{"vulnerability": "CVE-2024-8190", "sightings": [{"uuid": "5d690657-386e-4683-b4f7-845d5fb1a5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-8190", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-21T08:30:38.018179Z"}, {"uuid": "efd12431-ccdd-45b7-8122-3db1ab024d5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "e3517963-9214-466a-be39-9e93894cb552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-09-20T18:10:03.000000Z"}, {"uuid": "a401371b-512e-4b97-85f7-66fe92953c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/mortyjin.bsky.social/post/3lfcduk7jpk2u", "content": "", "creation_timestamp": "2025-01-09T09:18:13.054030Z"}, {"uuid": "1c378d49-d968-43cb-90b2-22743e2dab66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/mortyjin.bsky.social/post/3lfcdvmg52k2u", "content": "", "creation_timestamp": "2025-01-09T09:18:53.621352Z"}, {"uuid": "deea2818-4d53-4836-ad08-d118a12b113a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgfg6rd6qb2l", "content": "", "creation_timestamp": "2025-01-23T08:02:53.505452Z"}, {"uuid": "86b37b43-6c0e-49e9-9b29-72953fa02ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/socprime.com/post/3lggbmc7dc72t", "content": "", "creation_timestamp": "2025-01-23T16:13:39.203756Z"}, {"uuid": "004963e3-3fd8-4164-9a96-7fb21bac386d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-221000f4-25831e62bfee571d", "content": "", "creation_timestamp": "2025-07-05T14:25:38.744022Z"}, {"uuid": "88e2b47a-41e9-46f8-9f17-604c0ee865cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lggeheeneu2x", "content": "", "creation_timestamp": "2025-01-23T17:04:33.916454Z"}, {"uuid": "ce0d0b93-5e89-48c1-a78e-d558778ecd93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c465dbc4-89f3589511bbf4fb", "content": "", "creation_timestamp": "2025-02-11T15:06:58.118647Z"}, {"uuid": "bc1d5366-4480-45ea-86b6-d44e33c43585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}, {"uuid": "a7e3d85f-1988-4c12-a7d5-ab06f9a251c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://threatintel.cc/2025/01/23/threat-actors-chained-vulnerabilities-in.html", "content": "", "creation_timestamp": "2025-01-23T13:22:01.000000Z"}, {"uuid": "1401fd8a-6ed4-4fbe-8c4a-0e74d0f326e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113873414203572986", "content": "", "creation_timestamp": "2025-01-22T18:26:48.341478Z"}, {"uuid": "a3c0fa11-c1ae-4ebb-8546-11030f3d95e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lgeaatupu22x", "content": "", "creation_timestamp": "2025-01-22T20:44:01.116312Z"}, {"uuid": "480a2172-c92a-429b-8eea-f3c936e65bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ltf7dqpbtc2x", "content": "", "creation_timestamp": "2025-07-07T16:27:59.821030Z"}, {"uuid": "12ccee2b-1119-49e6-b94c-26b1ef05eefb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ltf7dtqcd22x", "content": "", "creation_timestamp": "2025-07-07T16:28:00.389281Z"}, {"uuid": "ef7b825c-317b-4b56-b9a5-3f9f447ac377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ltf7dtqebk2x", "content": "", "creation_timestamp": "2025-07-07T16:28:00.910650Z"}, {"uuid": "1c7422f4-15cb-4983-a68e-82d0e2ab7289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "MISP/c4ff8fa3-9860-48da-a74a-f087aa0a76dd", "content": "", "creation_timestamp": "2025-07-03T14:24:32.000000Z"}, {"uuid": "8d6abb70-0c5f-4d28-884d-cbcc6d1e5288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lt4gvohkok2q", "content": "", "creation_timestamp": "2025-07-04T04:49:18.550374Z"}, {"uuid": "3d344279-2bbe-45c5-9a53-db3c731be8f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "MISP/c4ff8fa3-9860-48da-a74a-f087aa0a76dd", "content": "", "creation_timestamp": "2025-07-04T05:01:05.000000Z"}, {"uuid": "a0e31eb1-1bdc-4453-bd61-44e6636f16d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lt53j2icj22h", "content": "", "creation_timestamp": "2025-07-04T10:58:01.494844Z"}, {"uuid": "92c4effc-0b1f-467d-ac22-6955215cb9c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "MISP/27727c35-f389-4626-aa10-c80dcedac9a5", "content": "", "creation_timestamp": "2025-09-01T18:42:49.000000Z"}, {"uuid": "35219ae3-0383-41e4-ac61-a9c9698e9566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lt2omk6vat2d", "content": "", "creation_timestamp": "2025-07-03T12:01:59.793449Z"}, {"uuid": "81c62e5b-3911-4173-b425-b95719655a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/3651b195-292d-4150-b4a3-186bbc6fa128", "content": "", "creation_timestamp": "2024-10-21T08:27:33.229801Z"}, {"uuid": "9223a0bb-3548-4abe-b2d2-2e1fbc982ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/11268897-8798-4ec2-bcac-b23fe0715823", "content": "", "creation_timestamp": "2025-03-11T20:37:58.600981Z"}, {"uuid": "22695170-9f51-4876-80ff-1c96448a6e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bd1f7e06-4107-433a-9fa6-fbf3db5cfa34", "content": "", "creation_timestamp": "2025-01-24T12:55:48.457634Z"}, {"uuid": "76635d9a-93cc-4200-a061-179a7be0edff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/388", "content": "https://github.com/horizon3ai/CVE-2024-8190\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Command Injection\n#github #exploit", "creation_timestamp": "2024-09-17T23:21:42.000000Z"}, {"uuid": "a6e44a16-2082-4b55-820c-1b346053ec79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2c520710-e341-474e-9210-34502993e761", "content": "", "creation_timestamp": "2026-02-02T12:25:28.458742Z"}, {"uuid": "75cd5557-0ba1-4c11-b1c6-0e7af1e50bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6a363d91-a185-4437-93b3-1545e65af4e7", "content": "", "creation_timestamp": "2026-02-02T12:26:29.245367Z"}, {"uuid": "de0f924a-809f-4798-ad4e-7d190a738954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/13347", "content": "\u200aCVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability\n\nhttps://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/", "creation_timestamp": "2024-09-18T09:07:10.000000Z"}, {"uuid": "c337643d-048c-4f09-84b3-e15867eff3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/4723", "content": "\u200b\u26a1\ufe0fCVE-2024-8190: \u043a\u0430\u043a Ivanti \u0443\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0437 \u0440\u0443\u043a 0day\n\n\ud83d\udcac 10 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435 \u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u0430\u0441\u0430\u044e\u0449\u0435\u0435\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Cloud Service Appliance (CSA). \u041e\u0448\u0438\u0431\u043a\u0430 \u043d\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u0432\u0437\u0433\u043b\u044f\u0434 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430, \u0442\u0430\u043a \u043a\u0430\u043a, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Ivanti, \u043e\u043d\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041e\u0434\u043d\u0430\u043a\u043e \u0443\u0436\u0435 13 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 CISA KEV, \u0447\u0442\u043e \u0432\u044b\u0437\u0432\u0430\u043b\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 Horizon3.