{"vulnerability": "CVE-2024-43468", "sightings": [{"uuid": "28941972-825c-4212-88bb-49c3747d9b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review", "content": "", "creation_timestamp": "2024-10-08T17:54:47.000000Z"}, {"uuid": "97950809-5c2f-40f5-8a87-615ee210f179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lfuyza2tcg22", "content": "", "creation_timestamp": "2025-01-16T19:24:32.924862Z"}, {"uuid": "fb4e15d1-7c52-4053-bd6b-4b5973259c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/synacktiv.com/post/3lfuexxychc27", "content": "", "creation_timestamp": "2025-01-16T13:25:56.716481Z"}, {"uuid": "ad819bc6-bfe7-42cd-a83b-0a1f492cb876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lg6tjqhsh42m", "content": "", "creation_timestamp": "2025-01-20T17:13:03.003675Z"}, {"uuid": "ce66c642-b614-46cd-801f-afcf45428f99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lfvxnmf5s22s", "content": "", "creation_timestamp": "2025-01-17T04:32:55.369074Z"}, {"uuid": "ef59a9a7-c4bb-46d8-9b1e-509ab34005ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lfxprnab4v2x", "content": "", "creation_timestamp": "2025-01-17T21:17:14.073082Z"}, {"uuid": "18f85a32-f212-4cdf-b48d-a9aa964234cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3lg6tytkzic2h", "content": "", "creation_timestamp": "2025-01-20T17:21:29.967936Z"}, {"uuid": "e5564480-1092-4849-9f57-29b5dc26d02c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mewyvinek723", "content": "", "creation_timestamp": "2026-02-16T02:28:48.252165Z"}, {"uuid": "c315be36-a482-4763-9107-54eeff1dd82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lggbvz4pok2m", "content": "", "creation_timestamp": "2025-01-23T16:19:04.896790Z"}, {"uuid": "04b41618-ae85-48e8-ad6a-c044bdbfd55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrjv4h54s72s", "content": "", "creation_timestamp": "2025-06-14T02:17:48.900956Z"}, {"uuid": "7cc34bf3-ce79-4e3f-b703-2bb192d6dd28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/synacktiv.com/post/3lrioi227mc2y", "content": "", "creation_timestamp": "2025-06-13T14:46:25.928878Z"}, {"uuid": "de680e63-9262-414b-8964-116f62f62295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lha6o2plbk2d", "content": "", "creation_timestamp": "2025-02-02T23:30:09.949590Z"}, {"uuid": "f43e772b-e1d0-40b4-aa34-a8fc998f8636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:44.000000Z"}, {"uuid": "4a645601-6c66-423e-8305-e9da46f8889c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/116059164707686851", "content": "", "creation_timestamp": "2026-02-12T18:52:04.717191Z"}, {"uuid": "2d3cec4e-f29d-42cb-aaa0-0aff15763b82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/TheDoctor512.mastodon.social.ap.brid.gy/post/3meqqekyaup22", "content": "", "creation_timestamp": "2026-02-13T14:40:13.364597Z"}, {"uuid": "77358061-5852-468d-b311-b3c3a2b1be27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-43468", "type": "seen", "source": "https://infosec.exchange/users/defendopsdiaries/statuses/116063396265760807", "content": "", "creation_timestamp": "2026-02-13T12:48:07.241818Z"}, {"uuid": "52c013ce-a111-4321-8153-541fdc5e6146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3metda4tlth2i", "content": "", "creation_timestamp": "2026-02-14T15:23:03.730489Z"}, {"uuid": "2050db46-7c55-4ab6-89f3-3abbfe61d2a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mepmntbmpq2r", "content": "", "creation_timestamp": "2026-02-13T04:01:07.811558Z"}, {"uuid": "5e111b63-ef93-4194-becf-d266544df89b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116059677137301631", "content": "", "creation_timestamp": "2026-02-12T21:02:13.940713Z"}, {"uuid": "b3b16bad-cb39-426c-84a6-00baf8d85e82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3meuxpez6hs2w", "content": "", "creation_timestamp": "2026-02-15T07:02:10.827573Z"}, {"uuid": "4185c9cc-2d13-41d0-870d-81a7992ce3ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116063963789366321", "content": "", "creation_timestamp": "2026-02-13T15:12:21.988913Z"}, {"uuid": "1d8b9540-4fc8-4f1d-836a-741cdadeb7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://threatintel.cc/2026/02/13/cisa-flags-critical-microsoft-sccm.html", "content": "", "creation_timestamp": "2026-02-13T14:12:27.000000Z"}, {"uuid": "539e1f8c-2727-49ab-b16c-5985e877452f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3merfr5g2ox2h", "content": "", "creation_timestamp": "2026-02-13T21:03:04.618434Z"}, {"uuid": "ba28d6d0-bba4-4a45-b368-4960a8084677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mepglvcxd22x", "content": "", "creation_timestamp": "2026-02-13T02:12:53.160939Z"}, {"uuid": "44a14030-e710-4b4a-aeb0-a908c31a3083