{"vulnerability": "CVE-2024-49138", "sightings": [{"uuid": "5dad81bb-9c2a-4b18-9780-51d4d58d76d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/113837227205455587", "content": "", "creation_timestamp": "2025-01-16T09:03:57.848045Z"}, {"uuid": "9c7bacdc-2eee-416a-80dd-c16c37aa383d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113629823630772527", "content": "", "creation_timestamp": "2024-12-10T17:58:30.766244Z"}, {"uuid": "a6b4332f-d4e5-4f76-955e-1f4ac5b086b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113630153959612904", "content": "", "creation_timestamp": "2024-12-10T19:22:31.606495Z"}, {"uuid": "b14e1dab-951d-41cd-8834-6f3d1173a924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review", "content": "", "creation_timestamp": "2024-12-10T17:33:56.000000Z"}, {"uuid": "f70e455b-288a-4282-8442-d53ee17cf2ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2868621", "content": "", "creation_timestamp": "2024-12-10T20:51:09.975520Z"}, {"uuid": "611a36b6-d64d-49cd-b45a-78d23f0ddd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113630803572658018", "content": "", "creation_timestamp": "2024-12-10T22:07:43.289453Z"}, {"uuid": "2491e124-ccd1-4a54-a036-4c1169f515d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://www.darkreading.com/application-security/microsoft-zero-day-critical-rces-patch-tuesday", "content": "", "creation_timestamp": "2024-12-10T21:21:02.000000Z"}, {"uuid": "ff1012ef-4961-46b7-a943-88ad80a69a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://krebsonsecurity.com/2024/12/patch-tuesday-december-2024-edition/", "content": "", "creation_timestamp": "2024-12-11T00:53:13.000000Z"}, {"uuid": "cc51a539-4805-410d-9977-a5131b84fceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-12-12T15:10:03.000000Z"}, {"uuid": "9080c6a0-ac3a-4889-bea4-3b98ff52d273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "MISP/2dc418bb-a479-409d-b6ad-ec1299b2c6a2", "content": "", "creation_timestamp": "2024-12-13T16:07:24.000000Z"}, {"uuid": "e66b9a27-7f63-46c3-9f8d-7fa3ffcaed0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3letwslvzlk2b", "content": "", "creation_timestamp": "2025-01-03T15:47:41.420487Z"}, {"uuid": "8a7e0828-e0af-456b-b521-334f6d5c850c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/teemutiainen.bsky.social/post/3lgb5dvngu32k", "content": "", "creation_timestamp": "2025-01-21T15:14:04.595702Z"}, {"uuid": "ff75ca9a-8c5c-49a3-9706-0cd3f434833d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lftx7kehst2l", "content": "", "creation_timestamp": "2025-01-16T09:19:37.853475Z"}, {"uuid": "e617386a-83ce-4555-8644-9cbd68fb2232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lgboz546m32d", "content": "", "creation_timestamp": "2025-01-21T20:30:08.969456Z"}, {"uuid": "3fe62b81-8f10-42a5-8a04-76e98d753cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lgw66stuee2q", "content": "", "creation_timestamp": "2025-01-29T23:55:01.369683Z"}, {"uuid": "bca95057-7476-48a9-86b6-20dda2a9c6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lg5ijuvon22d", "content": "", "creation_timestamp": "2025-01-20T04:23:40.526181Z"}, {"uuid": "e70b8e9c-2bcd-4ac9-bf28-4f106c847518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lg5pz4hnzh22", "content": "", "creation_timestamp": "2025-01-20T06:37:23.783846Z"}, {"uuid": "013d1812-fa4c-4818-97cc-0b61dbcd17a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-49138", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lg5sy446dc2b", "content": "", "creation_timestamp": "2025-01-20T07:30:59.355310Z"}, {"uuid": "f8c14d86-209d-4eac-808a-6550992e608c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://threatintel.cc/2025/01/20/windows-common-log-file-system.html", "content": "", "creation_timestamp": "2025-01-20T11:32:56.000000Z"}, {"uuid": "09b559b3-e871-4e34-8cdd-f7b83efba07b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lg6sammlc22t", "content": "", "creation_timestamp": "2025-01-20T16:50:03.308297Z"}, {"uuid": "73a170e2-529a-42b2-a074-b9c47fb8b7ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3lg74jhzfgc2h", "content": "", "creation_timestamp": "2025-01-20T19:53:59.596068Z"}, {"uuid": "eaa17458-d9dd-4697-9649-58e801665b61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/deepseek.activitypub.awakari.com.ap.brid.gy/post/3lguwvz7v32i2", "content": "", "creation_timestamp": "2025-01-29T12:12:38.623503Z"}, {"uuid": "757f9f51-de0a-43c2-b3ff-a595c53ba297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/mariusavram.bsky.social/post/3lguy64jyk22p", "content": "", "creation_timestamp": "2025-01-29T12:34:35.261839Z"}, {"uuid": "218da7eb-2bcf-4092-ad5b-364b69082910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lhuzzkhcgg2n", "content": "", "creation_timestamp": "