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2024-8190 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.2) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 Cloud Service Appliance \u0432\u0435\u0440\u0441\u0438\u0439 4.6 Patch 518 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445. \u041e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443. \u0412 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445, \u0433\u0434\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u043a \u0434\u0432\u0443\u043c \u0441\u0435\u0442\u044f\u043c, \u0441 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c \u043d\u0430 ETH-0, \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442\u0441\u044f.\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043d\u0443\u0442\u0430 \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044e \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u0443\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e Cloud Service Appliance \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 PHP-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441, \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 PHP. \u041e\u0434\u043d\u0438\u043c \u0438\u0437 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u043c\u043e\u043c\u0435\u043d\u0442\u043e\u0432 \u0441\u0442\u0430\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 handleDateTimeSubmit, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 TIMEZONE. \u0412 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u044f \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0435 /datetime.php, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u0447\u0435\u0440\u0435\u0437 \u00ab\u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439\u00bb \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0441 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0432 \u0438\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043f\u0430\u0440\u043e\u043b\u044c, \u0447\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u0440\u0438\u0441\u043a \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043d\u0435 \u0441\u043e\u0431\u043b\u044e\u0434\u0430\u044e\u0449\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435.\n\nIvanti \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c ETH-0 \u043a\u0430\u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441, \u0438 \u0442\u0435\u0441\u0442\u044b \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0434\u043e\u0441\u0442\u0443\u043f \u0447\u0435\u0440\u0435\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b (ETH-1) \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043e\u0448\u0438\u0431\u043a\u0435 403 Forbidden, \u0447\u0442\u043e \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043e\u0442 \u0430\u0442\u0430\u043a \u0438\u0437\u0432\u043d\u0435. \u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e \u043f\u0435\u0440\u0435\u043f\u0443\u0442\u0430\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u0438\u043b\u0438 \u043d\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043b\u0438 \u0438\u0445 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0440\u0438\u0441\u043a\u0443 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043d\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u0432\u043e\u0434\u0430 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0439 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043f\u0430\u0440\u043e\u043b\u044f, \u0447\u0442\u043e \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438 \u0441\u043b\u0430\u0431\u043e\u043c \u043f\u0430\u0440\u043e\u043b\u0435. \u0425\u043e\u0442\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 admin, \u043f\u0440\u0438 \u043f\u0435\u0440\u0432\u043e\u043c \u0432\u0445\u043e\u0434\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0438\u0445 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043b\u0438\u0431\u043e \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u044b \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043b\u0438\u0431\u043e \u0438\u043c\u0435\u043b\u0438 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u0447\u0442\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043b\u043e\u0433\u0430\u0445, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u043d\u0435\u0443\u0434\u0430\u0447\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u0445\u043e\u0434\u0430 \u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u0443\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043b\u043e\u0433\u0438 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0442\u0430\u043a\u0438\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-09-18T15:48:15.000000Z"}, {"uuid": "26d6663a-9fa9-41b4-b277-e4d634af7d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/16816", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCombining CVE-2024-8963 & CVE-2024-8190 - For Unauthenticated RCE on Ivanti CSA 4.6 and below \nURL\uff1ahttps://github.com/flyingllama87/CVE-2024-8190-unauth\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-04T11:39:26.000000Z"}, {"uuid": "734c33ae-d65e-4f65-b4de-79f9125f3983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8541", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-8190: Ivanti Cloud Service Appliance Command Injection\nURL\uff1ahttps://github.com/horizon3ai/CVE-2024-8190\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-16T15:49:05.000000Z"}, {"uuid": "54329231-6e3e-4665-a7db-f2a7f681de43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/itsec_news/5218", "content": "\u200b\u26a1\ufe0f\u0412\u0437\u043b\u043e\u043c Ivanti: \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0448\u043b\u0438 \u0441\u043b\u0430\u0431\u043e\u0435 \u0437\u0432\u0435\u043d\u043e \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445\n\n\ud83d\udcac CISA \u0438 \u0424\u0411\u0420 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0434\u0432\u0443\u0445 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0446\u0435\u043f\u043e\u0447\u0435\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti CSA. \u0411\u044b\u043b\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IOC) \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u0432 \u0445\u043e\u0434\u0435 \u043b\u0438\u043a\u0432\u0438\u0434\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0430\u0442\u0430\u043a.