{"vulnerability": "CVE-2024-40711", "sightings": [{"uuid": "0ca467e9-074b-484e-b024-c0c7fe550b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-40711", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-18T12:28:51.505750Z"}, {"uuid": "092a3d23-0e3b-449d-a33a-e1aa11e3c911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": null, "content": "", "creation_timestamp": "2024-10-18T12:30:02.511896Z"}, {"uuid": "82ad565b-3346-4cd8-a4d6-8cb04a5ce309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-40711", "type": "confirmed", "source": null, "content": "", "creation_timestamp": "2024-10-18T12:30:05.615974Z"}, {"uuid": "f47f12cc-bcaa-4a7c-b6a5-cd80a7704796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40711", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113448616305825738", "content": "", "creation_timestamp": "2024-11-08T17:55:06.668057Z"}, {"uuid": "d7ae0989-38dd-4a33-a24d-b909a10c18f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-17T18:10:02.000000Z"}, {"uuid": "b08c97bf-cf22-4066-933f-788ceef08f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lgsdwgjvjk2c", "content": "", "creation_timestamp": "2025-01-28T11:27:05.534739Z"}, {"uuid": "639b69af-c5a5-4f70-83d3-e740aad3d4d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://bsky.app/profile/chudypb.bsky.social/post/3lks7sewez224", "content": "", "creation_timestamp": "2025-03-20T07:54:00.228325Z"}, {"uuid": "5ad38d71-d630-4c2e-8c3c-b47a67f255e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:00.000000Z"}, {"uuid": "5f58a537-00d4-43f4-9edc-f48563041683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://bsky.app/profile/codewhitesec.bsky.social/post/3llhaof4z3s24", "content": "", "creation_timestamp": "2025-03-28T16:35:33.124975Z"}, {"uuid": "353f673b-e16d-4c1e-8643-e44089a77a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "MISP/c9834322-1956-45b0-9709-84cb2d0eddd5", "content": "", "creation_timestamp": "2025-09-22T12:23:09.000000Z"}, {"uuid": "1507c874-dd62-4e31-85e0-4bcf031b3022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "MISP/b69053fd-1e28-4c4f-b701-dd54b3273b9e", "content": "", "creation_timestamp": "2025-08-27T19:55:29.000000Z"}, {"uuid": "85a2c020-49e1-4184-aad4-f4ec7d050c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9c437326-e8f6-47c0-8ac3-e583d4d543e3", "content": "", "creation_timestamp": "2026-02-02T12:26:25.851148Z"}, {"uuid": "7ceaf7ed-dadf-4041-904c-3dabe78e836e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/HackerArsenal/384", "content": "CVE-2024-40711  Exploit Veeam backup and Replication\n*\nWriteUp\n*\nPre-Auth exploit\n\n#veeam #rce", "creation_timestamp": "2024-09-16T22:32:19.000000Z"}, {"uuid": "0daa6e64-4d68-4afc-9cb4-f55836a63047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8753", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-40711-exp\nURL\uff1ahttps://github.com/realstatus/CVE-2024-40711-Exp\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-16T05:19:54.000000Z"}, {"uuid": "b7194bc1-4639-425c-8e0a-11f934b3b55d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://www.acn.gov.it/portale/w/akira-campagne-di-sfruttamento-sistematico-di-vulnerabilita-perimetrali-e-accessi-vpn", "content": "", "creation_timestamp": "2026-04-13T03:29:00.000000Z"}, {"uuid": "52fb8cd0-f586-4ea4-8373-f6faf1959428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/13396", "content": "\u200aPoC Exploit Releases for Unauthenticated RCE CVE-2024-40711 in Veeam Backup & Replication\n\nhttps://securityonline.info/poc-exploit-releases-for-unauthenticated-rce-cve-2024-40711-in-veeam-backup-replication/", "creation_timestamp": "2024-09-18T09:07:12.000000Z"}, {"uuid": "d67f80fa-bbb2-4d31-a070-2f43a3e261ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/HackerNewscyber/1596", "content": "\ud83d\udd34\u0628\u0627\u06af \u0628\u062d\u0631\u0627\u0646\u06cc Veeam RCE \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0628\u0627\u062c\u200c\u0627\u0641\u0632\u0627\u0631 Frag \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f\n\n\ud83d\udd3a\u067e\u0633 \u0627\u0632 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0628\u0627\u062c\u200c\u0627\u0641\u0632\u0627\u0631 Akira \u0648 Fog\u060c \u06cc\u06a9 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062d\u06cc\u0627\u062a\u06cc Veeam Backup & Replication (VBR) \u0646\u06cc\u0632 \u0627\u062e\u06cc\u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0628\u0627\u062c\u200c\u0627\u0641\u0632\u0627\u0631 Frag \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a.