{"vulnerability": "CVE-2024-38200", "sightings": [{"uuid": "c705df65-5866-430c-a4b7-7476c6f7d9bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "d540172b-a4b2-4a98-a7cd-474c119f98b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/ap_security/684", "content": "#pentest #exploit\n\nMicrosoft Office NTLMv2 Disclosure (CVE-2024-38200) \n \n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 302 \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442\u0430 \u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 GPO \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0445\u044d\u0448\u0435\u0439 NTLMv2 \u043f\u043e SMB \u0438 HTTP. \n \n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Office, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0445\u0435\u0448\u0438 NTLM \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443.  \n  \n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-38200 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u0438\u0446\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c. \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0431\u0430\u0433 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 32- \u0438 64-\u0431\u0438\u0442\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Office 2016, Office 2019, Office LTSC 2021 \u0438 Microsoft 365 Apps for Enterprise.  \n  \n\u0425\u043e\u0442\u044f \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 Microsoft \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-38200 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u043b\u043e\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0439, MITRE \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443  \u0438\u043d\u0430\u0447\u0435 \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0432\u044b\u0441\u043e\u043a\u0430.", "creation_timestamp": "2024-09-30T05:04:48.000000Z"}, {"uuid": "4ad8e791-c2fe-47f6-84e8-7be24c2050b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llzctexvn32d", "content": "", "creation_timestamp": "2025-04-04T21:02:06.348837Z"}, {"uuid": "f93fadc9-5b36-46c5-9c4e-7dfce5c00cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1352", "content": "", "creation_timestamp": "2024-08-14T04:00:00.000000Z"}, {"uuid": "338bd099-d9cf-49e0-9588-66f7b7b43408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8600", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability \nURL\uff1ahttps://github.com/passtheticket/CVE-2024-38200\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-25T22:15:15.000000Z"}, {"uuid": "7648318e-7956-454a-9551-4297d55dbb23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11977", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38200\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Office Spoofing Vulnerability\n\ud83d\udccf Published: 2024-08-08T20:45:26.301Z\n\ud83d\udccf Modified: 2025-04-15T23:45:12.079Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200", "creation_timestamp": "2025-04-15T23:56:06.000000Z"}, {"uuid": "ee6caf3a-ed46-47cc-9446-99cb56def1d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4914", "content": "#exploit\n1. CVE-2024-26808:\nLinux kernel Netfilter UaF leads to LPE\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\n2. CVE-2024-38200:\nMS Office NTLMv2 Disclosure\nhttps://github.com/passtheticket/CVE-2024-38200\n\n3. CVE-2024-7965:\nInappropriate implementation in V8 (ARM64)\nhttps://github.com/bi-zone/CVE-2024-7965", "creation_timestamp": "2024-10-02T16:38:48.000000Z"}, {"uuid": "5b5fda12-2fbc-43c0-b730-576fb4695581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/454", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability \nURL\uff1ahttps://github.com/passtheticket/CVE-2024-38200\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-26T14:25:00.000000Z"}, {"uuid": "ee7f386e-7919-423d-a4cb-6cf3bfb06834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/519", "content": "https://github.com/passtheticket/CVE-2024-38200\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability\n#github #exploit", "creation_timestamp": "2024-10-01T16:11:48.000000Z"}, {"uuid": "fc4acd91-ec92-478e-8527-36fa95ac401b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/HackingInsights/9548", "content": "\u200aCVE-2024-38200: Zero-Day Vulnerability in Microsoft Office: A Call for Urgent Action\n\nhttps://securityonline.info/cve-2024-38200-zero-day-vulnerability-in-microsoft-office-a-call-for-urgent-action/", "creation_timestamp": "2024-08-12T11:28:52.000000Z"}, {"uuid": "67a65ac1-fcba-4416-be7f-94e77906ee2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1592", "content": "#exploit\n1. CVE-2024-26808:\nLinux kernel Netfilter UaF leads to LPE\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\n2. CVE-2024-38200:\nMS Office NTLMv2 Disclosure\nhttps://github.com/passtheticket/CVE-2024-38200\n\n3. CVE-2024-7965:\nInappropriate implementation in V8 (ARM64)\nhttps://github.com/bi-zone/CVE-2024-7965", "creation_timestamp": "2024-10-02T16:38:49.000000Z"}, {"uuid": "91e8ac2d-6ad5-4d6e-b715-1f17fed20fa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "Telegram/b-2Nyb7EDuMgi3IgibVFlpR-pH8BKAmPT5Jpuk1TWpQKUA", "content": "", "creation_timestamp": "2024-08-10T09:25:12.000000Z"}, {"uuid": "2fa4bae9-adaf-4c7e-b9b7-306b494336bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1001", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T08:34:27.000000Z"}, {"uuid": "aaa349e5-e6a0-4142-b916-42342018334d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/17425", "content": "The Hacker News\nMicrosoft Warns of Unpatched Office Vulnerability Leading to Data Exposure\n\nMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.\nThe vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -\n\nMicrosoft Office 2016 for 32-bit edition and 64-bit editions\nMicrosoft", "creation_timestamp": "2024-08-10T09:24:46.000000Z"}, {"uuid": "66c0232b-07cd-4f5a-bf49-4bace6f68ef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3428", "content": "The Hacker News\nMicrosoft Warns of Unpatched Office Vulnerability Leading to Data Exposure\n\nMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.