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-43468", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/dd4380ef-ef6f-499f-b4d3-d783d9a30991", "content": "", "creation_timestamp": "2026-02-13T07:17:08.550176Z"}, {"uuid": "989aea11-c06f-479d-9f95-5bcdcaac4aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/5923009", "content": "", "creation_timestamp": "2026-03-04T01:43:58.116967Z"}, {"uuid": "cc2065d9-5fad-46b1-8695-05eace40bda9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3mew4ivvovc2z", "content": "", "creation_timestamp": "2026-02-15T18:00:43.578848Z"}, {"uuid": "3123f2fa-3d61-4a50-b86f-a28913993c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://t.me/itsec_news/5376", "content": "\u200b\u26a1\ufe0fMicrosoft, FortiOS, 7-Zip: \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u0430\u0433\u043e\u0432 \u043f\u0430\u0440\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b\n\n\ud83d\udcac \u0412 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c \u0432\u043e\u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u042d\u0442\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 FortiOS \u0438 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0438\u0441\u0435 FortiProxy, \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 7-Zip.\n\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432 \u0441\u0435\u0442\u0438 Windows Lightweight Directory Access Protocol (LDAP Nightmare)\n\nCVE-2024-49112 (CVSS \u2014 9,8)\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c , \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 DCE/RPC \u043d\u0430 LDAP-\u0441\u0435\u0440\u0432\u0435\u0440 \u0436\u0435\u0440\u0442\u0432\u044b. \u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441 \u0438\u0449\u0435\u0442 \u0432 \u0441\u0435\u0442\u0438 IP-\u0430\u0434\u0440\u0435\u0441 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u0443\u0437\u043b\u0430 (\u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e). \u041f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0436\u0435\u0440\u0442\u0432\u0430 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u043c LDAP, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443. \u041e\u0442\u0432\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 CLDAP \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u0431\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u044b LSASS \u0437\u0430 \u0441\u0447\u0435\u0442 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f. \u041e\u043d, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0441\u0442\u043e\u044f\u043c, \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u0435\u043d \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e Active Directory.\n\n\u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u041f\u041e, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 Microsoft . \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0440 \u0437\u0430\u0449\u0438\u0442\u044b \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c RPC \u0438 LDAP \u0432\u043d\u0435\u0448\u043d\u0435 \u0447\u0435\u0440\u0435\u0437 SSL \u0438 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u0443\u0437\u043b\u0430\u043c\u0438 \u041e\u0421 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0442\u0438\u043f\u0430 Hyper-V NT Kernel Integration VSP\n\nCVE-2025-21333 , CVE-2025-21334 , CVE-2025-21335 (CVSS \u2014 7,8)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Hyper-V NT Kernel Integration, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u0443\u0437\u0434\u0430\u043c\u0438 \u041e\u0421 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0442\u0438\u043f\u0430, \u0442\u0430\u043a\u0438\u043c\u0438 \u043a\u0430\u043a Windows Sandbox \u0438 Microsoft Defender Application Guard. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-21333 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u0443\u0447\u0438, \u0430 CVE-2025-21334 \u0438 CVE-2025-21335 \u2014 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0443\u0440\u043e\u0432\u043d\u044f SYSTEM \u2014 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u0430 \u0443\u0437\u043b\u0430\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u043f\u043e \u0441\u0435\u0442\u0438, \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 OLE\n\nCVE-2025-21298 (CVSS \u2014 9,8)\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 RTF-\u0444\u0430\u0439\u043b. \u041f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0444\u0430\u0439\u043b\u0430 \u0436\u0435\u0440\u0442\u0432\u0430 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0442\u0435\u0440\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 Microsoft Configuration