2025-02-11T06:33:01.672388Z"}, {"uuid": "7a69fd54-e098-4ecd-86d8-6b8e506279a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/binitamshah.bsky.social/post/3lguvsg5n422h", "content": "", "creation_timestamp": "2025-01-29T11:52:24.887636Z"}, {"uuid": "e256120a-b5fc-4a24-9c5b-aab486b52096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-49138", "type": "seen", "source": "https://infosec.exchange/users/ringzer0/statuses/113976646634105669", "content": "", "creation_timestamp": "2025-02-10T00:00:09.988534Z"}, {"uuid": "8b339859-de35-4134-975d-bf46dc3fcdf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lggad3qvla2c", "content": "", "creation_timestamp": "2025-01-23T15:50:36.989567Z"}, {"uuid": "7115703c-058f-4fba-8c78-1efcafe95178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/hnsec.infosec.exchange.ap.brid.gy/post/3lgulivuey2m2", "content": "", "creation_timestamp": "2025-01-29T08:48:14.528198Z"}, {"uuid": "d97f3040-ac60-4d78-b080-bf9c7a8e8076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnj3ph64w52t", "content": "", "creation_timestamp": "2025-04-23T21:02:25.369215Z"}, {"uuid": "41111426-7aee-49a8-9e4e-eeceb534eab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:02.000000Z"}, {"uuid": "f9a1e62e-685f-4bed-9bd0-032a2f0eface", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://krebsonsecurity.com/2025/04/patch-tuesday-april-2025-edition/", "content": "", "creation_timestamp": "2025-04-09T01:09:36.000000Z"}, {"uuid": "075de6f9-50d4-4c7b-ae5d-35c3e526195f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/2501", "content": "Proof of Concept that exploits CVE-2024-49138 in CLFS.sys.\n\nhttps://github.com/MrAle98/CVE-2024-49138-POC", "creation_timestamp": "2025-01-15T07:23:50.000000Z"}, {"uuid": "3a630ebc-2fa7-42dc-9e7b-5905655938a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1440", "content": "", "creation_timestamp": "2024-12-11T04:00:00.000000Z"}, {"uuid": "06bf6463-5fbc-4386-834d-738748cf3cf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-49138", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0e496f8d-aa9f-4d86-b1ae-2af98f2d9de7", "content": "", "creation_timestamp": "2026-02-02T12:26:18.839923Z"}, {"uuid": "e669f23c-bf4d-4d15-899b-a528cef0f799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "Telegram/b83YqEoSamzTvIv2g9YPtkdIt3N3ryx9DhLHym4P7gSMoa8", "content": "", "creation_timestamp": "2025-06-12T21:00:05.000000Z"}, {"uuid": "b6316ceb-3f8c-4680-9cfe-99f37c03118b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13326", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49138\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2024-12-10T17:49:48.419Z\n\ud83d\udccf Modified: 2025-04-24T18:26:15.535Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138", "creation_timestamp": "2025-04-24T19:06:59.000000Z"}, {"uuid": "ab51a5fa-282e-49d0-a267-562a7355e4e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/2201", "content": "\u26a1Blog posts on CVE-2024-49138\n\nhttps://security.humanativaspa.it/tag/cve-2024-49138/\n\n#CyberBulletin", "creation_timestamp": "2025-01-29T13:14:04.000000Z"}, {"uuid": "6cee7081-f73b-4855-b216-ac50e3ccd108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/787", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49138\n\ud83d\udd39 Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2024-12-10T17:49:48.419Z\n\ud83d\udccf Modified: 2025-01-08T18:54:31.078Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138", "creation_timestamp": "2025-01-08T19:15:22.000000Z"}, {"uuid": "fb60c6f4-fb0d-4eb1-8e3a-2d8e6cc8560e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/239", "content": "POC exploit for CVE-2024-49138 \nhttps://github.com/MrAle98/CVE-2024-49138-POC", "creation_timestamp": "2025-01-15T20:25:47.000000Z"}, {"uuid": "a79e158d-bfa2-4bfc-931b-a42aa9d8a80d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "exploited", "source": "https://t.me/itsec_news/4946", "content": "\u200b\u26a1\ufe0f72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b: Microsoft \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0433\u043e\u0434 \u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u043e\u0442\u0435\n\n\ud83d\udcac \nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 2024 \u0433\u043e\u0434\u0430, \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0432 72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0434\u043d\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 17 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 54 \u0432\u0430\u0436\u043d\u044b\u0445 \u0438 \u043e\u0434\u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0418\u0437 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430, 31 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u0430 