\nThe vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -\n\nMicrosoft Office 2016 for 32-bit edition and 64-bit editions\nMicrosoft", "creation_timestamp": "2024-08-10T09:24:46.000000Z"}, {"uuid": "2a9f4d8d-4b1a-4af0-b965-81feda967b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "Telegram/PejxRntyRAocNHvLUV8cSPaUmeP3nZJ2C0hxUTOLqMOlgw", "content": "", "creation_timestamp": "2024-08-10T07:42:38.000000Z"}, {"uuid": "0152ca01-3bfe-4883-a4fc-2915e1dcff04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/KomunitiSiber/2382", "content": "Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure\nhttps://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html\n\nMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.\nThe vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -\n\nMicrosoft Office 2016 for 32-bit edition and 64-bit editions\nMicrosoft", "creation_timestamp": "2024-08-10T11:05:35.000000Z"}, {"uuid": "b3677a62-5b03-4e21-93c6-18c66440ec75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8836", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:16.000000Z"}, {"uuid": "a02741bb-c439-45dd-852b-7e846a9e302c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23947", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:12.000000Z"}, {"uuid": "c0c15b82-bd34-4d5e-aab1-8123ee215a08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3770", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:07.000000Z"}, {"uuid": "6b6ec694-a4fd-4f10-927a-57dc4b147acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2286", "content": "CVE-2024-38200 Microsoft Office NTLMv2 \n*\nexploit", "creation_timestamp": "2024-10-02T18:33:55.000000Z"}, {"uuid": "e5a521e3-b138-4b8d-aaaa-b7372d8583c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7481", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:16.000000Z"}, {"uuid": "606facca-5687-4a1b-87c3-165373dca1ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "Telegram/Stj9keMzKvt2INjzJPV4RFzMYF73xG48Rh25JOmWNKGLP4o", "content": "", "creation_timestamp": "2024-08-13T23:59:36.000000Z"}, {"uuid": "6f30d3ea-3c74-45c7-89c3-de2918838dcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_TM/880", "content": "- CVE-2024-38200: MS Office NTLMv2 Disclosure\n\nLink: https://github.com/passtheticket/CVE-2024-38200\n\n#exploit #writeup\n-   -   -   -   -   -   -   -   -\n\u2022 @Old_Unclee\n\u2022 @ZeroDay_TM", "creation_timestamp": "2024-10-02T14:46:23.000000Z"}, {"uuid": "84058a66-41b4-4b88-88a4-c68d8734a6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/true_secator/6090", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438\u00a090 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 79 - \u00ab\u0432\u0430\u0436\u043d\u044b\u0445\u00bb \u0438 10 0-day.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 EoP, 4 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 28 - RCE, 8 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS \u0438 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0418\u0437 10 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 Patch Tuesday \u043d\u0443\u043b\u0435\u0439 \u0448\u0435\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0442\u0440\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f  \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043d\u043e Microsoft \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0448\u0435\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438:\n\n- CVE-2024-38178: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u0449\u0435\u043b\u043a\u043d\u0443\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 Microsoft Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Internet Explorer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE. \u041f\u041e \u0434\u0430\u043d\u043d\u044b\u043c NCSC \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 AhnLab, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n- CVE-2024-38193: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Windows \u0434\u043b\u044f WinSock, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Gen Digital, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f Microsoft \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442.\n\n- CVE-2024-38213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows Mark of the Web, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Trend Micro\u2019s Zero Day Initiative, \u043d\u043e \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n- CVE-2024-38106: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a EoP. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438. Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u043d\u0430\u0448\u0435\u043b \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n- CVE-2024-38107: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Power Dependency Coordinator. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442.\n\n- CVE-2024-38189: RCE-\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Project. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft Office Project \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Office \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043e \u043c\u0430\u043a\u0440\u043e\u0441\u0430\u0445 VBA. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0442.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\n- CVE-2024-38199: RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Line Printer Daemon (LPD). \u041d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 \u0432 \u043e\u0431\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 LPD \u043f\u043e \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n- CVE-2024-21302: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate.\n\n- CVE-2024-38200: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Office, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043a\u0440\u0430\u0441\u0442\u044c \u0445\u044d\u0448\u0438 NTLM.