{"vulnerability": "CVE-2024-4205", "sightings": [{"uuid": "88dc2907-bae1-4f3e-8c08-d2fd9576fd62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113510160087917336", "content": "", "creation_timestamp": "2024-11-19T14:46:30.051863Z"}, {"uuid": "b4e6b7f1-56fe-43d8-baaf-d2622ff01c84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113552860073616864", "content": "", "creation_timestamp": "2024-11-27T03:45:40.257060Z"}, {"uuid": "0cb95741-667f-4d85-abe3-53ee8231e489", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113561425060709873", "content": "", "creation_timestamp": "2024-11-28T16:03:51.536868Z"}, {"uuid": "cf338173-cca2-429f-9fa5-e5f71ffb858d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/113549474534921024", "content": "", "creation_timestamp": "2024-11-26T13:24:41.881092Z"}, {"uuid": "befa3e33-89a2-4175-a3d8-78e6d0617d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0", "content": "", "creation_timestamp": "2024-09-05T08:37:49.762867Z"}, {"uuid": "af9159d8-cbea-4301-9738-b16419d743b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-42058", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0", "content": "", "creation_timestamp": "2024-09-05T08:37:49.762867Z"}, {"uuid": "5a1449d1-4b28-4897-bd0e-73c0852da38b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-42059", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0", "content": "", "creation_timestamp": "2024-09-05T08:37:49.762867Z"}, {"uuid": "5a0613a4-b76c-4b99-8e7d-017946e54183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42059", "type": "seen", "source": "https://t.me/cvedetector/4668", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42059 - Zyxel ATP/USG FLEX/USG20(W)-VPN Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42059 \nPublished : Sept. 3, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T04:55:54.000000Z"}, {"uuid": "cde7b2f3-ae1f-45c0-986d-56e3dd8ede37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42052", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8267", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42052\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N)\n\ud83d\udd39 Description: The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder.\n\ud83d\udccf Published: 2024-07-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-20T19:04:35.893Z\n\ud83d\udd17 References:\n1. https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/1.md\n2. https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/15813655496603-Splashtop-Streamer-version-v3-5-8-0-for-Windows-released", "creation_timestamp": "2025-03-20T19:18:30.000000Z"}, {"uuid": "91cc7e01-70f5-4a9c-b4c6-d712972e7f35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42058", "type": "seen", "source": "https://t.me/cvedetector/4667", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42058 - Zyxel ATP/USG/USG FLEX/USG20(W) Null Pointer Dereference DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42058 \nPublished : Sept. 3, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T04:55:51.000000Z"}, {"uuid": "c1261b3c-d910-4623-bead-6e949f8df6f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://t.me/cvedetector/4663", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42057 - A command injection vulnerability in the IPSec VPN\", \n  \"Content\": \"CVE ID : CVE-2024-42057 \nPublished : Sept. 3, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T04:55:48.000000Z"}, {"uuid": "0aaff3fc-0bc8-4cd8-80d1-b9dcac4b2b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42054", "type": "seen", "source": "https://t.me/HackerArsenal/47", "content": "\u203c\ufe0f CVE-2024-42054 \u203c\ufe0f\n\nCervantes through 0.5alpha accepts insecure file uploads.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @hackerarsenal", "creation_timestamp": "2024-07-28T13:11:14.000000Z"}, {"uuid": "a974adcb-8e10-4bdf-9364-328a7082e1c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42056", "type": "seen", "source": "https://t.me/cvedetector/3848", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42056 - Retool Authentication Credential Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42056 \nPublished : Aug. 22, 2024, 1:15 a.m. | 36\u00a0minutes ago \nDescription : Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with \"Use\" permissions can be discovered (by an authenticated attacker) via the /api/resources endpoint. The earliest affected version is 3.18.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T04:17:41.000000Z"}, {"uuid": "edfa0f43-3be4-4d85-8be6-cc2999269a7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42055", "type": "seen", "source": "https://t.me/cvedetector/1768", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42055 - Cervantes Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42055 \nPublished : July 28, 2024, 4:15 a.m. | 28\u00a0minutes ago \nDescription : Cervantes through 0.5-alpha allows stored XSS. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-28T10:09:47.000000Z"}, {"uuid": "69a86886-4b2f-4807-95b1-d5575b89e511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42054", "type": "seen", "source": "https://t.me/cvedetector/1767", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42054 - Apache Cervantes File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42054 \nPublished : July 28, 2024, 4:15 a.m. | 28\u00a0minutes ago \nDescription : Cervantes through 0.5-alpha accepts insecure file uploads. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-28T06:50:32.000000Z"}, {"uuid": "3e475a67-9390-41a6-9f5b-b228000cb764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42050", "type": "seen", "source": "https://t.me/cvedetector/1766", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42050 - Splashtop Streamer for Windows Privilege Escalation Weak Permission Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42050 \nPublished : July 28, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProvider_Inst.reg. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-28T06:00:23.000000Z"}, {"uuid": "3bfcac37-73a9-4200-9217-de2e7a9c028d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42051", "type": "seen", "source": "https://t.me/cvedetector/1765", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42051 - Splashtop Streamer Windows Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42051 \nPublished : July 28, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The MSI installer for Splashtop Streamer for Windows before 3.6.2.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-28T06:00:23.000000Z"}, {"uuid": "53da1f16-c27b-4b14-8e9f-4ed0f723576e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42052", "type": "seen", "source": "https://t.me/cvedetector/1764", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42052 - Splashtop Streamer for Windows Local Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42052 \nPublished : July 28, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-28T06:00:22.000000Z"}, {"uuid": "3383d344-9aad-4e83-b817-9c26a530052a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42053", "type": "seen", "source": "https://t.me/cvedetector/1763", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42053 - Splashtop Streamer Windows Elevation of Privilege Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42053 \nPublished : July 28, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-28T06:00:21.000000Z"}, {"uuid": "d87c949e-2bf9-4f44-bdc6-443800fec5b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42052", "type": "seen", "source": "https://t.me/HackerArsenal/45", "content": "\u203c\ufe0f CVE-2024-42052 \u203c\ufe0f\n\nThe MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @hackerarsenal", "creation_timestamp": "2024-07-28T13:11:14.000000Z"}, {"uuid": "990413f6-55bf-44a2-8e64-2cd5838488e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42051", "type": "seen", "source": "https://t.me/HackerArsenal/44", "content": "\u203c\ufe0f CVE-2024-42051 \u203c\ufe0f\n\nThe MSI installer for Splashtop Streamer for Windows before 3.6.2.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @hackerarsenal", "creation_timestamp": "2024-07-28T13:11:14.000000Z"}, {"uuid": "50e261e2-3768-4f61-b6e5-96c4d5825495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "exploited", "source": "https://t.me/S_E_Reborn/5254", "content": "\u0417\u043d\u0430\u043a\u043e\u043c\u044c\u0442\u0435\u0441\u044c, Helldown ransomware!\n\n\u041f\u043e\u043f\u0430\u0432\u0448\u0430\u044f \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u043d\u043e\u0432\u0430\u044f \u0431\u0430\u043d\u0434\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0443\u043c\u0435\u043b\u0430 \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 30 \u0436\u0435\u0440\u0442\u0432 \u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Truesec \u0438 Sekoia \u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u043d\u0430\u0443\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0438 \u043d\u0430 0-day \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 Zyxel \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c. \n\n\u0411\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u043e, \u043f\u043e\u043a\u0430 \u0447\u0442\u043e \u0441\u043b\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u0447\u0438\u0441\u043b\u0438\u0442\u044c Helldown \u043a \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u0438\u0433\u0440\u043e\u043a\u0430\u043c \u043d\u0430 \u0440\u044b\u043d\u043a\u0435 ransomware, \u043d\u043e \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0441\u0432\u043e\u0435\u0433\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0431\u0430\u043d\u0434\u0430 \u0441\u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0431\u0440\u0430\u0442\u044c \u043e\u0431\u043e\u0440\u043e\u0442\u044b \u0438 \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u0432\u043e\u0439 DLS.\n\n\u041d\u0430 \u043d\u0430\u0447\u0430\u043b\u043e \u043d\u043e\u044f\u0431\u0440\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0443\u043a\u0430\u0437\u0430\u043b\u0430 31 \u0436\u0435\u0440\u0442\u0432\u0443, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u0442\u043e \u043c\u0430\u043b\u044b\u0435 \u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u0421\u0428\u0410 \u0438 \u0415\u0432\u0440\u043e\u043f\u044b. \u041a\u0430\u043a \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0436\u0435\u0440\u0442\u0432 \u0431\u0430\u043d\u0434\u0430 \u0443\u043a\u0430\u0437\u0430\u043b\u0430 Zyxel Europe.\n\n\u041d\u043e \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0445 \u0447\u0438\u0441\u043b\u043e \u0441\u043e\u043a\u0440\u0430\u0442\u0438\u043b\u043e\u0441\u044c \u0434\u043e 28, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u043e\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0432 \u0430\u0434\u0440\u0435\u0441 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0435\u0440\u0432\u044b\u0445 \u0442\u0440\u0430\u043d\u0448\u0435\u0439 \u0432\u044b\u043a\u0443\u043f\u0430.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 Helldown \u0431\u044b\u043b\u0430 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 Cyfirma\u00a09 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2024 \u0433\u043e\u0434\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d Cyberint\u00a013 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u041e\u0442\u0447\u0435\u0442 \u043e Linux-\u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0435 Helldown, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u043c \u043d\u0430 VMware, \u043f\u043e\u0437\u0436\u0435 31 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 360NetLab.