\n\n\ud83d\udd3a\u0641\u0644\u0648\u0631\u06cc\u0627\u0646 \u0647\u0627\u0648\u0632\u0631\u060c \u0645\u062d\u0642\u0642 \u0627\u0645\u0646\u06cc\u062a\u06cc Code White \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc (\u06a9\u0647 \u0628\u0627 \u0646\u0627\u0645 CVE-2024-40711 \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f) \u0646\u0627\u0634\u06cc \u0627\u0632 \u0633\u0631\u06cc\u0627\u0644\u200c\u0632\u062f\u0627\u06cc\u06cc \u0627\u0632 \u0636\u0639\u0641 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a \u06a9\u0647 \u0639\u0648\u0627\u0645\u0644 \u062a\u0647\u062f\u06cc\u062f \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0627\u0632 \u0622\u0646 \u0628\u0631\u0627\u06cc \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f\u0646 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE) \u062f\u0631 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Veeam VBR \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u0646\u062f.\n\n\ud83d\udea8 @HackerNewscyber", "creation_timestamp": "2024-11-08T20:39:26.000000Z"}, {"uuid": "03392864-cbf4-4c69-a31f-8521cc6cb356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3522", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"}, {"uuid": "96531069-09d8-4074-82f4-953f8fa54828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/669", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"}, {"uuid": "065e3425-4951-4c0a-a04c-13b4b4fe5779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/ton618cyber/5663", "content": "Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware\n\nCybercriminals exploit CVE-2024-40711 in Veeam to deploy ransomware, targeting unpatched systems and compromised VPNs.\n\nthehackernews.com \u2022 Oct 14, 2024", "creation_timestamp": "2024-10-14T13:00:26.000000Z"}, {"uuid": "4ba1e575-aad7-48eb-bf8b-14a7da075853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/cvedetector/5042", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40711 - Apache Flink RCE Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40711 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:10:53.000000Z"}, {"uuid": "482cbc75-afa2-44ef-83ae-c3fe1fb61193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/1157", "content": "\u26a1\ufe0fFog & Akira Ransomware Exploit Critical Veeam RCE Flaw CVE-2024-40711 After PoC Release.\n\n#CyberBulletin", "creation_timestamp": "2024-10-11T06:15:40.000000Z"}, {"uuid": "40ea81fb-4006-4da5-a97b-503d11a2ff14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/CyberBulletin/559", "content": "\u26a1\ufe0fVeeam Backup & Replication Faces RCE Flaw CVE-2024-40711  CVSS: 9.8 A series of critical vulnerabilities have been uncovered in Veeam Backup & Replication, potentially exposing organizations to unauthorized access, remote code execution, and data breaches.", "creation_timestamp": "2024-09-06T09:58:21.000000Z"}, {"uuid": "693d403c-d86b-4af5-bac8-a5617f30cdb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/CyberBulletin/552", "content": "\u26a1\ufe0fVeeam Backup & Replication Faces RCE Flaw\u2013 CVE-2024-40711 (CVSS 9.8) Allows Full System Takeover.\n\n#CyberBulletin", "creation_timestamp": "2024-09-05T07:08:09.000000Z"}, {"uuid": "61051d44-3539-4e5c-a04f-b6d318661167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/ton618cyber/2004", "content": "Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware\n\nCybercriminals exploit CVE-2024-40711 in Veeam to deploy ransomware, targeting unpatched systems and compromised VPNs.\n\nthehackernews.com \u2022 Oct 14, 2024", "creation_timestamp": "2024-10-14T13:00:26.000000Z"}, {"uuid": "05425b77-50f2-43bd-97ed-984248fda310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/311", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T14:05:36.000000Z"}, {"uuid": "877dd3ee-7406-41cc-9782-4099c943057b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "Telegram/wUaGQFfZDSWTulzxHKtB1gmTmIQrnwUmhceQG1ZaITzgww", "content": "", "creation_timestamp": "2024-10-14T14:39:55.000000Z"}, {"uuid": "d8bdf41c-b767-4c4a-8a22-8ce4aec4781d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "Telegram/2paEDeP02FonhasdWZ5DOTlSfP9HXbNaBwWkCheKZVeaUA", "content": "", "creation_timestamp": "2024-09-05T22:40:17.000000Z"}, {"uuid": "5cded43d-0d8f-4767-a64c-6edf0b103653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12478", "content": "\u200aVeeam fixed a critical flaw in Veeam Backup & Replication software\n\nhttps://securityaffairs.com/168088/security/veeam-backup-replication-cve-2024-40711.html", "creation_timestamp": "2024-09-08T17:48:03.000000Z"}, {"uuid": "bb91502e-0077-4c2b-947e-65e22e367598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/23557", "content": "The Hacker News\nCritical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware\n\nThreat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware.\nCybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware.\nCVE-2024-40711, rated 9.8 out of 10.0 on the", "creation_timestamp": "2024-10-14T18:18:05.000000Z"}, {"uuid": "e3d17ab7-6284-458d-b6ee-69d086eecc27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/19695", "content": "The Hacker News\nVeeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues\n\nVeeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.\nThe list of shortcomings is below -\n\nCVE-2024-40711 (CVSS score: 9.8) - A vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution.\n\n\nCVE-2024-42024 (CVSS score: 9.1", "creation_timestamp": "2024-09-05T22:40:17.000000Z"}, {"uuid": "75cd52c7-dbfd-4500-ba4c-b37752ed2b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "Telegram/w6_zutLrojsiOh2jS9PIbQkpmEnsyVS_rk9P2RYGfK_3Ag", "content": "", "creation_timestamp": "2024-10-14T11:05:58.000000Z"}, {"uuid": "de4e59cc-0030-4090-b5d2-701b68b3b87b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "Telegram/H0bymnaDZsjBJZbbufohqYE3SBtAIPDM1Sz-s9D2SdUOEA", "content": "", "creation_timestamp": "2024-09-06T00:26:00.000000Z"}, {"uuid": "60b61ec3-b3b2-40ed-83ff-7a6b0622afe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "Telegram/sP9GbIQaCXkCvsm_o7vMSslkWvfNQLQSP2dmI9sMZ9pe5fk", "content": "", "creation_timestamp": "2024-10-06T13:05:47.000000Z"}, {"uuid": "9343ea01-ce65-405c-bdaf-4ae77ea907b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/899", "content": "Tools  - Hackers Factory \n\nScrcpy 2.7, just released, supports game controllers \ud83c\udfae\n\nhttps://github.com/Genymobile/scrcpy/releases/tag/v2.7\n\nPre-Auth Exploit for CVE-2024-40711\n\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nScan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files.  \n\nhttps://github.com/LucasFaudman/apkscan\n\nCLI tools for forensic investigation of artifacts \n\nhttps://github.com/dfir-dd/dfir-toolkit\n\nCobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike\n\nhttps://github.com/xx0hcd/Malleable-C2-Profiles\n\nUnleashed ffuf\n\nhttps://github.com/sw33tLie/uff\n\nTools for searching emails for a specific domain\n\nhttp://github.com/Josue87/EmailFinder\n\nhttp://github.com/GiJ03/Infoga\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-17T09:02:24.000000Z"}, {"uuid": "d74c00a7-8219-471e-885c-b772a851a0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3973", "content": "The Hacker News\nVeeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues\n\nVeeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.\nThe list of shortcomings is below -\n\nCVE-2024-40711 (CVSS score: 9.8) - A vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution.\n\n\nCVE-2024-42024 (CVSS score: 9.1", "creation_timestamp": "2024-09-05T22:40:17.000000Z"}, {"uuid": "daaa4ed6-18eb-4ea7-a242-106303353aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/5115", "content": "The Hacker News\nCritical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware\n\nThreat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware.\nCybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware.\nCVE-2024-40711, rated 9.8 out of 10.0 on the", "creation_timestamp": "2024-10-14T18:18:05.000000Z"}, {"uuid": "7f07580d-33b1-4be4-8ae8-8c97f117f114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/KomunitiSiber/2708", "content": "Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware\nhttps://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html\n\nThreat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware.\nCybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware.\nCVE-2024-40711, rated 9.8 out of 10.0 on the", "creation_timestamp": "2024-10-14T11:03:41.000000Z"}, {"uuid": "30c9a55d-3873-4d30-8252-0d1120ebc62b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/KomunitiSiber/2520", "content": "Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues\nhttps://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html\n\nVeeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.\nThe list of shortcomings is below -\n\nCVE-2024-40711 (CVSS score: 9.8) - A vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution.\n\n\nCVE-2024-42024 (CVSS score: 9.1", "creation_timestamp": "2024-09-06T04:50:52.000000Z"}, {"uuid": "27808b77-c7b1-47ac-880e-1203d3532c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8755", "content": "Tools\u00a0 - Hackers Factory \n\nScrcpy 2.7, just released, supports game controllers \ud83c\udfae\n\nhttps://github.com/Genymobile/scrcpy/releases/tag/v2.7\n\nPre-Auth Exploit for CVE-2024-40711\n\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nScan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files.\u00a0 \n\nhttps://github.com/LucasFaudman/apkscan\n\nCLI tools for forensic investigation of artifacts \n\nhttps://github.com/dfir-dd/dfir-toolkit\n\nCobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike\n\nhttps://github.com/xx0hcd/Malleable-C2-Profiles\n\nUnleashed ffuf\n\nhttps://github.com/sw33tLie/uff\n\nTools for searching emails for a specific domain\n\nhttp://github.com/Josue87/EmailFinder\n\nhttp://github.com/GiJ03/Infoga\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-17T09:02:44.000000Z"}, {"uuid": "f84d8607-54a7-4dfc-85a2-6db9748a9ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/InfoSecInsider/23681", "content": "\u26a1\ufe0fVeeam Backup & Replication Faces RCE Flaw CVE-2024-40711  CVSS: 9.8 A series of critical vulnerabilities have been uncovered in Veeam Backup & Replication, potentially exposing organizations to unauthorized access, remote code execution, and data breaches.", "creation_timestamp": "2024-09-06T11:36:38.000000Z"}, {"uuid": "e0abc5e2-94fa-4729-b0de-5dfeea547de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/InfoSecInsider/23674", "content": "\u26a1\ufe0fVeeam Backup & Replication Faces RCE Flaw\u2013 CVE-2024-40711 (CVSS 9.8) Allows Full System Takeover.\n\n#CyberBulletin", "creation_timestamp": "2024-09-06T11:36:33.000000Z"}, {"uuid": "02fcc880-5a08-4dfa-9181-8cfcfbb6390b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23805", "content": "Tools  - Hackers Factory \n\nScrcpy 2.7, just released, supports game controllers \ud83c\udfae\n\nhttps://github.com/Genymobile/scrcpy/releases/tag/v2.7\n\nPre-Auth Exploit for CVE-2024-40711\n\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nScan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files.  \n\nhttps://github.com/LucasFaudman/apkscan\n\nCLI tools for forensic investigation of artifacts \n\nhttps://github.com/dfir-dd/dfir-toolkit\n\nCobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike\n\nhttps://github.com/xx0hcd/Malleable-C2-Profiles\n\nUnleashed ffuf\n\nhttps://github.com/sw33tLie/uff\n\nTools for searching emails for a specific domain\n\nhttp://github.com/Josue87/EmailFinder\n\nhttp://github.com/GiJ03/Infoga\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-17T09:03:07.000000Z"}, {"uuid": "5d655b0f-d6f6-41c3-8a8e-0e68601d6dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3729", "content": "Tools\u00a0 - Hackers Factory \n\nScrcpy 2.7, just released, supports game controllers \ud83c\udfae\n\nhttps://github.com/Genymobile/scrcpy/releases/tag/v2.7\n\nPre-Auth Exploit for CVE-2024-40711\n\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nScan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files.\u00a0 \n\nhttps://github.com/LucasFaudman/apkscan\n\nCLI tools for forensic investigation of artifacts \n\nhttps://github.com/dfir-dd/dfir-toolkit\n\nCobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike\n\nhttps://github.com/xx0hcd/Malleable-C2-Profiles\n\nUnleashed ffuf\n\nhttps://github.com/sw33tLie/uff\n\nTools for searching emails for a specific domain\n\nhttp://github.com/Josue87/EmailFinder\n\nhttp://github.com/GiJ03/Infoga\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-17T09:02:38.000000Z"}, {"uuid": "f690e85b-e465-467f-a992-bc7cd8084dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/proxy_bar/2265", "content": "CVE-2024-40711  Exploit Veeam backup and Replication\n*\nWriteUp\n*\nPre-Auth exploit\n\n#veeam #rce", "creation_timestamp": "2024-09-16T15:14:42.000000Z"}, {"uuid": "974de219-acdd-460b-b01e-ce6a359b9cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7419", "content": "Tools\u00a0 - Hackers Factory \n\nScrcpy 2.7, just released, supports game controllers \ud83c\udfae\n\nhttps://github.com/Genymobile/scrcpy/releases/tag/v2.7\n\nPre-Auth Exploit for CVE-2024-40711\n\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nScan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files.