{"vulnerability": "CVE-2024-38876", "sightings": [{"uuid": "8edb1348-4aca-451a-a022-61e24439cc85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38876", "type": "seen", "source": "https://schleuss.online/users/vulnbot/statuses/113473658534013466", "content": "", "creation_timestamp": "2024-11-13T04:03:41.712322Z"}, {"uuid": "d3f9ce94-86e9-49d4-9bb6-0180b73d42df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38876", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/5109", "content": "#exploit\n#SCADA_Security\n1. From Exploits to Forensics: Unraveling the Unitronics\u00a0Attack\nhttps://claroty.com/team82/research/from-exploits-to-forensics-unraveling-the-unitronics-attack\n2. Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation/File Download (CVE-2024-38876 - 38879)\nhttps://packetstormsecurity.com/files/182667/Siemens-Energy-Omnivise-T3000-8.2-SP3-Privilege-Escalation-File-Download.html", "creation_timestamp": "2024-11-20T11:21:14.000000Z"}, {"uuid": "d9d3f641-b6d5-46ff-ba37-d9561724b4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38876", "type": "seen", "source": "https://t.me/cvedetector/2351", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38876 - Omnivise T3000 Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38876 \nPublished : Aug. 2, 2024, 11:16 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability has been identified in Omnivise\u00a0T3000 Application Server (All versions >= R9.2), Omnivise T3000 Domain Controller (All versions >= R9.2), Omnivise T3000 Product Data Management (PDM) (All versions >= R9.2), Omnivise\u00a0T3000 Terminal Server (All versions >= R9.2), Omnivise T3000 Thin Client (All versions >= R9.2), Omnivise T3000 Whitelisting Server (All versions >= R9.2). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T14:01:25.000000Z"}, {"uuid": "2d3a8fb9-5410-4c26-908f-4fb1ef0a7168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38876", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11437", "content": "#exploit\n#SCADA_Security\n1. From Exploits to Forensics: Unraveling the Unitronics\u00a0Attack\nhttps://claroty.com/team82/research/from-exploits-to-forensics-unraveling-the-unitronics-attack\n2. Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation/File Download (CVE-2024-38876 - 38879)\nhttps://packetstormsecurity.com/files/182667/Siemens-Energy-Omnivise-T3000-8.2-SP3-Privilege-Escalation-File-Download.html", "creation_timestamp": "2024-11-29T01:11:09.000000Z"}]}