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u043c\u0435\u0442\u043e\u0434\u044b \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f (Lateral Movement) \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-8963 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.4), CVE-2024-9379 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 6.5), CVE-2024-8190 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.2) \u0438 CVE-2024-9380 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.2) \u0441\u0442\u0430\u043b\u0438 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u043e\u0432. \u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0430\u0442\u0430\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-8963, CVE-2024-8190 \u0438 CVE-2024-9380, \u0430 \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u2014 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044f CVE-2024-8963 \u0438 CVE-2024-9379. \u0412 \u0440\u044f\u0434\u0435 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043b\u0438 \u043d\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432\u043d\u0443\u0442\u0440\u0438 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Ivanti CSA 4.6x \u0434\u043e 519, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 5.0.1 \u0438 \u043d\u0438\u0436\u0435. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u044f 4.6 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0451 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439. \u041e\u0434\u043d\u0430\u043a\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 CSA 5.0 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c.\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u044b \u0445\u0430\u043a\u0435\u0440\u043e\u0432. \u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u043b \u0430\u0442\u0430\u043a\u0443. \u0412 \u0434\u0440\u0443\u0433\u043e\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432. \u0412 \u0442\u0440\u0435\u0442\u044c\u0435\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0441\u0442\u0440\u043e \u0432\u044b\u044f\u0432\u0438\u0442\u044c \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Obelisk \u0438 GoGo Scanner.\n\n\u0412\u043e \u0432\u0441\u0435\u0445 \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u0445 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u043d\u0430 \u0447\u0438\u0441\u0442\u044b\u0435 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438. \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u0433\u0438 \u0438 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0441\u043b\u0435\u0434\u043e\u0432 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u043a\u0430\u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435.\n\nMandiant \u0441\u0432\u044f\u0437\u0430\u043b\u0430 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT -\u0433\u0440\u0443\u043f\u043f\u043e\u0439 UNC5221, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0430\u043d\u0435\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure. \u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0431\u044d\u043a\u0434\u043e\u0440 Zipline, \u0434\u0440\u043e\u043f\u043f\u0435\u0440 Thinspool, \u0432\u0435\u0431-\u0448\u0435\u043b\u043b Lightwire \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Warpwire. \u0422\u0430\u043a\u0436\u0435 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f PySoxy \u0438 BusyBox \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-01-24T10:31:22.000000Z"}, {"uuid": "c179581d-9168-4df4-a83b-e8d0adf97088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/itsec_news/5811", "content": "\u200b\u26a1\ufe0fVShell? \u0421\u043a\u043e\u0440\u0435\u0435 \u0443\u0436 VHell: \u043d\u043e\u0432\u044b\u0439 \u043a\u043e\u0448\u043c\u0430\u0440 \u0434\u043b\u044f Linux \u043e\u0442 UNC5174\n\n\ud83d\udcac \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f \u043a\u0438\u0431\u0435\u0440\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 UNC5174, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Uteus \u0438\u043b\u0438 Uetus, \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 Linux-\u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 SNOWLIGHT \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 VShell \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c. \u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Sysdig, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u043f\u0440\u0438\u0431\u0435\u0433\u0430\u044e\u0442 \u043a \u0442\u0430\u043a\u0438\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437 \u0441\u043e\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0438, \u043d\u043e \u0438 \u0447\u0442\u043e\u0431\u044b \u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0434 \u043c\u0435\u043d\u0435\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438 \u043c\u0430\u043b\u043e\u043a\u043e\u043c\u043f\u0435\u0442\u0435\u043d\u0442\u043d\u044b\u0445 \u043d\u0430\u043f\u0430\u0434\u0430\u044e\u0449\u0438\u0445.