\n\n\u041e\u043d \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0431\u0440\u0430\u0437\u043e\u0432, \u043e\u0434\u043d\u0430\u043a\u043e \u0435\u0433\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u043b\u0438\u0448\u044c \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0435\u0433\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443.\n\n\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a Sekoia, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e Helldown \u0434\u043b\u044f Windows \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430\u00a0\u0441\u043b\u0438\u0442\u044b\u0445 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0430\u0445 LockBit 3 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u0430 \u0441 Darkrace \u0438 Donex.\n\nHelldown \u043d\u0435 \u0442\u0430\u043a \u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0445\u0438\u0449\u0430\u0435\u043c\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043a\u0430\u043a \u0438\u0445 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u043e\u0431\u0440\u0430\u0442\u044c\u044f, \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u0438.\n\n\u0411\u0430\u043d\u0434\u0430 \u0432\u044b\u0432\u0430\u043b\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0432\u043e\u0439 DLS \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u044a\u0435\u043c\u044b \u0434\u0430\u043d\u043d\u044b\u0445, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u0438 431 \u0413\u0411.\n\n\u041e\u0441\u043e\u0431\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u043e\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0439 \u0441\u0443\u0431\u044a\u0435\u043a\u0442 \u043d\u0435 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u044e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u043d\u0435\u0439\u043c\u0438\u043d\u0433\u0430 \u0437\u0430\u043f\u0438\u0441\u043a\u0438 \u043e \u0432\u044b\u043a\u0443\u043f\u0435.\n\n\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u0441\u0440\u0435\u0434\u0438 \u0436\u0435\u0440\u0442\u0432 Zyxel Europe \u043d\u0430\u0441\u0442\u043e\u0440\u043e\u0436\u0438\u043b\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Sekoia, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0436\u0435\u0440\u0442\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0445 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u043d\u0434\u043e\u0440\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 IPSec VPN \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Sekoia \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Truesec\u00a0\u043e\u0442 7 \u043d\u043e\u044f\u0431\u0440\u044f \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435 \u043f\u0440\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 OKSDW82A \u0438 \u0444\u0430\u0439\u043b\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 (zzz1.conf) \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Helldown, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u0431\u0430\u0437\u0435 MIPS, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b Zyxel.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0443 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 SSL VPN \u0441 \u0441\u0435\u0442\u044f\u043c\u0438 \u0436\u0435\u0440\u0442\u0432\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u043c \u0434\u043e\u043c\u0435\u043d\u0430, \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f Sekoia \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 Zyxel \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0439 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 5.38.\n\n\u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0438\u0438 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0444\u0430\u043a\u0442\u043e\u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u0447\u0442\u043e Helldown \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2024-42057 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 IPSec VPN), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u043b\u0438\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 User-Based-PSK.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e Sekoia \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0443\u044e \u043d\u0435\u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Zyxel, \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c\u0438 \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043e\u043d\u0430 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0441 PSIRT \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.\n\nCVE-2024-42057 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f\u00a0\u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0432\u0435\u0440\u0441\u0438\u0438 5.39, \u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u044b, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e Helldown \u0438\u043c\u0435\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c n-day.\n\nSekoia \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043d\u043e\u0432\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438 IoC - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-11-21T07:28:54.000000Z"}, {"uuid": "a06623e2-0221-476d-acc5-c92c820e5f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://t.me/true_secator/6165", "content": "Zyxel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421.\n\nCVE-2024-7261 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS v3 9,8 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0443\u044e \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 cookie \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0441\u0435\u0440\u0438\u0439: NWA (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00), NWA1123-AC PRO (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), NWA1123ACv3, WAC500, WAC500H (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), WAC (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), WAX (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00) \u0438 WBE (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00).