27 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-49138 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c CVSS 7.8. \u041e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows Common Log File System (CLFS) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. Microsoft \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 CrowdStrike \u0437\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\nCVE-2024-49138 \u2014 \u043f\u044f\u0442\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 CLFS \u0441 2022 \u0433\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0438\u0442\u0430\u044e\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u0442\u044c \u0432 \u0441\u0435\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.\n\nMicrosoft \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 CLFS, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0445\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u0434\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (HMAC) \u043a \u043b\u043e\u0433-\u0444\u0430\u0439\u043b\u0430\u043c. \u042d\u0442\u0430 \u043c\u0435\u0440\u0430 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u0435\u043c-\u043b\u0438\u0431\u043e, \u043a\u0440\u043e\u043c\u0435 \u0441\u0430\u043c\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 CLFS.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-49112 (CVSS 9.8), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c LDAP, \u0438 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 Windows Hyper-V \u0438 Remote Desktop Client.\n\n\u041d\u0430 \u0444\u043e\u043d\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a Microsoft \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 NTLM, \u0437\u0430\u043c\u0435\u043d\u044f\u044f \u0435\u0433\u043e \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 Kerberos. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 Extended Protection for Authentication (EPA) \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f Exchange Server, AD CS \u0438 LDAP.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c Windows Server 2025 NTLM \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043a\u043b\u044e\u0447\u0451\u043d, \u0430 LDAP \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043a\u0430\u043d\u0430\u043b \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438. \u042d\u0442\u0438 \u0448\u0430\u0433\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u0412 \u043f\u0440\u0435\u0434\u0434\u0432\u0435\u0440\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0433\u043e\u0434\u0430 Microsoft \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 2024-\u044b\u0439, \u0443\u043a\u0440\u0435\u043f\u043b\u044f\u044f \u0437\u0430\u0449\u0438\u0442\u0443 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0438 \u043f\u043e\u0434\u0430\u0432\u0430\u044f \u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u0430\u043a \u0432\u0430\u0436\u043d\u044b \u043f\u0440\u043e\u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0432 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u042d\u0442\u0438\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c, \u0441\u043b\u043e\u0432\u043d\u043e \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u044b\u043c \u043f\u043e\u0434\u0430\u0440\u043a\u043e\u043c, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0434\u0435\u043b\u0430\u0435\u0442 \u0448\u0430\u0433\u0438 \u043a \u0431\u043e\u043b\u0435\u0435 \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u043c\u0443 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u043c\u0443 \u0431\u0443\u0434\u0443\u0449\u0435\u043c\u0443.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-11T17:57:38.000000Z"}, {"uuid": "821ca0a8-8ac7-46df-9bdb-85796c8b32fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/kasperskyb2b/1536", "content": "\ud83d\ude97 \u0414\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0439 Patch Tuesday: \u0432 \u043f\u043e\u0434\u0430\u0440\u043e\u043a \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0431\u043e\u043b\u0438 (\u043d\u043e \u044d\u0442\u043e \u043d\u0435 \u0442\u043e\u0447\u043d\u043e)\n\n\u0412\u0441\u0435\u0433\u043e \u043e\u0434\u0438\u043d \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u2014 Microsoft \u0434\u0430\u0440\u0438\u0442 \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043f\u043e\u0447\u0442\u0438 \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u044b\u0439 \u043c\u0435\u0441\u044f\u0446, \u0437\u0430 \u0447\u0442\u043e \u0438\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0441\u043f\u0430\u0441\u0438\u0431\u043e. \u0412\u0441\u0435\u0433\u043e \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 70 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 