\n\n\u0413\u0440\u0443\u043f\u043f\u0443 UNC5174 \u0440\u0430\u043d\u0435\u0435 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u043b\u0438 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c, \u0438 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u0433\u043e\u0434\u0430 \u043e\u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u043b\u0430 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f. \u041e\u0434\u043d\u0430\u043a\u043e \u043d\u043e\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430\u0441\u044c, \u043f\u0440\u0438\u0447\u0451\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u0435\u043a\u0442\u043e\u0440\u0430\u043c\u0438 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u044e\u0442 Connectwise ScreenConnect \u0438 F5 BIG-IP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 ELF-\u0444\u0430\u0439\u043b SNOWLIGHT, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 C. \u042d\u0442\u043e\u0442 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u0443\u044e\u0449\u0435\u0433\u043e \u043c\u043e\u0434\u0443\u043b\u044f GOHEAVY \u043d\u0430 Go, \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u0441 C2-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0447\u0435\u0440\u0435\u0437 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 SUPERSHELL.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 GOREVERSE \u2014 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0439 \u0448\u0435\u043b\u043b \u043d\u0430 Go, \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 SSH. \u0424\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u043e\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 ANSSI \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u0441\u0445\u043e\u0436\u0443\u044e \u0441 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438 UNC5174, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0432 Ivanti Cloud Service Appliance. \u0421\u0440\u0435\u0434\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044e\u0442\u0441\u044f CVE-2024-8963 , CVE-2024-9380 \u0438 CVE-2024-8190 , \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041e\u0431\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u2014 SNOWLIGHT \u0438 VShell \u2014 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 Linux, \u043d\u043e \u0438 \u043d\u0430 macOS. VShell \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Cloudflare \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u0442\u0430\u043a\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438\u0441\u044c \u043d\u0430 VirusTotal \u0438\u0437 \u041a\u0438\u0442\u0430\u044f \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0435\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0432\u044f\u0437\u043a\u0438.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u0430\u0442\u0430\u043a\u0438, \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430, SNOWLIGHT \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b \u0440\u043e\u043b\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0434\u043b\u044f VShell \u2014 RAT-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u0431\u0435\u0437 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u0438\u0441\u043a, \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u0442\u043e \u0443\u0441\u043b\u043e\u0436\u043d\u044f\u0435\u0442 \u0435\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c\u0438. \u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u0435\u043a\u0442\u043e\u0440 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e bash-\u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u00abdownload_backd.sh\u00bb, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0434\u0432\u0430 \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430: \u00abdnsloger\u00bb (SNOWLIGHT) \u0438 \u00absystem_worker\u00bb (\u043c\u043e\u0434\u0443\u043b\u044c Sliver), \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0437\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u0441\u0442\u0432\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0441\u0432\u044f\u0437\u044c \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041d\u0430 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u0430\u0442\u0430\u043a\u0438 SNOWLIGHT \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043b \u0437\u0430\u043f\u0440\u043e\u0441 \u043a C2-\u0441\u0435\u0440\u0432\u0435\u0440\u0443, \u043f\u043e\u043b\u0443\u0447\u0430\u044f VShell. \u042d\u0442\u043e\u0442 RAT \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u043e\u0439. \u041e\u0441\u043e\u0431\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u044b\u0435 \u0442\u0430\u043a\u0442\u0438\u043a\u0438: \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 WebSocket-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u0438 \u043f\u043e\u043b\u043d\u043e\u0435 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0441\u043b\u0435\u0434\u043e\u0432 \u043d\u0430 \u0434\u0438\u0441\u043a\u0435.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f TeamT5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0445\u043e\u0436\u0435\u0439 \u0430\u0442\u0430\u043a\u0435, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u0433\u0434\u0435 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Ivanti \u0431\u044b\u043b\u0438 \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b SPAWNCHIMERA. \u041f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b \u043f\u043e\u043f\u0430\u043b\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u0437 20 \u0441\u0442\u0440\u0430\u043d, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0410\u0432\u0441\u0442\u0440\u0438\u044e, \u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u044e, \u0424\u0440\u0430\u043d\u0446\u0438\u044e, \u042f\u043f\u043e\u043d\u0438\u044e, \u042e\u0436\u043d\u0443\u044e \u041a\u043e\u0440\u0435\u044e, \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440, \u041e\u0410\u042d, \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044e \u0438 \u0421\u0428\u0410.\n\n\u041d\u0430 \u0444\u043e\u043d\u0435 \u044d\u0442\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u041a\u0438\u0442\u0430\u0439 \u043e\u0431\u0432\u0438\u043d\u0438\u043b \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0437\u0438\u043c\u043d\u0438\u0445 \u0410\u0437\u0438\u0430\u0442\u0441\u043a\u0438\u0445 \u0438\u0433\u0440, \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0432\u0448\u0438\u0445 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0432 \u0425\u0430\u0440\u0431\u0438\u043d\u0435. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e CVERC, \u0442\u043e\u043b\u044c\u043a\u043e \u0441 26 \u044f\u043d\u0432\u0430\u0440\u044f \u043f\u043e 14 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u044b\u043b\u043e \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 170 \u0442\u044b\u0441\u044f\u0447 \u0430\u0442\u0430\u043a \u0441 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0430 \u043e\u0431\u0449\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0430\u0442\u0430\u043a \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e \u0441\u0432\u044b\u0448\u0435 270 \u0442\u044b\u0441\u044f\u0447. \u041f\u0435\u043a\u0438\u043d \u0440\u0430\u0441\u0446\u0435\u043d\u0438\u043b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0421\u0428\u0410 \u043a\u0430\u043a \u0443\u0433\u0440\u043e\u0437\u0443 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0441\u0442\u0440\u0430\u043d\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-16T10:49:28.000000Z"}, {"uuid": "32db28f0-c994-4f3f-808b-cacf68e8c832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3894", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-8190\n\ud83c\udfe2 Vendor: Ivanti\n\ud83d\udda5\ufe0f Product: Cloud Services Appliance (CSA)\n\ud83d\udd39 Description: Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.\n\ud83d\udccf Published: 2024-09-13T00:00:00Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\n2. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190\n3. https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa\n4. https://www.cisa.gov/sites/default/files/2025-01/aa25-022a-threat-actors-chained-vulnerabilities-in-ivanti-cloud-service-applications.pdf\n5. https://www.fortiguard.com/outbreak-alert/ivanti-csa-zero-day-attack", "creation_timestamp": "2025-02-08T23:20:40.000000Z"}, {"uuid": "9e3b69ea-b1f7-4c10-93aa-7fd68823063f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://t.me/cyberbannews_ir/13628", "content": "\ud83e\ude99 \u062f\u0633\u062a\u0648\u0631 \u0622\u0698\u0627\u0646\u0633 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0622\u0645\u0631\u06cc\u06a9\u0627 \u0628\u0631\u0627\u06cc \u0627\u0631\u062a\u0642\u0627\u0621 \u06cc\u0627 \u062d\u0630\u0641 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u06cc\u0648\u0627\u0646\u062a\u06cc\n\n\ud83d\udd34\u0645\u0642\u0627\u0645\u0627\u062a \u0627\u0631\u0634\u062f \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0622\u0645\u0631\u06cc\u06a9\u0627 \u0627\u0632 \u0622\u0698\u0627\u0646\u0633\u200c\u0647\u0627\u06cc \u0641\u062f\u0631\u0627\u0644 \u062e\u0648\u0627\u0633\u062a\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u06cc\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u06cc\u0648\u0627\u0646\u062a\u06cc \u06a9\u0647 \u062f\u06cc\u06af\u0631 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0646\u0645\u06cc\u200c\u0634\u0648\u062f \u0648 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0631\u0627 \u062d\u0630\u0641 \u06a9\u0646\u0646\u062f \u06cc\u0627 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0647\u0646\u062f.\n\n\ud83d\udd39\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0641\u0646\u0627\u0648\u0631\u06cc \u0631\u0648\u0632 \u062c\u0645\u0639\u0647 \u06cc\u06a9 \u0647\u0634\u062f\u0627\u0631 \u062c\u062f\u06cc\u062f \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u062f\u0631 \u0622\u0646 \u06af\u0641\u062a\u0647 \u0634\u062f\u0647 \u062a\u0639\u062f\u0627\u062f \u0645\u062d\u062f\u0648\u062f\u06cc \u0627\u0632 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2024-8190 \u0645\u0648\u0631\u062f \u062d\u0645\u0644\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647\u200c\u0627\u0646\u062f.\n\n\u2764\ufe0f \u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0645\u0644 \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0622\u0645\u0631\u06cc\u06a9\u0627\n\n\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\n\ud83e\udda0 @cyberbannews_ir l\u26a1Boost", "creation_timestamp": "2024-09-15T12:41:39.000000Z"}, {"uuid": "51a95679-3fcc-4356-a18c-75d66784f8a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14000", "content": "\u200aPoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance\n\nhttps://securityonline.info/poc-exploit-releases-for-exploited-vulnerability-cve-2024-8190-in-ivanti-cloud-services-appliance/", "creation_timestamp": "2024-09-22T17:57:05.000000Z"}, {"uuid": "cc51726f-1201-42b4-88c5-9d79644f125b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://t.me/cibsecurity/79663", "content": "\ud83e\udd85 CISA Adds Ivanti Cloud Services Appliance Vulnerability to Known Exploited Vulnerabilities Catalog (CVE-2024-8190) \ud83e\udd85\n\n  Overview\u00a0   The Cybersecurity and Infrastructure Security Agency CISA has recently included a security flaw in Ivanti Cloud Services Appliance CSA in its Known Exploited Vulnerabilities KEV catalog. This newly cataloged vulnerability, identified as CVE20248190, involves an OS command injection that poses a serious risk to affected systems.\u00a0\u00a0   The vulnerability in question affects the Ivanti Cloud Services Appliance CSA version 4.6, specifically in all versions before Patch 519. It allows remote authenticated attackers with administrative privileges to execute arbitrary commands. This OS command injection flaw poses a risk as it can potentially lead to full system compromise.\u00a0   The vulnerability was assigned a CVSS score of 7.2, indicating a high severity level. Users of Ivanti CSA 4...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-09-16T16:01:31.000000Z"}, {"uuid": "5d642725-484b-46d8-8e91-36cc4cfe7e0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://t.me/cvedetector/5309", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8190 - Ivanti Cloud Services Appliance Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-8190 \nPublished : Sept. 10, 2024, 9:15 p.m. | 37\u00a0minutes ago \nDescription : An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T00:17:20.000000Z"}, {"uuid": "0d246ff5-26c0-4d33-b7a3-f7b8f119e8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/925", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-19T10:18:53.000000Z"}, {"uuid": "17060536-fe3d-40e7-86db-287f58cd6423", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/Kelvinseccommunity/801", "content": "Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability\nhttps://thehackernews.com/2024/09/ivanti-warns-of-active-exploitation-of.html\n\nIvanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.