\n\nZyxel \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 USG LITE 60AX \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.00(ACIP.2), \u043d\u043e \u044d\u0442\u0430 \u043c\u043e\u0434\u0435\u043b\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u043b\u0430\u043a\u043e\u043c \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.00(ACIP.3), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u043f\u0430\u0442\u0447 \u0434\u043b\u044f CVE-2024-7261.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Zyxel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 APT \u0438 USG FLEX, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-6343, CVE-2024-7203, CVE-2024-42057-CVE-2024-42061.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f\u00a0CVE-2024-42057\u00a0(CVSS v3: 8.1), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044e IPSec VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0441\u043b\u0438 \u0441 Zyxel \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0442\u043e \u0441 D-Link \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u043f\u0440\u0438\u043d\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u043d\u0435\u0442\u0430\u043c \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u0432\u0435\u0441\u0442\u0438. \n\nD-Link \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0447\u0435\u0442\u044b\u0440\u0435\u0445 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 CVE-2024-41622, CVE-2024-44340, CVE-2024-44341 \u0438 CVE-2024-44342, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 DIR-846W, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043e\u043d\u0430 \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043d\u0438\u0447\u0435\u0433\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438, \u0442\u0440\u0438 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c yali-1002, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c\u00a0\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub, \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u0432\u0448\u0438\u0441\u044c \u043f\u043e\u043a\u0430 \u043e\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 PoC.\n\nD-Link \u0445\u043e\u0442\u044f \u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 \u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c, \u043d\u043e \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 EoL \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b Mirai \u0438\u00a0Moobot, \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442 \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0434\u044b \u0432\u0437\u044f\u0442\u044c DIR-846W \u043f\u043e\u0434 \u0441\u0432\u043e\u0435 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0435 \u0438 \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.", "creation_timestamp": "2024-09-04T12:00:00.000000Z"}, {"uuid": "937a09f9-d37d-4316-b91e-42e90a1f1879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42057", "type": "seen", "source": "https://t.me/true_secator/6452", "content": "\u0417\u043d\u0430\u043a\u043e\u043c\u044c\u0442\u0435\u0441\u044c, Helldown ransomware!\n\n\u041f\u043e\u043f\u0430\u0432\u0448\u0430\u044f \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u043d\u043e\u0432\u0430\u044f \u0431\u0430\u043d\u0434\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0443\u043c\u0435\u043b\u0430 \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 30 \u0436\u0435\u0440\u0442\u0432 \u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Truesec \u0438 Sekoia \u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u043d\u0430\u0443\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0438 \u043d\u0430 0-day \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 Zyxel \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c. \n\n\u0411\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u043e, \u043f\u043e\u043a\u0430 \u0447\u0442\u043e \u0441\u043b\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u0447\u0438\u0441\u043b\u0438\u0442\u044c Helldown \u043a \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u0438\u0433\u0440\u043e\u043a\u0430\u043c \u043d\u0430 \u0440\u044b\u043d\u043a\u0435 ransomware, \u043d\u043e \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0441\u0432\u043e\u0435\u0433\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0431\u0430\u043d\u0434\u0430 \u0441\u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0431\u0440\u0430\u0442\u044c \u043e\u0431\u043e\u0440\u043e\u0442\u044b \u0438 \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u0432\u043e\u0439 DLS.\n\n\u041d\u0430 \u043d\u0430\u0447\u0430\u043b\u043e \u043d\u043e\u044f\u0431\u0440\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0443\u043a\u0430\u0437\u0430\u043b\u0430 31 \u0436\u0435\u0440\u0442\u0432\u0443, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u0442\u043e \u043c\u0430\u043b\u044b\u0435 \u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u0421\u0428\u0410 \u0438 \u0415\u0432\u0440\u043e\u043f\u044b. \u041a\u0430\u043a \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0436\u0435\u0440\u0442\u0432 \u0431\u0430\u043d\u0434\u0430 \u0443\u043a\u0430\u0437\u0430\u043b\u0430 Zyxel Europe.\n\n\u041d\u043e \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0445 \u0447\u0438\u0441\u043b\u043e \u0441\u043e\u043a\u0440\u0430\u0442\u0438\u043b\u043e\u0441\u044c \u0434\u043e 28, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u043e\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0432 \u0430\u0434\u0440\u0435\u0441 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0435\u0440\u0432\u044b\u0445 \u0442\u0440\u0430\u043d\u0448\u0435\u0439 \u0432\u044b\u043a\u0443\u043f\u0430.