u043e\u0441 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2024-21410 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 14 (CU14) \u0434\u043b\u044f Exchange Server 2019, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 NTLM.", "creation_timestamp": "2024-02-20T14:35:04.000000Z"}, {"uuid": "83c4a8e5-fab1-41f1-8a87-a2223600f846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/true_secator/5428", "content": "\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a Microsoft \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u0435\u0442\u0438\u043b \u0442\u043e \u043e\u0434\u043d\u0443, \u0437\u0430\u0442\u0435\u043c \u0434\u0440\u0443\u0433\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e 0-day \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439.\n\n\u0422\u043e\u0447\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0432\u0448\u0438\u0441\u044c, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e CVE-2024-21410 \u0432 Exchange \u0432\u0441\u0435-\u0442\u0430\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0441\u043d\u044f\u043b \u043f\u043b\u0430\u043d\u043a\u0443 \u0441 CVE-2024-21413 (Microsoft Outlook RCE), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MonikerLink.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f Check Point \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c PoC MonikerLink, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043d\u0430 GitHub. \n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0447\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u043a\u0438 Microsoft \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0437\u0430\u0434\u0443\u043c\u0430\u0442\u044c\u0441\u044f \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c, \u0432\u0435\u0434\u044c \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0442\u0430\u043d\u0443\u0442 \u043f\u043e\u043b\u0438\u0433\u043e\u043d\u043e\u043c \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f.", "creation_timestamp": "2024-02-19T13:41:32.000000Z"}, {"uuid": "56dc85ff-215d-4b1c-9531-d13d22751cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/ctinow/189350", "content": "https://ift.tt/FQGZlsL\nMicrosoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers", "creation_timestamp": "2024-02-21T08:56:24.000000Z"}, {"uuid": "ffc2eca1-b904-4651-bd04-0f4e93f9b6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/ctinow/185246", "content": "https://ift.tt/HVDjpyG\nCritical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation", "creation_timestamp": "2024-02-15T06:26:22.000000Z"}, {"uuid": "016d3d90-520c-4e28-b8a1-e9f19763ea6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/ctinow/184168", "content": "https://ift.tt/RjZvNoV\nCVE-2024-21410 | Microsoft Exchange Server 2016 CU23/2019 CU13/2019 CU14 Remote Code Execution", "creation_timestamp": "2024-02-13T20:37:02.000000Z"}, {"uuid": "54427d5e-e230-477f-acbf-16af5a38b734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/information_security_channel/51551", "content": "Microsoft Warns of Exploited Exchange Server Zero-Day\nhttps://www.securityweek.com/microsoft-warns-of-exploited-exchange-server-zero-day/\n\nMicrosoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks.\nThe post Microsoft Warns of Exploited Exchange Server Zero-Day (https://www.securityweek.com/microsoft-warns-of-exploited-exchange-server-zero-day/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-02-15T14:32:37.000000Z"}, {"uuid": "7de55432-2491-4c86-801e-4abd9837f459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/thehackernews/4550", "content": "\u26a0\ufe0f Attention, Sysadmins! A newly discovered critical vulnerability (CVE-2024-21410) in Microsoft Exchange Server is currently being actively exploited. \n \nDetails here \u2192 https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html \n \nAttackers can hijack user accounts & gain admin-level control. Update ASAP!", "creation_timestamp": "2024-02-15T06:21:50.000000Z"}, {"uuid": "4af68ce9-0b54-40cd-be0d-5dfe0e9104d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/xakep_ru/15405", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Exchange \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a zero-day\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u044b\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-21410, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435. \u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f \u0442\u0435\u043f\u0435\u0440\u044c, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0432 Exchange Server \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0435\u0449\u0435 \u0434\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0430.\n\nhttps://xakep.ru/2024/02/16/cve-2024-21410-0day/", "creation_timestamp": "2024-02-16T19:49:38.000000Z"}, {"uuid": "440f45d9-44a9-492b-90aa-57824d7a0ed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "exploited", "source": "https://t.me/xakep_ru/15423", "content": "\u0411\u043e\u043b\u0435\u0435 28 500 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u0441\u0432\u0435\u0436\u0438\u043c \u0431\u0430\u0433\u043e\u043c\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0441\u0447\u0438\u0442\u0430\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0440\u044f\u0434\u043a\u0430 28 500 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft Exchange \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2024-21410), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0436\u0435 \u043d\u0430\u0447\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u044b. \u041e\u0431\u0449\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u0432\u043e\u0432\u0441\u0435 \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u0435\u0442 97 000.\n\nhttps://xakep.ru/2024/02/21/cve-2024-21410-stats/", "creation_timestamp": "2024-02-21T09:36:13.000000Z"}, {"uuid": "33b29b02-78de-4c57-93a6-2ffa21988ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10081", "content": "#exploit\n1. CVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\n2. CVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-03-03T17:05:08.000000Z"}]}