16 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, \u0432\u0441\u0435 \u043e\u043d\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE. \u041e\u0431\u0449\u0438\u0439 \u043f\u043e\u0434\u0441\u0447\u0451\u0442 \u0432\u043b\u0438\u044f\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: 30 \u2014 RCE, 27 \u2014 EoP, 5 \u2014 DoS, 7 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0417\u0438\u0440\u043e\u0434\u0435\u0439 CVE-2024-49138 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 EoP \u0432 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u043e\u043c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows CLFS. \u041e \u0442\u043e\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0442\u0430\u043a \u0431\u043e\u0433\u0430\u0442\u0430 \u043d\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0438 \u0443\u0434\u043e\u0431\u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c, \u043c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434. \u041f\u0440\u043e \u0442\u043e, \u0433\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u043d\u043e\u0432\u044b\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439, \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043d\u043e \u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0430\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 CLFS \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0431\u0430\u043d\u0434\u044b ransomware. \n\n\u0421\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u044e\u0442:\n\n\ud83d\udd35\u0442\u0440\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 LDAP, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-49112 \u0441 CVSS 9.8. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0436\u0435 \u043d\u0430\u043a\u043e\u043d\u0435\u0446 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0438 \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u0442\u044c \u0438\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c RPC-\u0432\u044b\u0437\u043e\u0432\u044b \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u0434\u0441\u0435\u0442\u0435\u0439;\n\n\ud83d\udd35RCE \u0432 LSASS, CVE-2024-49126, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c;\n\n\ud83d\udd358 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0430\u0445 remote desktop. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0441\u043b\u043e\u0436\u043d\u0430\u044f, \u043d\u0443\u0436\u043d\u043e \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f race condition, \u043d\u043e CVSS 8.1 \u043d\u0430\u043c\u0435\u043a\u0430\u0435\u0442;\n\n\ud83d\udd35\u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 Hyper-V, CVE-2024-49117\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0441\u043e\u0432\u0435\u0442\u044b @\u041f2\u0422", "creation_timestamp": "2024-12-11T12:26:56.000000Z"}, {"uuid": "d44655d4-61ac-4306-98be-49bcce25bf50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/YouPentest/12149", "content": "\u200aWindows Machine Hacked With CVE-2024-49138 | Letsdefend SOC335 | SOC Training\n\nhttps://www.youtube.com/watch?v=Ct9Nvbfipno", "creation_timestamp": "2025-02-18T08:20:55.000000Z"}, {"uuid": "d586bb36-bb7f-40a5-aefa-5f9c7addf877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/7708", "content": "Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 \u2013 PoC Released \u2013 gbhackers.com\n\nWed, 29 Jan 2025 19:18:44", "creation_timestamp": "2025-01-29T13:04:23.000000Z"}, {"uuid": "0d4a122e-603a-4f82-9a3e-3bd2e104d9cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "exploited", "source": "https://t.me/cibsecurity/81546", "content": "\ud83e\udd85 CISA Adds CVE-2024-49138 to the Known Exploited Vulnerabilities Catalog, Urgency for Microsoft Users \ud83e\udd85\n\n  Overview     The Cybersecurity and Infrastructure Security Agency CISA added a critical vulnerability, CVE202449138, to its Known Exploited Vulnerabilities KEV catalog based on evidence that this flaw is being actively exploited. The vulnerability, identified in the Microsoft Windows Common Log File System CLFS, is a heapbased buffer overflow issue that has the potential to allow attackers to escalate privileges on vulnerable systems. As part of Microsofts Patch Tuesday release, this flaw was patched alongside other critical vulnerabilities.   CVE202449138 is a heapbased buffer overflow vulnerability in the CLFS driver. This driver is used by both usermode and kernelmode software in Windows for generalpurpose logging. This vulnerability affects several versions of Microsoft Windows op...