\u00a0 \n\nhttps://github.com/LucasFaudman/apkscan\n\nCLI tools for forensic investigation of artifacts \n\nhttps://github.com/dfir-dd/dfir-toolkit\n\nCobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike\n\nhttps://github.com/xx0hcd/Malleable-C2-Profiles\n\nUnleashed ffuf\n\nhttps://github.com/sw33tLie/uff\n\nTools for searching emails for a specific domain\n\nhttp://github.com/Josue87/EmailFinder\n\nhttp://github.com/GiJ03/Infoga\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-17T09:02:44.000000Z"}, {"uuid": "28fd783c-bb39-4879-afd9-002e315f8557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "Telegram/JV0n6pLsOT6VJZsgrEwvOevCq5yhBWTCVGtt_7W2JJuNFjI", "content": "", "creation_timestamp": "2024-09-05T17:15:55.000000Z"}, {"uuid": "225914bd-a3ce-4ea5-aaea-f37799dc9ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/CyberSecurityIL/55923", "content": "\u05de\u05e9\u05ea\u05de\u05e9\u05d9\u05dd \u05d1-Veeam Backup & Replication (VBR)? \n\u05e9\u05d9\u05de\u05d5 \u05dc\u05d1 \u05dc\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d4\u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05dc\u05dc\u05d0 \u05d4\u05d6\u05d3\u05d4\u05d5\u05ea.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 CVE-2024-40711, \u05e4\u05e8\u05d8\u05d9\u05dd \u05e0\u05d5\u05e1\u05e4\u05d9\u05dd \u05db\u05d0\u05df.\n\nhttps://t.me/CyberSecurityIL/5718\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2024-09-05T17:18:44.000000Z"}, {"uuid": "0c6feeb4-3b7e-46d1-9b2a-61ba6fb17749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/true_secator/6311", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Sophos X-Ops \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Akira \u0438 Fog.\n\n\u0411\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Veeam Backup & Replication (VBR).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-40711 \u00a0(CVSS 9,8), \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Code White \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n\nVeeam \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0435\u0449\u0435 4 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f. \n\n\u0427\u0443\u0442\u044c \u043f\u043e\u0437\u0436\u0435 9 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0442\u043b\u043e\u0436\u0438\u043b\u0430 PoC \u0434\u043e 15 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c  \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0432\u043e\u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0417\u0430\u0434\u0435\u0440\u0436\u043a\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Veeam VBR \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u043f\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445, \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u0418\u043c \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f\u00a0\u0431\u043e\u043b\u0435\u0435 550 000 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 74% \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Global 2000.\n\n\u041a\u0430\u043a \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 Sophos X-Ops, \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043c\u0435\u0441\u044f\u0446 CVE-2024-40711 \u0431\u044b\u043b\u0430 \u0431\u044b\u0441\u0442\u0440\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Akira \u0438 Fog \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0440\u0430\u043d\u0435\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Fog. \u0414\u0440\u0443\u0433\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0432 \u0442\u043e\u0442 \u0436\u0435 \u043f\u0435\u0440\u0438\u043e\u0434 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0431\u044b\u043b\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c Akira. \u0410\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b \u0432\u043e \u0432\u0441\u0435\u0445 4 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u044d\u0442\u0438\u0445 \u0431\u0430\u043d\u0434 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0412 \u043a\u0430\u0436\u0434\u043e\u043c \u0438\u0437 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u044f\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 VPN-\u0448\u043b\u044e\u0437\u044b \u0431\u0435\u0437 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 MFa. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 VPN \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0441 \u0443\u0436\u0435 \u043d\u0435\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u041f\u041e.