\nThe high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.\n\"An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows", "creation_timestamp": "2024-09-14T18:34:26.000000Z"}, {"uuid": "679f711e-5d7f-4cee-887c-e6afc8857c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "Telegram/N2e25OzngQ0j0ZrkHotRdgc0KhR6ALGu0DlL_KwJG07kjQ", "content": "", "creation_timestamp": "2024-09-14T07:21:54.000000Z"}, {"uuid": "bda6f9d5-a30a-47b5-925b-8d5c3186534a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3855", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-19T10:18:52.000000Z"}, {"uuid": "6ff8a926-1a48-4e3e-b415-16be4c4c7e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/ViralCyber/5418", "content": "\ud83e\ude99 \u062f\u0633\u062a\u0648\u0631 \u0622\u0698\u0627\u0646\u0633 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0622\u0645\u0631\u06cc\u06a9\u0627 \u0628\u0631\u0627\u06cc \u0627\u0631\u062a\u0642\u0627\u0621 \u06cc\u0627 \u062d\u0630\u0641 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u06cc\u0648\u0627\u0646\u062a\u06cc\n\n\ud83d\udd34\u0645\u0642\u0627\u0645\u0627\u062a \u0627\u0631\u0634\u062f \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0622\u0645\u0631\u06cc\u06a9\u0627 \u0627\u0632 \u0622\u0698\u0627\u0646\u0633\u200c\u0647\u0627\u06cc \u0641\u062f\u0631\u0627\u0644 \u062e\u0648\u0627\u0633\u062a\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u06cc\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u06cc\u0648\u0627\u0646\u062a\u06cc \u06a9\u0647 \u062f\u06cc\u06af\u0631 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0646\u0645\u06cc\u200c\u0634\u0648\u062f \u0648 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0631\u0627 \u062d\u0630\u0641 \u06a9\u0646\u0646\u062f \u06cc\u0627 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0647\u0646\u062f.\n\n\ud83d\udd39\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0641\u0646\u0627\u0648\u0631\u06cc \u0631\u0648\u0632 \u062c\u0645\u0639\u0647 \u06cc\u06a9 \u0647\u0634\u062f\u0627\u0631 \u062c\u062f\u06cc\u062f \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u062f\u0631 \u0622\u0646 \u06af\u0641\u062a\u0647 \u0634\u062f\u0647 \u062a\u0639\u062f\u0627\u062f \u0645\u062d\u062f\u0648\u062f\u06cc \u0627\u0632 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2024-8190 \u0645\u0648\u0631\u062f \u062d\u0645\u0644\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647\u200c\u0627\u0646\u062f.\n\n\u2764\ufe0f \u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0645\u0644 \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0622\u0645\u0631\u06cc\u06a9\u0627\n\n\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\n\ud83e\udda0 @cyberbannews_ir l\u26a1Boost", "creation_timestamp": "2024-09-15T19:41:48.000000Z"}, {"uuid": "1fea80d8-127b-4fa0-bddd-5cd2e9a0a3b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/20334", "content": "The Hacker News\nIvanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability\n\nIvanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.\nThe high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.\n\"An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows", "creation_timestamp": "2024-09-14T07:38:33.000000Z"}, {"uuid": "fefafd61-293d-4d07-8704-ff81af879a52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/HackingInsights/13114", "content": "\u200aIvanti Cloud Service Appliance flaw is being actively exploited in the wild\n\nhttps://securityaffairs.com/168388/hacking/ivanti-csa-cve-2024-8190.html", "creation_timestamp": "2024-09-15T21:05:47.000000Z"}, {"uuid": "30e04344-3bb5-4562-8f09-7193a7992616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/HackingInsights/13108", "content": "\u200aCISA & Ivanti Warn of Active Exploitation Cloud Services Appliance Flaw CVE-2024-8190\n\nhttps://securityonline.info/cisa-ivanti-warn-of-active-exploitation-cloud-services-appliance-flaw-cve-2024-8190/", "creation_timestamp": "2024-09-15T21:05:47.000000Z"}, {"uuid": "317a5e6d-0d8f-47fb-bfff-420683345c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "Telegram/PQ0RiJZKVKBfeTBBQbVJc7IN4so9fWpcasJZB8yIck5mvQ", "content": "", "creation_timestamp": "2024-09-14T11:16:06.000000Z"}, {"uuid": "0e582e42-94bd-4e66-99d5-fbda8f26c968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/907", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T12:16:08.000000Z"}, {"uuid": "d09e9150-b495-472d-8cf8-e7cc782961bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "Telegram/cOS49xCwfO7buBlN1X4VZ-Ituu7Bm3coYvk-Odcag1DbZFQ", "content": "", "creation_timestamp": "2024-09-16T21:03:42.000000Z"}, {"uuid": "91abed64-58d4-487e-aac7-59c909b650b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/KomunitiSiber/2571", "content": "Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability\nhttps://thehackernews.com/2024/09/ivanti-warns-of-active-exploitation-of.html\n\nIvanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.\nThe high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.\n\"An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows", "creation_timestamp": "2024-09-14T07:08:56.000000Z"}, {"uuid": "c35f9e59-e48a-4a78-8f6c-2bfa6d9264d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/4129", "content": "The Hacker News\nIvanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability\n\nIvanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.\nThe high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.