Manager\n\nCVE-2024-43468 (CVSS \u2014 9,8)\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e SQL-\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 (\u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u043e\u0442 \u043b\u0438\u0446\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430, \u0432\u043d\u0435\u0434\u0440\u0438\u0432 \u0432 \u044d\u0442\u043e\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442). \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0431\u0443\u0434\u0443\u0447\u0438 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0437\u043b\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. \u041f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438, \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043b\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Synacktiv \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043f\u0440\u0438\u0431\u0435\u0433\u043d\u0443\u0442\u044c \u043a \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u0430\u043f\u043a\u0438 C:\\Program Files\\SMS_CCM\\Logs\\MP_Location.log \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0435 \u0434\u043b\u044f UpdateSFRequest, XML-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 getMachineID().\n\n\u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u0445 Microsoft: CVE-2024-49112 , CVE-2025-21333 , CVE-2025-21334 , CVE-2025-21335 , CVE-2024-43468 , CVE-2025-21298 .\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-02-11T15:33:56.000000Z"}, {"uuid": "3e2d8c82-9755-44f5-b6e6-934ff13afb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1390", "content": "", "creation_timestamp": "2024-10-09T04:00:00.000000Z"}, {"uuid": "b94cdb57-85ac-4f04-967b-42cfde981d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://vulnerability.circl.lu/comment/aea0fc6c-fa3d-4e98-aef1-a25b364fb2fe", "content": "", "creation_timestamp": "2025-01-21T15:32:07.384792Z"}, {"uuid": "00a22c4a-7df4-4f21-8954-a4c141b56567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/776", "content": "#pentest\n\nCVE-2024-43468 (CVSS 9.8)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0418\u0422-\u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 Microsoft Configuration Manager, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0437\u0430\u043f\u0440\u043e\u0441\u0430 SQL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434\n\n\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0435\u043c \u0441\u043a\u0440\u0438\u043f\u0442, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2025-01-23T06:24:56.000000Z"}, {"uuid": "8393b9d0-b7ca-467b-a703-99bb112c0b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/4336", "content": "\ud83d\udeab CVE-2024-43468 : Microsoft Configuration Manager Remote Code Execution Vulnerability \n\n\ud83d\udd25PoC:https://github.com/synacktiv/CVE-2024-43468 \n \n\ud83d\udcccDorks \nHUNTER :http://product.name=\"Microsoft Configuration Manager Remote Control service\"\n \n\u25b6\ufe0fRefer:https://securityonline.info/cve-2024-43468-cvss-9-8-microsoft-configuration-manager-exploit-revealed-with-poc-code/ \nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468\n \n#Microsoft #infosec #infosecurity #OSINT #Vulnerability", "creation_timestamp": "2025-02-28T08:22:48.000000Z"}, {"uuid": "29bb1e61-b57f-42d1-92ab-eec594588dda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11694", "content": "#exploit\n1. CVE-2025-0282:\nIvanti Connect Secure IFT TLS Stack Overflow pre-auth RCE\n\n2. CVE-2024-43468:\nMS Configuration Manager (ConfigMgr/SCCM) 2403 Unauthenticated SQLi", "creation_timestamp": "2025-01-17T19:25:19.000000Z"}, {"uuid": "48e526a2-8368-41de-a961-8ecb13f84ee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "seen", "source": "https://t.me/kasperskyb2b/1444", "content": "\ud83d\udcbb \u041e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 Patch Tuesday: 5 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432 \u0438 118 CVE\n\n\u0420\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 118 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u0432\u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u043c\u0438 \u0437\u0438\u0440\u043e\u0434\u0435\u044f\u043c\u0438, \u0430 \u0435\u0449\u0451 \u0442\u0440\u0438 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u044b \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 PoC. 43 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 28 \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 26 \u2014 DoS, \u043f\u043e 7 \u2014 spoofing \u0438 \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.  \u0422\u043e\u043b\u044c\u043a\u043e \u0442\u0440\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u0418\u0437 \u043f\u044f\u0442\u0438 0days, \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b: \nCVE-2024-43572 (CVSS 7.8), RCE \u0432 Microsoft Management Console (MMC). \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0443 \u043d\u0443\u0436\u043d\u043e \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 MSC-\u0444\u0430\u0439\u043b. \n\u0422\u0430\u043a\u0436\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043d\u043e\u0432\u0430 \u043d\u0430\u0448\u043b\u0438 \u0434\u044b\u0440\u043a\u0443 \u0432 \u0442\u044f\u0436\u0451\u043b\u043e\u043c \u043d\u0430\u0441\u043b\u0435\u0434\u0438\u0438 IE \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 CVE-2024-43573 (CVSS 6.5, Windows MSHTML Platform Spoofing). Microsoft \u043d\u0435 \u0434\u0430\u0451\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0442\u043e \u0438 \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043d\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0443\u0447\u0438\u043b\u0438\u0441\u044c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0433\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u0430, \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443.\n\n\u0415\u0449\u0451 \u043e\u0434\u0438\u043d \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c\u0443 \u0434\u0435\u0444\u0435\u043a\u0442\u0443 curl, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0432 \u0438\u044e\u043b\u0435 (CVE-2024-6197, CVSS 8.8). \u0413\u0434\u0435 \u0438 \u043a\u043e\u0433\u0434\u0430 \u0440\u0430\u0437\u0433\u043b\u0430\u0441\u0438\u043b\u0438 \u0434\u0432\u0435 \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, Microsoft \u043d\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u0435\u0442. \nCVE-2024-43583, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e system \u043f\u0440\u044f\u043c\u043e \u043d\u0430 \u044d\u043a\u0440\u0430\u043d\u0435 \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0442\u0447, \u043d\u043e \u0438 \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u043c\u0435\u0442\u043e\u0434\u044b \u0432\u0432\u043e\u0434\u0430 Microsoft \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 (KB5046254).\n\u041f\u0440\u043e CVE-2024-20659 \u043c\u044b, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0435\u0449\u0451 \u0443\u0441\u043b\u044b\u0448\u0438\u043c \u043d\u0430 \u0418\u0411-\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f\u0445, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 UEFI, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440 \u0438 \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u0435 \u044f\u0434\u0440\u043e. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u0436\u043d\u044b \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u043e \u043f\u0440\u043e BlackLotus \u0442\u043e\u0436\u0435 \u0447\u0442\u043e-\u0442\u043e \u0442\u0430\u043a\u043e\u0435 \u043f\u043e\u043d\u0430\u0447\u0430\u043b\u0443 \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438. \n\n\u0418\u0437 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0435 \u044f\u0432\u043b\u044f\u044e\u0449\u0438\u0445\u0441\u044f \u0437\u0438\u0440\u043e\u0434\u0435\u044f\u043c\u0438, \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 CVE-2024-43468, RCE \u0432 Microsoft Configuration Manager \u0441 CVSS 9.8. \u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043e\u0442 \u0430\u0442\u0430\u043a \u043f\u043e \u0441\u0435\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0434\u0430\u0436\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043d\u0443\u0436\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438, \u0430 \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u2014 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u043e\u0432\u0435\u0442\u044b \u043f\u043e \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438 \u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u0443\u044e \u0443\u0447\u0451\u0442\u043a\u0443 \u0441 Computer \u043d\u0430 \u043a\u0430\u043a\u0443\u044e-\u0442\u043e \u0434\u0440\u0443\u0433\u0443\u044e.\n\n\u0422\u0430\u043a\u0436\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0431\u0443\u043a\u0435\u0442 \u0438\u0437 12 RCE \u0432  Windows Routing and Remote Access Service (RRAS) (CVE-2024-38212 \u0438 \u0434\u0440.), CVE-2024-43582 \u0432 Remote Desktop Protocol Server \u0438 \u043f\u0430\u0440\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 Windows Remote Desktop Client (CVE-2024-43533, CVE-2024-43599).