{"vulnerability": "CVE-2024-9441", "sightings": [{"uuid": "5518228b-3224-40ae-8729-cbe6e97fd62c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "https://t.me/ton618cyber/1981", "content": "Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems\n\nUnpatched CVE-2024-9441 flaw in Nice Linear eMerge E3 systems exposes organizations to severe cyber risks.\n\nthehackernews.com \u2022 Oct 10, 2024", "creation_timestamp": "2024-10-14T13:00:26.000000Z"}, {"uuid": "2738a23e-a043-45ff-a5e2-ffa31b8db64b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-04", "content": "", "creation_timestamp": "2025-04-24T10:00:00.000000Z"}, {"uuid": "8d63ba6f-730c-40b1-81bf-b4e0f0c54297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9360", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA simple python script to test for CVE-2024-9441. \nURL\uff1ahttps://github.com/jk-mayne/CVE-2024-9441-Checker\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-09T17:56:05.000000Z"}, {"uuid": "bbcbf5ea-7687-44d7-a657-29a41daeb34d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9126", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1a\u547d\u4ee4\u6ce8\u5165\n\u63cf\u8ff0\uff1aCVE-2024-9441\u662f\u5f71\u54cdLinear eMerge e3\u7cfb\u5217\uff08\u7248\u672c1.00-07\u53ca\u4e4b\u524d\uff09\u7684\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7HTTP\u8bf7\u6c42\u4e2d\u201cforgot_password\u201d\u529f\u80fd\u7684\u201clogin_id\u201d\u53c2\u6570\uff0c\u6267\u884c\u4efb\u610f\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u3002\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-9441-poc\n\n\u6807\u7b7e\uff1a#\u547d\u4ee4\u6ce8\u5165", "creation_timestamp": "2024-11-22T03:45:39.000000Z"}, {"uuid": "dbad4ae9-d2ff-4705-8cf6-e993133161bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8665", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aNortek Linear eMerge E3 Pre-Auth RCE PoC (CVE-2024-9441)\nURL\uff1ahttps://github.com/adhikara13/CVE-2024-9441\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-03T11:31:54.000000Z"}, {"uuid": "48dffaa8-7175-4bd4-bc34-d0c286237c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "https://t.me/cvedetector/6864", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-9441 - eMerge e3-Series OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-9441 \nPublished : Oct. 2, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T22:13:10.000000Z"}, {"uuid": "d618bc4d-85b5-4a0e-99e0-a10e44f94010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "https://t.me/ton618cyber/5640", "content": "Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems\n\nUnpatched CVE-2024-9441 flaw in Nice Linear eMerge E3 systems exposes organizations to severe cyber risks.\n\nthehackernews.com \u2022 Oct 10, 2024", "creation_timestamp": "2024-10-14T13:00:25.000000Z"}, {"uuid": "1d25e290-99c8-47c4-8bbb-109484b2706c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/1051", "content": "\u26a1\ufe0fCVE-2024-9441: Unpatched Flaw Exposes Linear eMerge Systems to Remote Attacks, PoC Published.\n\n#CyberBulletin", "creation_timestamp": "2024-10-05T14:45:59.000000Z"}, {"uuid": "728faa7d-ed8f-4df2-923b-91d9295cb4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "Telegram/lapmxIbCGogVmzs8x5x4bYYCHoqm9clPKCFQlqwSWHXyBA", "content": "", "creation_timestamp": "2024-10-10T18:31:27.000000Z"}, {"uuid": "33e8bd4b-6dc6-42fa-b763-ac870e436a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/23350", "content": "The Hacker News\nExperts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems\n\nCybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands.\nThe flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck.\n\"A vulnerability in the Nortek Linear eMerge E3 allows", "creation_timestamp": "2024-10-10T18:29:54.000000Z"}, {"uuid": "a4b9aad4-526a-47ad-97b2-cae0f83b7a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/5078", "content": "The Hacker News\nExperts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems\n\nCybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands.\nThe flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck.\n\"A vulnerability in the Nortek Linear eMerge E3 allows", "creation_timestamp": "2024-10-10T18:29:54.000000Z"}, {"uuid": "180d485b-c2f0-4efe-8cf6-28bf8b0e7616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "seen", "source": "Telegram/dn9fq--Rt8WnSrhcBj7V-WsV8H6_gtlUJe8juX5P_eikHw", "content": "", "creation_timestamp": "2024-10-10T15:39:32.000000Z"}, {"uuid": "982e0abe-d1fe-4ff6-8b1a-a658997de705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "exploited", "source": "https://t.me/true_secator/6312", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VulnCheck \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Nice Linear eMerge E3.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0448\u0438\u0431\u043a\u0430, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-9441, \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10,0 \u0438 \u043f\u043e\u043a\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c,\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-\u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Nortek Linear eMerge E3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Nortek Linear eMerge E3 Access Control: 0.32-03i, 0.32-04m, 0.32-05p, 0.32-05z, 0.32-07p, 0.32-07e, 0.32-08e, 0.32-08f, 0.32-09c, 1.00.05 \u0438 1.00.07.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u0447\u0442\u043e \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u044f \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u043f\u0435\u0440\u0441\u043f\u0435\u043a\u0442\u0438\u0432  \u043d\u0435\u043c\u0438\u043d\u0443\u0435\u043c\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0440\u0430\u043d\u0435\u0435 \u0434\u0440\u0443\u0433\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 E3, CVE-2019-7256 (CVSS: 10,0) \u0431\u044b\u043b\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0430\u00a0\u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT Flax Typhoon \u0434\u043b\u044f \u043f\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Raptor Train.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043e\u0431 \u044d\u0442\u043e\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0432 \u043c\u0430\u0435 2019 \u0433\u043e\u0434\u0430,\u00a0\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u043c\u043e\u0433\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0435\u0433\u043e \u043b\u0438\u0448\u044c\u00a0\u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u0440\u0442\u0430 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u00ab\u0441\u043b\u0435\u0433\u043a\u0430\u00bb \u0437\u0430\u043f\u043e\u0437\u0434\u0430\u043b\u0443\u044e \u0440\u0435\u0430\u043a\u0446\u0438\u044e Nortek, \u043d\u043e\u0432\u0430\u044f CVE-2024-9441 \u0432\u0440\u044f\u0434 \u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442 \u043f\u0430\u0442\u0447 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c \u0441\u0435\u0440\u0438\u044e Linear Emerge E3 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445.", "creation_timestamp": "2024-10-11T18:00:06.000000Z"}, {"uuid": "75ea2ef4-5aa7-4713-a206-652d80866a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "exploited", "source": "https://t.me/CybNux/7172", "content": "\u062a\u0645 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 #vulnerability \u062d\u0631\u062c\u0629 \u063a\u064a\u0631 \u0645\u064f\u0631\u0642\u0639\u0629 (CVE-2024-9441) \u0641\u064a \u0648\u062d\u062f\u0629 \u0627\u0644\u062a\u062d\u0643\u0645 \u0641\u064a \u0627\u0644\u0648\u0635\u0648\u0644 Nice Linear eMerge E3\u060c \u0648\u062a\u062d\u0645\u0644 \u062f\u0631\u062c\u0629 CVSS \u062a\u0628\u0644\u063a 9.8\u060c \u0645\u0639 \u0627\u0646\u062a\u0634\u0627\u0631 \u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645 \u0628\u0627\u0644\u0641\u0639\u0644.\n\n#\u0623\u062e\u0628\u0627\u0631", "creation_timestamp": "2024-10-11T00:40:26.000000Z"}, {"uuid": "4003fa6e-48b4-4990-8da3-2a322cf2b00e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "exploited", "source": "https://t.me/thehackernews/5716", "content": "A critical unpatched #vulnerability (CVE-2024-9441) in the Nice Linear eMerge E3 access controller has been uncovered, carrying a CVSS score of 9.8, with proof-of-concept exploits already circulating. \n \nLearn more: https://thehackernews.com/2024/10/experts-warn-of-critical-unpatched.html", "creation_timestamp": "2024-10-10T14:34:12.000000Z"}, {"uuid": "441f0e31-dfd0-4558-91f5-a2b248951274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9441", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/25946", "content": "\u26a1\ufe0fCVE-2024-9441: Unpatched Flaw Exposes Linear eMerge Systems to Remote Attacks, PoC Published.\n\n#CyberBulletin", "creation_timestamp": "2024-10-05T14:45:59.000000Z"}]}