\n\n\u0412 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0435 \u0441 \u0432\u0438\u0440\u0443\u0441\u043e\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u043c Fog \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b \u0435\u0433\u043e \u043d\u0430 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Hyper-V, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0443\u0442\u0438\u043b\u0438\u0442\u0443 rclone \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412\u0430\u043d\u0433\u0443\u0435\u043c, \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043e\u0442 Sophos X-Ops, \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0439 \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 Veeam \u0431\u043e\u043b\u0442 \u0435\u0449\u0435 \u0434\u043e\u043b\u0433\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u0434\u043d\u044f\u0442 \u0441 \u0442\u043e\u0433\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u043c\u0435\u0441\u0442\u0430. \n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-10-11T16:10:05.000000Z"}, {"uuid": "fa96db6b-55c1-4b2e-ae50-a1ad2c104972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6177", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0438 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c\u0438 \u0442\u0440\u0435\u043d\u0434\u0430\u043c\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Mistymntncop \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b PoC \u0434\u043b\u044f CVE-2024-5274, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Chrome, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043c\u0430\u0435.\n\nQiAnXin \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 0-day \u0432 Windows DWM Core, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-30051 \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Qakbot.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Jamf \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u0445\u043e\u0434\u0430 Gatekeeper macOS \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\nPatchstack \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 CVE-2024-44000, \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f LiteSpeed WordPress, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0441\u0442\u0430\u043b\u0430 CVE-2024-28000, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043d\u0430\u0437\u0430\u0434 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b cookie \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438\u0437 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043e\u0442\u043b\u0430\u0434\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430.\n\n\u041e\u043d\u0430 \u0431\u044b\u043b\u0430\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 22 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2024 \u0433\u043e\u0434\u0430, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0432\u0447\u0435\u0440\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c LiteSpeed Cache \u0432\u0435\u0440\u0441\u0438\u0438 6.5.0.1.\n\nVeeam \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Veeam Backup & Replication, Service Provider Console \u0438 One.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2024-40711 - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f (CVSS v3.1: 9,8) \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Veeam Backup & Replication, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nApache \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2024-45195 \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c OFBiz (Open For Business), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Linux \u0438 Windows.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Rapid7 \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u044f\u043c\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Apache \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 18.12.16, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u0441\u043e\u043a\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 RCE \u0432 OFBiz, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.", "creation_timestamp": "2024-09-06T16:05:05.000000Z"}, {"uuid": "60e397f3-a2fb-44fc-b4ea-a64195a32d8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1537", "content": "\ud83d\udda5 Veeam Backup & Response \u2014 RCE (CVE-2024-40711)\n\nA critical deserialization vulnerability in .NET Remoting has been discovered in Veeam Backup & Replication, allowing unauthenticated remote code execution (RCE). The flaw affects versions 12.1.2.172 and earlier.\n\n\ud83d\udd17 Research:\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/\n\n\ud83d\udd17 Source:\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\n#veeam #backup #deserialization #unauth #rce", "creation_timestamp": "2024-09-16T13:08:53.000000Z"}, {"uuid": "e4ce5360-2743-479b-9784-ef25043615e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/ctinow/224939", "content": "Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks\nhttps://ift.tt/HYxSucQ", "creation_timestamp": "2024-10-12T08:14:25.000000Z"}, {"uuid": "6a95abf3-512c-41d3-99e3-7ee784b3d29a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/26071", "content": "\u26a1\ufe0fFog & Akira Ransomware Exploit Critical Veeam RCE Flaw CVE-2024-40711 After PoC Release.