{"vulnerability": "CVE-2024-4186", "sightings": [{"uuid": "f1300710-1a80-4f95-8056-70105e53136d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41869", "type": "seen", "source": "https://t.me/cvedetector/5578", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41869 - Adobe Acrobat Reader Use After Free Arbitrary Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-41869 \nPublished : Sept. 13, 2024, 9:15 a.m. | 20\u00a0minutes ago \nDescription : Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-13T11:41:28.000000Z"}, {"uuid": "dbe276c2-b621-4665-8133-4e1bd86c590e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41869", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1371", "content": "", "creation_timestamp": "2024-09-11T04:00:00.000000Z"}, {"uuid": "d37388a1-315d-479c-8e2e-adf5f6394cf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41867", "type": "seen", "source": "https://t.me/cvedetector/5581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41867 - Adobe After Effects Stack-based Buffer Overflow Leonardy\", \n  \"Content\": \"CVE ID : CVE-2024-41867 \nPublished : Sept. 13, 2024, 9:15 a.m. | 20\u00a0minutes ago \nDescription : After Effects versions 23.6.6, 24.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to arbitrary file system write operations. An attacker could leverage this vulnerability to modify or corrupt files, potentially leading to a compromise of system integrity. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-13T11:41:33.000000Z"}, {"uuid": "299f95ec-0678-4da2-8aa6-451e467fc6bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41866", "type": "seen", "source": "https://t.me/cvedetector/3155", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41866 - Adobe InDesign NULL Pointer Dereference DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41866 \nPublished : Aug. 14, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T18:13:31.000000Z"}, {"uuid": "b05db88b-ee11-485f-8815-694681ee927e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41865", "type": "seen", "source": "https://t.me/cvedetector/3156", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41865 - Adobe Dimension Untrusted Search Path Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41865 \nPublished : Aug. 14, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur if the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T18:13:33.000000Z"}, {"uuid": "58e15301-ccff-44a3-836d-49239c14ef88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41860", "type": "seen", "source": "https://t.me/cvedetector/3109", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41860 - Substance3D Sampler Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41860 \nPublished : Aug. 14, 2024, 9:15 a.m. | 45\u00a0minutes ago \nDescription : Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T12:21:44.000000Z"}, {"uuid": "9b5aa755-1a9f-49c2-963e-947276fe6cbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41863", "type": "seen", "source": "https://t.me/cvedetector/3108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41863 - Substance3D Sampler Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41863 \nPublished : Aug. 14, 2024, 9:15 a.m. | 45\u00a0minutes ago \nDescription : Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T12:21:40.000000Z"}, {"uuid": "c4141cd2-d4b8-4609-9126-31262e5f1bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41862", "type": "seen", "source": "https://t.me/cvedetector/3107", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41862 - Substance3D Sampler OOB Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41862 \nPublished : Aug. 14, 2024, 9:15 a.m. | 45\u00a0minutes ago \nDescription : Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T12:21:39.000000Z"}, {"uuid": "df66ad50-a8fb-442f-b698-7b28648e38b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41864", "type": "seen", "source": "https://t.me/cvedetector/3106", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41864 - Substance3D - Designer Out-of-Bounds Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41864 \nPublished : Aug. 14, 2024, 9:15 a.m. | 45\u00a0minutes ago \nDescription : Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T12:21:38.000000Z"}, {"uuid": "98d545e4-9100-47bc-8826-d8c105ea9072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41861", "type": "seen", "source": "https://t.me/cvedetector/3105", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41861 - Substance3D Sampler Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41861 \nPublished : Aug. 14, 2024, 9:15 a.m. | 45\u00a0minutes ago \nDescription : Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T12:21:37.000000Z"}, {"uuid": "00f08b72-6d2b-407f-8dbd-17cb4430f2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41869", "type": "exploited", "source": "https://t.me/xakep_ru/16388", "content": "Adobe \u043f\u0430\u0442\u0447\u0438\u0442 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Acrobat Reader, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\n\n\u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Adobe Acrobat Reader, \u0442\u0430\u043a \u043a\u0430\u043a \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e.\n\nhttps://xakep.ru/2024/09/12/cve-2024-41869/", "creation_timestamp": "2024-09-12T10:52:32.000000Z"}, {"uuid": "815db82d-1fa6-4596-a2f3-6f3a50f7d1a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41869", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6200", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n1. CVE-2024-43102 \u0441 CVSS Sore 10: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Use-After-Free \u0432 FreeBSD \u0432\u043e \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0445 \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0440\u0430\u0437\u0434\u0435\u043b\u044f\u0435\u043c\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u0434\u0437\u0430\u043f\u0440\u043e\u0441\u0430 UMTX_SHM_DESTRUCTION UMTX_OP_SHM \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0447\u0430\u0441\u0442\u043e\u043c\u0443 \u0443\u043c\u0435\u043d\u044c\u0448\u0435\u043d\u0438\u044e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0441\u0441\u044b\u043b\u043e\u043a \u043e\u0431\u044a\u0435\u043a\u0442\u0430, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0433\u043e \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0435\u0433\u043e \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0440\u0430\u043d\u043d\u0435\u043c\u0443 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044e.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u043e\u0434\u0437\u0430\u043f\u0440\u043e\u0441 UMTX_SHM_DESTRUCTION \u043f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0430\u043d\u0438\u043a\u0443 \u0432 \u044f\u0434\u0440\u0435 \u0438\u043b\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 Use-After-Free, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u0432\u044b\u0445\u043e\u0434 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b Capsicum.\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 FreeBSD.\n\n2. Adobe Patch Tuesday \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows \u0438 macOS.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 Acrobat \u0438 PDF Reader: \u043d\u0443\u043b\u044c CVE-2024-41869 (CVSS 7,8) \u0438 CVE-2024-45112 (CVSS 8,6).\n\nCVE-2024-41869 - \u044d\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 Use After Free, \u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a CVE-2024-45112 - \u043e\u0448\u0438\u0431\u043a\u0430 Type Confusion.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u041f\u041e \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\n0-day \u0432 Acrobat Reader \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e\u00a0\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b EXPMON\u00a0\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0425\u0430\u0439\u0444\u044d\u0435\u043c \u041b\u0438. \n\n\u041a\u0430\u043a \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432\u044b\u044f\u0441\u043d\u0438\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e, PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u043d\u0435\u0435 \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438, \u043d\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0441\u0442\u0430\u0434\u0438\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438.\n\n\u041b\u0438 \u043d\u0430\u043c\u0435\u0440\u0435\u043d \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0431\u043b\u043e\u0433\u0435 EXPMON, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 Check Point Research.\n\n3. Ivanti \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 EPM, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-29847) \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439\u00a0\u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\u00a0\u0432 \u043f\u043e\u0440\u0442\u0430\u043b\u0435 \u0430\u0433\u0435\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 Ivanti EPM 2024 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u043b\u0443\u0436\u0431\u044b Ivanti EPM 2022 6 (SU6).\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 Ivanti \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0440\u0435\u043f\u0443\u0442\u0430\u0446\u0438\u044e \u0432\u0435\u043d\u0434\u043e\u0440\u0430 \u043f\u043e \u044d\u0442\u043e\u0439 \u0447\u0430\u0441\u0442\u0438 - \u043d\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u044d\u0442\u043e\u0433\u043e \u0438\u0441\u043a\u043b\u044e\u0447\u0430\u0442\u044c.", "creation_timestamp": "2024-09-12T16:30:06.000000Z"}]}