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-12-11T14:17:35.000000Z"}, {"uuid": "d00e3ce9-e515-4b90-a0f2-dc255e65ebe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/ViralCyber/9043", "content": "\ud83d\udd34\u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a 71 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u0631\u0627 \u0647\u0645\u0631\u0627\u0647 \u0628\u0627 \u06cc\u06a9 Zeroday \u062c\u062f\u06cc\u062f Patch \u06a9\u0631\u062f.\n\u25c0\ufe0f\u062e\u0644\u0627\u0635\u0647 Patch\u0647\u0627:\n\ud83d\udd3416 Critical Vulnerabilities: All involve remote code execution.\n\n\ud83d\udd34Vulnerability Categories:\n\u27a1\ufe0f27 Elevation of Privilege\n\u27a1\ufe0f30 Remote Code Execution (RCE)\n\u27a1\ufe0f7 Information Disclosure\n\u27a1\ufe0f5 Denial of Service\n\u27a1\ufe0f1 Spoofing\n\n\ud83d\udd34\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc Zeroday:\n\u27a1\ufe0fCVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability. This zero-day vulnerability enables attackers to gain SYSTEM privileges on Windows devices.\n\n\ud83d\udfe0\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u062f\u0631 Windows Remote Desktop Services\n\u25c0\ufe0f\u062f\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u06a9\u0634\u0641 \u0634\u062f\u0647\u060c \u062a\u0648\u062c\u0647 \u0628\u0647 \u062f\u0648 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc  \u062f\u0631 \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627\u06cc Remote Desktop (RDP) \u0636\u0631\u0648\u0631\u06cc \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u0647\u0627\u06cc CVE-2024-49115 \u0648 CVE-2024-49132 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u0648 \u062f\u0631 \u062f\u0633\u062a\u0647\u200c\u0628\u0646\u062f\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u0646\u062f.\n\u25c0\ufe0f\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-49115: \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE) \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647\u06cc \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\u25c0\ufe0f\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-49132 : \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0631\u062a\u0642\u0627\u0621 \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc (EoP) \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0631 \u0633\u0637\u062d Admin \u0631\u0627 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u067e\u0633 \u0627\u0632 \u0646\u0641\u0648\u0630 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\ud83d\udd34\u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a Patch \u06a9\u0646\u06cc\u062f...\n\n\u2709\ufe0f @PingChannel\n\u062e\u0628\u0631\u060c \u062a\u062d\u0644\u06cc\u0644\u060c \u0627\u0646\u062a\u0642\u0627\u062f - \u0641\u0646\u0627\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a\n\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\u00a0 \ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b", "creation_timestamp": "2024-12-12T08:16:06.000000Z"}, {"uuid": "32354559-40de-4550-8155-aa1f07711178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1461", "content": "POC exploit for CVE-2024-49138\n\nhttps://github.com/MrAle98/CVE-2024-49138-POC\n\n#CyberDilara", "creation_timestamp": "2025-01-18T08:41:18.000000Z"}, {"uuid": "7c61201d-310d-4252-9927-5e0e2fe73b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "exploited", "source": "Telegram/v59aiHRNhahzE7nQOKpBUCjGWjbSuUqURTnaFCL9K103ohR0", "content": "", "creation_timestamp": "2025-01-05T14:35:00.000000Z"}, {"uuid": "41577224-2326-418f-89a5-7839c12c3080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/1538", "content": "Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 \u2013 PoC Released \u2013 gbhackers.com\n\nWed, 29 Jan 2025 19:18:44", "creation_timestamp": "2025-01-29T13:04:23.000000Z"}, {"uuid": "825fb26a-9d17-4357-9c61-d78f0fbc8a22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "Telegram/ybab4rrwLTFKe21KYufyqM6WiY613wAEptp-A4pVi1wAjd8", "content": "", "creation_timestamp": "2025-01-29T13:04:20.000000Z"}, {"uuid": "e2cd42ae-0f9a-49e0-b0f3-bcc7f7100e77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "Telegram/seWBmC0GE2Mik9G0VPAb9YR3z4Ul1s8RlaoE7dKZ82HOhkk", "content": "", "creation_timestamp": "2025-01-15T10:00:06.000000Z"}, {"uuid": "f8881b17-8929-4a12-8b86-c0357bac6ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "Telegram/1cO1lVb7iPn1w4u2xSRrgG7OytKtfetNGs866wyz8Pm55og", "content": "", "creation_timestamp": "2025-04-23T23:00:06.000000Z"}, {"uuid": "37b0bbf8-32a4-487e-a7b4-0d52bf018f07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "Telegram/VtnLkeDXDEims2buWG-T_tsp_YebiQ9-UWho1upVaVztn7Q", "content": "", "creation_timestamp": "2025-01-15T22:00:06.000000Z"}, {"uuid": "e6bdea06-af3d-404d-af8e-cb34f54c31e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/infoinspect/935", "content": "\u267b\ufe0f \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u043a \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e 72 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 (CVE). \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, Office, SharePoint, Edge \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \n\n\ud83d\udc7e \u0421\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows LDAP (CVE-2024-49112). CVE-2024-49138 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Common Log File System (CLFS) Windows. \u0422\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 Microsoft Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-43600, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows Mobile Broadband \u0438 Remote Desktop Services \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b.\n\n\ud83d\udee1 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0438 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a defense-in-depth. \u041f\u0440\u0430\u0432\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows Server 2008 \u0438 2008 R2 \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0441\u0442\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (Extended Security Update) \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043a\u0430\u043d\u0430\u043b \u2705", "creation_timestamp": "2024-12-14T09:12:53.000000Z"}, {"uuid": "e1fee5c6-475a-4357-9e18-9975138b4c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2486", "content": "CVE-2024-49138 \n*\nvulnerability in CLFS.sys\n*\nPOC exploit\n\n#win", "creation_timestamp": "2025-01-16T10:15:27.000000Z"}, {"uuid": "6ac631c7-2943-4dc3-8828-02b7992752f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/358", "content": "https://github.com/MrAle98/CVE-2024-49138-POC\n\nPOC exploit for CVE-2024-49138\n#github #poc", "creation_timestamp": "2025-01-18T10:42:16.000000Z"}, {"uuid": "c855ef6b-4e8b-48ac-bc9d-83882d14026b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/3562", "content": "CVE-2024-49138: Windows LPE in CLFS.sys\n\nPATCHED: Dec 10, 2024\n\nhttps://github.com/MrAle98/CVE-2024-49138-POC", "creation_timestamp": "2025-01-20T18:14:48.000000Z"}, {"uuid": "7195ae4e-20b5-4c38-847f-24a186f90b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "exploited", "source": "https://t.me/true_secator/6530", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f 71 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 1 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e 0-day.\n\n\u0412\u0441\u0435\u0433\u043e \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043f\u0430\u0442\u0447 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 16 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u0432\u0441\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n\n\u041e\u0431\u0449\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c: 27 - EoP, 30 - RCE, 7 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 5 - DoS \u0438 1 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433.\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u043e\u0434\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f 0-day, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-49138 \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 CrowdStrike.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows Common Log \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Windows.\n\n\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0440\u0430\u043d\u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 CLFS \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0431\u0430\u043d\u0434\u0430\u043c\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041f\u043e\u043b\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e Microsoft \u0432 \u043f\u0430\u0442\u0447\u0438 \u0437\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438: Adobe, SAP, Atlassian, Intel, AMD, Schneider Electric, Siemens, Kubernetes, Splunk \u0438 Cobalt Strike.\u00a0\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443 Ivanti\u00a0\u043e\u043f\u044f\u0442\u044c \u043d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0431\u0435\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 CVE \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0422\u0430\u043a\u0436\u0435 \u0440\u0430\u043d\u0435\u0435 \u0441\u0432\u043e\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438: Android Project, Fortinet, SonicWall, Cisco, Zyxel, ASUS, Rockwell, JetBrains, SolarWinds, SailPoint, QNAP \u0438 Veeam.", "creation_timestamp": "2024-12-11T15:00:07.000000Z"}, {"uuid": "fcc21f61-d963-4b61-a1f8-9e60057d0522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "exploited", "source": "https://t.me/thehackernews/6021", "content": "\ud83d\udcbb Microsoft\u2019s final Patch