\n\"An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows", "creation_timestamp": "2024-09-14T07:38:33.000000Z"}, {"uuid": "f73f2388-cd5d-4bfd-ae43-7e702bfb4d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/thehackernews/5582", "content": "\ud83d\udea8 A newly patched security flaw in Ivanti CSA (CVE-2024-8190) is under active exploitation. \n \nThis vulnerability could lead to full system compromise, especially since Ivanti CSA 4.6 has reached end-of-life. \n \nDon\u2019t risk your infrastructure\u2014upgrade to CSA 5.0 and ensure you're protected. \n \nDetails here: https://thehackernews.com/2024/09/ivanti-warns-of-active-exploitation-of.html", "creation_timestamp": "2024-09-14T06:30:34.000000Z"}, {"uuid": "95dcf991-8579-4a31-a2b1-642a45396a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "Telegram/PTHKQ06bP3q6apx3Krv4L2iJCBBovWGsPYlkQuufLnbVvmI", "content": "", "creation_timestamp": "2025-03-04T16:00:08.000000Z"}, {"uuid": "7ffcba87-e420-49b3-8d9a-fdad6b8b6647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23811", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-21T12:35:29.000000Z"}, {"uuid": "b2298c99-824e-4a57-9e92-5261e59d3c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3732", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T11:36:01.000000Z"}, {"uuid": "5b157ac8-e441-4222-a37f-e31d03bd8469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://t.me/true_secator/6212", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n1. Ivanti, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0430\u0441\u044c \u0441 \u044d\u043a\u0430\u043f\u043b\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cloud Service Appliance (CSA). CVE-2024-8190 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Ivanti CSA \u0441 \u0438\u0441\u0442\u0435\u043a\u0448\u0438\u043c \u0441\u0440\u043e\u043a\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0430\u0442\u0430\u043a.\n\n2. Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-29847, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE \u0432 Ivanti Endpoint Manager, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0438 \u0442\u0443\u0442 \u0441\u0442\u043e\u0438\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Vision Pro \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0424\u043b\u043e\u0440\u0438\u0434\u044b \u0438 \u0422\u0435\u0445\u0430\u0441\u0441\u043a\u043e\u0433\u043e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u0437\u0433\u043b\u044f\u043d\u0443\u0432 \u043d\u0430 \u043a\u043b\u0430\u0432\u0438\u0448\u0438.\n\n\u041c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GAZEploit \u0438 \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0435\u0447\u0430\u0442\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c Vision Pro, \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0433\u043b\u0430\u0437.\n\n\u0410\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 30 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u0445 \u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c.\n\nApple \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a\u00a0CVE-2024-40865\u00a0 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0435 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c visionOS 1.3. \n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f visionOS 1.3 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0438\u044e\u043b\u044f, \u043d\u043e 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f Apple \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0435\u0435, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 CVE-2024-40865.\u00a0\n\n4. \u0415\u0449\u0435 \u043f\u043e Apple: \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 iOS 18 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u0442\u00a0\u0444\u0443\u043d\u043a\u0446\u0438\u044e\u00a0\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b iPhone, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043a\u0430\u043c\u0435\u0440\u044b, \u0430\u043a\u043a\u0443\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u0438 \u0434\u0438\u0441\u043f\u043b\u0435\u0438. \n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043b\u044e\u0441\u043e\u0432 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0441\u0443\u043b\u0438\u0442 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u043c\u043e\u043d\u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u043c\u0430\u0441\u0442\u0435\u0440\u0441\u043a\u0438\u0445.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0413\u0430\u0431\u043e\u0440 \u041b\u0435\u0433\u0440\u0430\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring Java. \n\nCVE-2024-38816 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u044e\u0431\u043e\u043c\u0443 \u0444\u0430\u0439\u043b\u0443 \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n6. \u041c\u0438\u043a\u043a\u043e \u041a\u0435\u043d\u0442\u0442\u044f\u043b\u044f \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f Zero Click \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0440\u0435\u0434\u044b \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044f macOS. \u0412\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 2022 \u043f\u043e \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430.\n\n7. \u0412 Positive Technologies \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n- RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Windows Remote Desktop Licensing Service, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MadLicense (CVE-2024-38077);\n\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 Mark of the Web \u0432 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2024-38213);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Windows (CVE-2024-38106), \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Ancillary Function (CVE-2024-38193) \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Power Dependency Coordinator (CVE-2024-38107);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0434\u043b\u044f WordPress CMS (CVE-2024-28000).", "creation_timestamp": "2024-09-16T19:00:07.000000Z"}, {"uuid": "635bc273-49f3-4f28-9f38-f578d3c30a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "seen", "source": "https://t.me/true_secator/6220", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437.\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AppOmni \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435\u00a01000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ServiceNow, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0431\u0430\u0437\u044b \u0437\u043d\u0430\u043d\u0438\u0439 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 (KB).\n\n2. Tenable\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Google Cloud, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f  \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044e\u044e \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Google Cloud.