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 Helldown \u0431\u044b\u043b\u0430 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 Cyfirma\u00a09 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2024 \u0433\u043e\u0434\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d Cyberint\u00a013 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u041e\u0442\u0447\u0435\u0442 \u043e Linux-\u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0435 Helldown, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u043c \u043d\u0430 VMware, \u043f\u043e\u0437\u0436\u0435 31 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 360NetLab.\n\n\u041e\u043d \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0431\u0440\u0430\u0437\u043e\u0432, \u043e\u0434\u043d\u0430\u043a\u043e \u0435\u0433\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u043b\u0438\u0448\u044c \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0435\u0433\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443.\n\n\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a Sekoia, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e Helldown \u0434\u043b\u044f Windows \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430\u00a0\u0441\u043b\u0438\u0442\u044b\u0445 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0430\u0445 LockBit 3 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u0430 \u0441 Darkrace \u0438 Donex.\n\nHelldown \u043d\u0435 \u0442\u0430\u043a \u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0445\u0438\u0449\u0430\u0435\u043c\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043a\u0430\u043a \u0438\u0445 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u043e\u0431\u0440\u0430\u0442\u044c\u044f, \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u0438.\n\n\u0411\u0430\u043d\u0434\u0430 \u0432\u044b\u0432\u0430\u043b\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0432\u043e\u0439 DLS \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u044a\u0435\u043c\u044b \u0434\u0430\u043d\u043d\u044b\u0445, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u0438 431 \u0413\u0411.\n\n\u041e\u0441\u043e\u0431\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u043e\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0439 \u0441\u0443\u0431\u044a\u0435\u043a\u0442 \u043d\u0435 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u044e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u043d\u0435\u0439\u043c\u0438\u043d\u0433\u0430 \u0437\u0430\u043f\u0438\u0441\u043a\u0438 \u043e \u0432\u044b\u043a\u0443\u043f\u0435.\n\n\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u0441\u0440\u0435\u0434\u0438 \u0436\u0435\u0440\u0442\u0432 Zyxel Europe \u043d\u0430\u0441\u0442\u043e\u0440\u043e\u0436\u0438\u043b\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Sekoia, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0436\u0435\u0440\u0442\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0445 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u043d\u0434\u043e\u0440\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 IPSec VPN \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Sekoia \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Truesec\u00a0\u043e\u0442 7 \u043d\u043e\u044f\u0431\u0440\u044f \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435 \u043f\u0440\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 OKSDW82A \u0438 \u0444\u0430\u0439\u043b\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 (zzz1.conf) \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Helldown, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u0431\u0430\u0437\u0435 MIPS, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b Zyxel.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0443 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 SSL VPN \u0441 \u0441\u0435\u0442\u044f\u043c\u0438 \u0436\u0435\u0440\u0442\u0432\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u043c \u0434\u043e\u043c\u0435\u043d\u0430, \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f Sekoia \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 Zyxel \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0439 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 5.38.\n\n\u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0438\u0438 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0444\u0430\u043a\u0442\u043e\u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u0447\u0442\u043e Helldown \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2024-42057 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 IPSec VPN), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u043b\u0438\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 User-Based-PSK.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e Sekoia \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0443\u044e \u043d\u0435\u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Zyxel, \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c\u0438 \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043e\u043d\u0430 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0441 PSIRT \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.\n\nCVE-2024-42057 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f\u00a0\u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0432\u0435\u0440\u0441\u0438\u0438 5.39, \u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u044b, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e Helldown \u0438\u043c\u0435\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c n-day.\n\nSekoia \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043d\u043e\u0432\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438 IoC - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-11-20T16:11:46.000000Z"}]}