\n\n- CVE-2024-38202: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-08-14T12:17:01.000000Z"}, {"uuid": "3b847daa-dd17-461b-8c24-231f93d3af08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/true_secator/6081", "content": "Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e Office 2016, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0445\u044d\u0448\u0438 NTLM \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443.\n\nCVE-2024-38200 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 32- \u0438 64-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Office 2016, Office 2019, Office LTSC 2021 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Microsoft 365 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439.\n\nMicrosoft \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c PrivSec Consulting \u0438 Synack Red Team. \n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0446\u0435\u043d\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u0430\u044f Microsoft, \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-38200 \u043c\u0430\u043b\u043e\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430, \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c MITRE, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430 - \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0435\u0431-\u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432\u0435\u0431-\u0441\u0430\u0439\u0442 (\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442) \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041b\u0438\u0431\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430\u0436\u0430\u0442\u044c \u043d\u0430 \u0441\u0441\u044b\u043b\u043a\u0443, \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0432 \u043f\u043e\u0447\u0442\u0435 \u0438\u043b\u0438 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0435, \u0430 \u0437\u0430\u0442\u0435\u043c \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\nMicrosoft \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-38200 \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445, \u0437\u0430\u044f\u0432\u0438\u0432 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 Feature Flighting 30.07.2024. \u041d\u043e \u0432\u0441\u0435 \u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a NTLM \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft, \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e NTLM-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a \u043e\u0431\u0449\u0435\u043c\u0443 \u0440\u0435\u0441\u0443\u0440\u0441\u0443 SMB \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u041a\u043e\u0433\u0434\u0430 \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442, Windows \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 NTLM-\u0445\u0435\u0448\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0433\u043e \u0445\u0435\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a.\n\n\u041a\u0430\u043a\u00a0\u0443\u0436\u0435 \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435, \u044d\u0442\u0438 \u0445\u044d\u0448\u0438 \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043c\u0435\u043d\u0430\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0442\u0435\u043a\u0441\u0442\u0430\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u0439.\n\n\u0425\u044d\u0448\u0438 NTLM \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 NTLM Relay, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 ShadowCoerce, DFSCoerce, PetitPotam \u0438  RemotePotato0 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u0440\u0443\u0433\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0432 \u0441\u0435\u0442\u0438.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u043f\u0430\u0442\u0447\u0435\u0439 \u0443 Microsoft \u043f\u043e\u0434\u043f\u0440\u0438\u0431\u0430\u0432\u0438\u043b\u043e\u0441\u044c.\n\n\u0421 \u043d\u0435\u0442\u0435\u0440\u043f\u0435\u043d\u0438\u0435\u043c \u043f\u0443\u0431\u043b\u0438\u043a\u0430 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0Windows Smart App Control \u0438 SmartScreen, Windows Update Stack Elevation of Privilege (CVE-2024-38202) \u0438 Windows Secure Kernel Mode Elevation of Privilege (CVE-2024-21302).", "creation_timestamp": "2024-08-12T14:03:05.000000Z"}, {"uuid": "526260ec-ab7f-46dc-92ac-1d07e0e23091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/thehackernews/5392", "content": "Microsoft reveals a new unpatched vulnerability in Office (CVE-2024-38200) that could expose sensitive data to malicious actors. \n \nIt affects multiple Office versions and could be exploited via web-based attacks, making it a significant threat. \n \nWhile a formal patch is expected soon, Microsoft has already rolled out an alternative fix. \n \nRead: https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html", "creation_timestamp": "2024-08-10T08:32:13.000000Z"}, {"uuid": "39fd8762-49ee-417a-bb05-46ca0e9e158f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/true_secator/6274", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c \u0441 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PrivSec \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-38200, \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 NTLM Relaying, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0439 \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Office.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u0430\u043d\u043e\u043d\u0441\u0430 \u043d\u0430 DEFCON.\n\n2. GreyNoise \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0438\u044e\u043d\u044c\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SolarWinds Serv-U, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2024-28995.\n\n3. JetBrains \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 20 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 TeamCity CI/CD.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0427\u0430\u0440\u043b\u044c\u0437 \u0424\u043e\u043b \u0438\u0437 LEXFO \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u0442\u0440\u0435\u0442\u044c\u044e (\u043f\u0435\u0440\u0432\u0430\u044f \u0438 \u0432\u0442\u043e\u0440\u0430\u044f) \u0447\u0430\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 CVE-2024-2961, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Glibc (CVE-2024-2961), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PHP.