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-10-09T10:21:15.000000Z"}, {"uuid": "0e5de5fd-b83f-42f8-908a-92861f3f5a0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "published-proof-of-concept", "source": "https://t.me/is_n3ws/55", "content": "CVE-2024-43468 SCCM SQL Injection Exploit \n(mTLS from MacOS Keystore version)\n\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043c\u043d\u043e\u0433\u0438\u0435 \u043f\u043e\u043a\u043e\u0432\u044b\u0440\u044f\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0434 SCCM.\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0442\u0430\u043c \u0435\u0441\u0442\u044c \u043d\u044e\u0430\u043d\u0441. \u0415\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u044f, \u0430 \u043f\u0440\u043e\u0434, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0443 \u0432\u0430\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f mTLS \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u043c\u0438 \u0441\u0435\u0440\u0442\u0430\u043c\u0438. \n\n\u0410\u0432\u0442\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u043f\u0443\u0442\u044c \u0434\u043e \u043a\u043b\u044e\u0447\u0430 \u0438 \u0441\u0435\u0440\u0442\u0430 \u0444\u0430\u0439\u043b\u043e\u043c. \u041d\u043e \u043d\u0435 \u0442\u0430\u043a \u0442\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u0434\u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c \u0438\u0437 \u043a\u0435\u0439\u0447\u0435\u0439\u043d\u0430 \u043a\u043b\u044e\u0447, \u0430 \u0435\u0441\u043b\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0432 MacOS, \u043e\u043d \u0442\u0443\u0434\u0430 \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0441 \u0444\u043b\u0430\u0433\u043e\u043c -x \u0442\u043e \u0438 \u0435\u0433\u043e \u0438 \u043d\u0435 \u0434\u043e\u0441\u0442\u0430\u043d\u0435\u0448\u044c. \u041d\u043e \u0437\u0430\u0447\u0435\u043c \u0435\u0433\u043e \u0432\u043e\u043e\u0431\u0449\u0435 \u0434\u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c \u043e\u0442\u0442\u0443\u0434\u0430?... \u0414\u0430\u0432\u0430\u0439\u0442\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u0448\u0442\u0430\u0442\u043d\u043e \u0437\u0430\u044e\u0437\u0430\u0435\u043c \u043f\u0440\u0438 \u0445\u0435\u043d\u0434\u0448\u0435\u0439\u043a\u0435 mTLS.\n\nTLDR - \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u0441 Python \u043d\u0430 GoLang \u0441 mTLS \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0435\u0440\u0442\u043e\u0432 MacOS KeyChain + \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 SOCKS, \u0447\u0442\u043e\u0431\u044b \u0432\u044b \u043d\u0435 \u043f\u0430\u0440\u0438\u043b\u0438\u0441\u044c \u0441 \u0434\u0435\u0431\u0430\u0433\u043e\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c proxychains + \u043c\u043d\u043e\u0433\u043e \u0434\u0435\u0431\u0430\u0436\u043d\u043e\u0433\u043e \u0430\u0443\u0442\u043f\u0443\u0442\u0430.\n\nPS:\n\u0410, \u0434\u0430 \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u043f\u0438\u0442\u043e\u043d\u044f\u0447\u0438\u0439 \u0441\u043a\u0440\u0438\u043f\u0442\u0435\u0446 get_cert_name.py \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 MacOS \u0443\u0434\u043e\u0431\u043d\u043e \u0437\u0430\u043b\u0438\u0441\u0442\u0438\u0442\u044c \u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u043f\u043e\u0434 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0443\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0441\u0435\u0440\u0442\u044b. \n\n\u0410 \u044f \u0442\u0435\u0441\u0442\u0438\u043b \u043a\u0430\u043a\u043e\u0439 \u0441\u0435\u0440\u0442 \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u0432 Firefox \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044f\u0441\u044c \u043a https \u043d\u0430 SCCM.", "creation_timestamp": "2025-01-17T13:39:41.000000Z"}, {"uuid": "6683f8fa-7fbb-4b5a-9585-a45824620fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "published-proof-of-concept", "source": "Telegram/SFbizCI1HR_3r7JtPdd678d16a-iSOkLNYQlXhHYNjQfZSw", "content": "", "creation_timestamp": "2025-01-17T16:00:09.000000Z"}, {"uuid": "e1acaded-5129-4984-a7b6-777e0d6ddbfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1571", "content": "CVE-2024-43468: ConfigMgr/SCCM 2403 Unauth SQLi to RCE\n\nPATCHED: Oct 8, 2024\n\nExploit: https://github.com/synacktiv/CVE-2024-43468\n\nBlog: https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections\n\n#git #exploit #ad #rce #sccm #pentest #redteam", "creation_timestamp": "2025-01-16T23:15:51.000000Z"}, {"uuid": "d72c8c66-88a0-4973-ad88-bb5d33c503f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43468", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/372", "content": "https://github.com/synacktiv/CVE-2024-43468\n\nMicrosoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468) exploit\n#github #exploit", "creation_timestamp": "2025-01-21T16:27:21.000000Z"}]}