\n\n\u041e\u043d\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u043b\u0430 \u043d\u0430 Google Composer. Google \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0438 \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Varonis\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u043e\u0431 \u0430\u0442\u0430\u043a\u0435 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c SOQL (Salesforce Object Query Language), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445 Salesforce \u0447\u0435\u0440\u0435\u0437 API Aura \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 \u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043c\u0435\u0441\u044f\u0446 \u0441\u043f\u0443\u0441\u0442\u044f.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AmberWolf \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 Skeleton Cookie (CVE-2024-45488), \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 PAM Safeguard for Privileged Passwords \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 One Identity.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u044f\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f 8.0.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437\u00a0CVE-2024-8190, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 0-day \u0432 Ivanti Cloud Service Appliance (CSA).\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u0440\u0430\u0437 Horizon3 \u043d\u0435\u043a\u043e\u0441\u044f\u0447\u0438\u043b\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u043e\u0435\u00a0\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0432 \u0431\u043b\u043e\u0433\u0435 \u0441 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043f\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 Ivanti (CVE-2024-29847). \n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 CVE-2023-28324, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Summoning Team \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e Horizon3 \u0432 \u0441\u043f\u0435\u0448\u043a\u0435 \u043f\u044b\u0442\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0442\u044c \u0441\u0435\u0431\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043e\u043d\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0443 \u0441\u0435\u0431\u044f \u0432 \u0431\u043b\u043e\u0433\u0435.\n\n6. \u0411\u0438\u0437\u043e\u043d\u044b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE\u20112024\u20117965 (\u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0438\u043c\u043f\u043b\u0435\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u0432\u00a0V8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432\u00a0\u0440\u0435\u043d\u0434\u0435\u0440\u0435\u0440\u0435 Google\u00a0Chrome, \u043f\u043e\u043a\u0430\u0437\u0430\u0432 \u043a\u0430\u043a \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c (PoC).", "creation_timestamp": "2024-09-18T17:40:04.000000Z"}, {"uuid": "a64375d9-edc1-4b7e-9aad-dc51b16824a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8765", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T05:20:08.000000Z"}, {"uuid": "ab19c490-613d-45a8-830e-56c4e68ab39d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7426", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T05:20:08.000000Z"}, {"uuid": "161a39b1-4da9-402a-9de6-9e3293731b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/information_security_channel/52897", "content": "Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure\nhttps://www.securityweek.com/ivanti-csa-vulnerability-exploited-in-attacks-days-after-disclosure/\n\nThe Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure.\nThe post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure (https://www.securityweek.com/ivanti-csa-vulnerability-exploited-in-attacks-days-after-disclosure/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-09-16T12:42:16.000000Z"}, {"uuid": "dcf1eea1-09ae-4c37-a3c5-7ba5b3786be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "exploited", "source": "https://t.me/information_security_channel/52928", "content": "Ivanti Warns of Second CSA Vulnerability Exploited in Attacks\nhttps://www.securityweek.com/ivanti-warns-of-second-csa-vulnerability-exploited-in-attacks/\n\nIn addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited.\nThe post Ivanti Warns of Second CSA Vulnerability Exploited in Attacks (https://www.securityweek.com/ivanti-warns-of-second-csa-vulnerability-exploited-in-attacks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-09-20T14:24:20.000000Z"}, {"uuid": "a7fb69ee-2a03-48c6-aaba-751ff5e9408f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9129", "content": "CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability \u2013 Horizon3.ai\n\nhttps://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/", "creation_timestamp": "2024-09-16T20:45:28.000000Z"}, {"uuid": "dabfa4d1-4650-44b7-9633-e112f60bba9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11147", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-17T19:18:17.000000Z"}, {"uuid": "a363f26b-48d3-4477-aef6-e56b032c5358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3187", "content": "https://github.com/horizon3ai/CVE-2024-8190\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Command Injection\n#github #exploit", "creation_timestamp": "2024-09-17T16:52:25.000000Z"}, {"uuid": "0b455029-67d7-424b-abe3-5df361ae0159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4454", "content": "#exploit\n1. CVE-2024-8190:\nIvanti Cloud Service Appliance Authenticated Command Injection\nhttps://github.com/horizon3ai/CVE-2024-8190\n]-> https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection\n\n2. WhatsApp extension manipulation PoC\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n3. CVE2024-45488:\n\u00abSkeleton Cookie\u00bb\nhttps://blog.amberwolf.com/blog/2024/september/skeleton-cookie-breaking-into-safeguard-with-cve-2024-45488", "creation_timestamp": "2024-09-18T04:12:48.000000Z"}, {"uuid": "8b365171-fecf-43d6-b7e9-cbb35d4ba70a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8190", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/315", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-21T12:35:29.000000Z"}]}