\n\n#CyberBulletin", "creation_timestamp": "2024-10-11T06:15:40.000000Z"}, {"uuid": "6375dcdb-e8d1-4e77-b5dc-15fe8c99c1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/thehackernews/5529", "content": "\u26a0\ufe0f Veeam has patched 18 security flaws, including 5 critical ones allowing remote code execution (e.g., CVE-2024-40711 with a 9.8 CVSS score). Update now to protect your data.\n\nLearn more: https://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html", "creation_timestamp": "2024-09-05T18:58:23.000000Z"}, {"uuid": "7428c927-dab4-4e87-ac43-ce9211962f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "exploited", "source": "https://t.me/thehackernews/5724", "content": "Veeam Backup flaw targeted for ransomware attacks\u2014CVE-2024-40711 exploited! \n \nThis flaw allows attackers to create local admin accounts, granting them full control to deploy ransomware like Akira and Fog. \n \nLearn how to defend against active threats: https://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html", "creation_timestamp": "2024-10-14T10:58:22.000000Z"}, {"uuid": "fb27af4b-73a9-4d08-a2c2-14a07db90f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9105", "content": "Veeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711)\n\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/", "creation_timestamp": "2024-09-22T04:47:07.000000Z"}, {"uuid": "12ca104d-e945-4e22-a894-820859c88a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3144", "content": "https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/\n\nVeeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711)\n#\u5206\u6790", "creation_timestamp": "2024-09-10T17:40:22.000000Z"}, {"uuid": "02205bb9-0e87-46bf-b4a0-d4d7cdecef7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3183", "content": "https://github.com/watchtowrlabs/CVE-2024-40711\n\nExploit for Veeam backup and Replication Pre-Auth Deserialization CVE-2024-40711\n#github #exploit", "creation_timestamp": "2024-09-16T15:25:45.000000Z"}, {"uuid": "2440c63f-ff19-4821-96dd-92a72066988b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11107", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n]-> https://github.com/watchtowrlabs/CVE-2024-40711\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-16T18:20:15.000000Z"}, {"uuid": "a51b6bc3-19d4-4fdd-82cb-ff2fb5315430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/InfoSecInsider/195", "content": "\u26a1\ufe0fVeeam Backup & Replication Faces RCE Flaw\u2013 CVE-2024-40711 (CVSS 9.8) Allows Full System Takeover.\n\n#CyberBulletin", "creation_timestamp": "2024-09-06T11:36:43.000000Z"}, {"uuid": "835cfbf2-9dc6-4239-9ff0-ec5698187608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "seen", "source": "https://t.me/InfoSecInsider/202", "content": "\u26a1\ufe0fVeeam Backup & Replication Faces RCE Flaw CVE-2024-40711  CVSS: 9.8 A series of critical vulnerabilities have been uncovered in Veeam Backup & Replication, potentially exposing organizations to unauthorized access, remote code execution, and data breaches.", "creation_timestamp": "2024-09-06T11:36:43.000000Z"}, {"uuid": "11ef0e3d-9d63-42e7-916f-6870249cd310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40711", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/312", "content": "Tools  - Hackers Factory \n\nScrcpy 2.7, just released, supports game controllers \ud83c\udfae\n\nhttps://github.com/Genymobile/scrcpy/releases/tag/v2.7\n\nPre-Auth Exploit for CVE-2024-40711\n\nhttps://github.com/watchtowrlabs/CVE-2024-40711\n\nRemote Kerberos Relay made easy! Advanced Kerberos Relay Framework\n\nhttps://github.com/CICADA8-Research/RemoteKrbRelay\n\nScan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files.  \n\nhttps://github.com/LucasFaudman/apkscan\n\nCLI tools for forensic investigation of artifacts \n\nhttps://github.com/dfir-dd/dfir-toolkit\n\nCobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike\n\nhttps://github.com/xx0hcd/Malleable-C2-Profiles\n\nUnleashed ffuf\n\nhttps://github.com/sw33tLie/uff\n\nTools for searching emails for a specific domain\n\nhttp://github.com/Josue87/EmailFinder\n\nhttp://github.com/GiJ03/Infoga\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-17T09:03:08.000000Z"}]}