\n\n5. \u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430 LAN/LDN \u0432 Nintendo Mario Kart 8 Deluxe \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.0.3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043a\u0430 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0431\u0437\u043e\u0440\u0430-\u043e\u0442\u0432\u0435\u0442\u0430, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043a\u0430\u043a KartLANPwn.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u043a \u0438\u0433\u0440\u043e\u0432\u043e\u0439 \u0441\u0435\u0441\u0441\u0438\u0438 \u0441\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043c\u0435\u043d\u044e \u00abWireless Play\u00bb (\u0438\u043b\u0438 \u00abLAN Play\u00bb) \u043d\u0430 \u0442\u0438\u0442\u0443\u043b\u044c\u043d\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 \u0438\u0433\u0440\u044b, \u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0439\u0441\u044f \u043f\u043e\u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438 (LDN) \u0438\u043b\u0438 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0442\u0432\u0435\u0442\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0412\u0441\u0435 \u044d\u0442\u043e (CVE-2024-45200) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 DoS \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0433\u0440\u044b \u0438\u043b\u0438, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e, RCE \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Akamai \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u041c\u0430\u0440\u0433\u0430\u0440\u0438\u0442\u0435\u043b\u043b\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Common UNIX Printing System (CUPS) \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0447\u0442\u043e, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Red Hat, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u0440\u0430\u0436\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0435\u0441\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u043e \u0447\u0430\u0441\u0442\u0438 RCE \u0431\u044b\u043b\u0430 \u0437\u0430\u0432\u044b\u0448\u0435\u043d\u0430, \u0442\u043e \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0443\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u043d\u043e \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0435\u0433\u043e \u0432 \u0430\u0442\u0430\u043a\u0443 \u0441 \u043d\u0443\u043b\u0435\u0432\u044b\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Akamai \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u043c\u0430\u0441\u043b\u0430 \u0432 \u043e\u0433\u043e\u043d\u044c, \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0446\u0435\u043b\u044c \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c, \u043d\u043e \u0438 \u0445\u043e\u0441\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 CUPS \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u0435\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u043d\u0443\u044e \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0426\u041f.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Akamai \u0432\u044b\u044f\u0432\u0438\u043b \u0431\u043e\u043b\u0435\u0435 58\u00a0000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 CUPS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0418 \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0432\u0441\u0435 58\u00a0000+ \u0445\u043e\u0441\u0442\u043e\u0432 CUPS \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u043e\u0434\u043d\u0443 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 1 \u0413\u0411 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0430\u043a\u0435\u0442 UDP \u0438\u0437 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c. \u0421\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 6 \u0413\u0411.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u0442\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u043e\u0448\u0435\u043b\u043e\u043c\u043b\u044f\u044e\u0449\u0438\u043c\u0438, \u043e\u043d\u0438 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0443\u0442 \u043a \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0446\u0435\u043b\u044c\u044e \u043e\u043a\u043e\u043b\u043e 2,6 \u043c\u043b\u043d. TCP-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u043b\u044e\u0431\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043b\u0435\u0433\u043a\u043e \u0438 \u043d\u0435 \u043d\u0430\u043a\u043b\u0430\u0434\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b CUPS, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u0433\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434.", "creation_timestamp": "2024-10-02T17:30:06.000000Z"}, {"uuid": "d26e2a56-297a-41a9-89b2-f7b7a900ad36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "Telegram/kN3ZjUce2fGEqRkqEup_z1_hLdbRfjkyO9tPIb-rjhmISz4", "content": "", "creation_timestamp": "2024-09-26T23:02:44.000000Z"}, {"uuid": "06614932-f3cb-471d-89c3-6784911d35f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3253", "content": "https://github.com/passtheticket/CVE-2024-38200\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability\n#github #exploit", "creation_timestamp": "2024-10-01T05:07:47.000000Z"}, {"uuid": "4cf21629-18ac-4caa-9a94-e06cdea39a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11213", "content": "#exploit\n1. CVE-2024-26808:\nLinux kernel Netfilter UaF leads to LPE\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\n2. CVE-2024-38200:\nMS Office NTLMv2 Disclosure\nhttps://github.com/passtheticket/CVE-2024-38200\n\n3. CVE-2024-7965:\nInappropriate implementation in V8 (ARM64)\nhttps://github.com/bi-zone/CVE-2024-7965", "creation_timestamp": "2024-09-30T22:42:48.000000Z"}, {"uuid": "21d04b10-41a2-45b4-afae-a1197baf6f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/398", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:12.000000Z"}]}