Tuesday of 2024 fixed 72 vulnerabilities, including one actively exploited in the wild: CVE-2024-49138. \n \nEnsure your systems are updated now. \n \n\ud83d\udd17 Read more: https://thehackernews.com/2024/12/microsoft-fixes-72-flaws-including.html", "creation_timestamp": "2024-12-11T08:20:27.000000Z"}, {"uuid": "e9e1fa13-da52-4551-ba9e-2348e1593e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/anti_malware/19392", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u043e\u0434 \u043d\u0438\u043a\u043e\u043c MrAle_98 \u043d\u0430 \u0434\u043d\u044f\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 (proof-of-concept, PoC) \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-49138. \u042d\u0442\u0430 \u0431\u0440\u0435\u0448\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 Windows Common Log File System (CLFS) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 SYSTEM.", "creation_timestamp": "2025-01-20T08:59:22.000000Z"}, {"uuid": "484ae60a-e0f6-4ce5-9784-324288cd19fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/Russian_OSINT/4975", "content": "\ud83e\ude9f \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft \u0437\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2024 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u043a \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e 72 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 (CVE). \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, Office, SharePoint, Edge \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \n\n1\ufe0f\u20e3 \u0421\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows LDAP (CVE-2024-49112) \u2014 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \n\n2\ufe0f\u20e3 CVE-2024-49138 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Common Log File System (CLFS) Windows. \u041f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 7.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS,\n\n\u0422\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 Microsoft Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-43600 (7.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows Mobile Broadband \u0438 Remote Desktop Services \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0438 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a defense-in-depth. \u041f\u0440\u0430\u0432\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows Server 2008 \u0438 2008 R2 \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0441\u0442\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (Extended Security Update) \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 Microsoft Update Catalog \u0438\u043b\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043a\u0430\u0436\u0434\u043e\u043c CVE \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 Microsoft Security Update Guide.\n\n\u041a\u043b\u044e\u0447\u0435\u0432\u044b\u043c \u043c\u043e\u043c\u0435\u043d\u0442\u043e\u043c \u0432 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b \u0430\u043a\u0446\u0435\u043d\u0442 Microsoft \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \u0412 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u043e\u0447\u0438\u0442\u0430\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b CSAF, \u0443\u043f\u0440\u043e\u0449\u0430\u044f \u0430\u043d\u0430\u043b\u0438\u0437 \u0438 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u2b07\ufe0f \u0415\u0441\u043b\u0438 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u043f\u043e CVSS \u2265 8.0, \u0442\u043e \u0438\u0437 72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 20 \u0438\u043c\u0435\u044e\u0442 \u0431\u0430\u043b\u043b 8.0 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, \u0442\u043e \u0435\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 27-30% \u2014 \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0442\u0440\u0435\u0442\u044c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439.\n\n\u270b @Russian_OSINT", "creation_timestamp": "2024-12-11T13:04:52.000000Z"}, {"uuid": "de2ed1be-2cb8-4371-bfa8-82346068541b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11690", "content": "#exploit\n1. CVE-2024-49138:\nLPE in CLFS.sys (Win11 23H2)\n\n2. CVE-2024-44243:\nmacOS SIP bypass through kernel extensions\n\n3. CVE-2025-21385:\nSSRF in MS Purview", "creation_timestamp": "2025-01-16T18:47:30.000000Z"}, {"uuid": "ba087a10-5151-4d89-8ade-6c0fbf7c85db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49138", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/1088", "content": "\u2604\ufe0fCVE-2024-49138 - Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\n\u26a0\ufe0fhttps://github.com/MrAle98/CVE-2024-49138-POC", "creation_timestamp": "2025-01-19T15:25:25.000000Z"}]}