{"vulnerability": "CVE-2025-0283", "sightings": [{"uuid": "45cd9838-1891-4f9c-9778-cd6c1550ead3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113795886148873966", "content": "", "creation_timestamp": "2025-01-09T01:50:27.690254Z"}, {"uuid": "370eb46a-18d6-46bb-84b2-8068006eb8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/113794229396969883", "content": "", "creation_timestamp": "2025-01-08T18:49:15.399087Z"}, {"uuid": "0a1c8eae-833f-4b0d-b48c-757810794ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/GossiTheDog.cyberplace.social.ap.brid.gy/post/3lfatcpky76v2", "content": "", "creation_timestamp": "2025-01-08T18:49:39.964563Z"}, {"uuid": "5edec4a1-7c4d-41a6-95c5-54c3d15dcf76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/113794233782230972", "content": "", "creation_timestamp": "2025-01-08T18:50:10.938694Z"}, {"uuid": "0044a262-dcca-4e4e-a19b-b677e00b98ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/fabian.bader.cloud/post/3lfaum55l4t23", "content": "", "creation_timestamp": "2025-01-08T19:12:24.043778Z"}, {"uuid": "ba1aa0fd-4530-498f-93d8-8d1f906cd1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfbqimkmus25", "content": "", "creation_timestamp": "2025-01-09T03:31:35.120981Z"}, {"uuid": "09d1fad7-c02c-4dbc-bf5c-039e93e93176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/113803168454472005", "content": "", "creation_timestamp": "2025-01-10T08:42:24.327553Z"}, {"uuid": "73d4ef90-09f6-4bd7-938b-89743e54c22c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3lfd4jiwjec2d", "content": "", "creation_timestamp": "2025-01-09T16:39:27.257275Z"}, {"uuid": "b71cad00-746e-4a20-ab3a-c2edb8c2910f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/johnmason.bsky.social/post/3lfdobcxpjk2b", "content": "", "creation_timestamp": "2025-01-09T21:56:58.421408Z"}, {"uuid": "856213c0-c60a-4ebc-8ba1-7e3b98f7d57c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/virusbtn.bsky.social/post/3lfci4uwnh22w", "content": "", "creation_timestamp": "2025-01-09T10:34:32.097538Z"}, {"uuid": "1fddd715-5174-4d86-a752-e1350ad72c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/jcsc.je/post/3lff5sgsdxq2a", "content": "", "creation_timestamp": "2025-01-10T12:07:37.955601Z"}, {"uuid": "1aa19c3b-2e76-4619-854a-8ed89304c34b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "MISP/9ad85f94-db72-495e-bff9-3bbf7e49541a", "content": "", "creation_timestamp": "2025-01-10T11:05:27.000000Z"}, {"uuid": "45196f89-0c52-4a21-80c1-833b12981ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-5cf31621-a84e5f5e46498679", "content": "", "creation_timestamp": "2025-01-14T07:57:57.153666Z"}, {"uuid": "12b51869-b74e-478c-a80a-e1fe3af6a6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/therecordmedia.bsky.social/post/3lfaz4n2aku2a", "content": "", "creation_timestamp": "2025-01-08T20:33:13.612732Z"}, {"uuid": "ea7469a8-43fe-42dc-8a50-dabe9e4852f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3lfdco6i6zc2y", "content": "", "creation_timestamp": "2025-01-09T18:29:24.655639Z"}, {"uuid": "6a38ebc0-cc8b-46e6-a677-9d9c0f88590b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3lfb2z6eqas2r", "content": "", "creation_timestamp": "2025-01-08T21:07:05.841342Z"}, {"uuid": "6d008c22-9d75-40e3-9f7f-3b918200b298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/113794772213856597", "content": "", "creation_timestamp": "2025-01-08T21:07:06.203015Z"}, {"uuid": "ac491e12-643d-4650-b6d3-224790e733f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day", "content": "", "creation_timestamp": "2025-01-14T10:51:52.703724Z"}, {"uuid": "6146d547-c2bb-43ce-b0b2-7218c421b4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/hackread.bsky.social/post/3lfg5ajcj4c2z", "content": "", "creation_timestamp": "2025-01-10T21:30:22.318877Z"}, {"uuid": "cc284497-43b9-42d8-891d-f371573d4e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lfbykdh6b22a", "content": "", "creation_timestamp": "2025-01-09T05:55:42.465750Z"}, {"uuid": "9799c325-b31f-421a-a54f-758f5d8a1ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/campuscodi.risky.biz/post/3lfb6vdx4ok2a", "content": "", "creation_timestamp": "2025-01-08T22:16:30.710538Z"}, {"uuid": "9b9bfc9f-fee8-437b-9bd5-fabc349ad08e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113795082345636085", "content": "", "creation_timestamp": "2025-01-08T22:25:58.426842Z"}, {"uuid": "92077bd6-0071-4513-9b6e-241dfc72ef81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113795082362133547", "content": "", "creation_timestamp": "2025-01-08T22:25:58.564051Z"}, {"uuid": "427fe411-8ecd-4d8f-95bd-c3575f540ad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0005", "content": "", "creation_timestamp": "2025-01-08T17:55:33.000000Z"}, {"uuid": "f9a872b8-42db-4397-b724-3e06bb4cbc4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-fde9472d-93bddffa7ccc53fb", "content": "", "creation_timestamp": "2025-01-09T12:05:31.177170Z"}, {"uuid": "1f7a3431-d0fd-4f72-a2c1-12b64c808e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfoaggxsun25", "content": "", "creation_timestamp": "2025-01-14T02:48:35.215535Z"}, {"uuid": "f0c728ee-c910-4c20-a60b-2780a80afa5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/reynardsec.bsky.social/post/3lfcnqqqwf22r", "content": "", "creation_timestamp": "2025-01-09T12:15:02.571954Z"}, {"uuid": "02b47583-e2a7-4895-97b3-7625663d6a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfco2ozdqs2v", "content": "", "creation_timestamp": "2025-01-09T12:20:41.980223Z"}, {"uuid": "2c655b3a-6a67-48fb-95d9-41c10b55e506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfcofwzl7k2v", "content": "", "creation_timestamp": "2025-01-09T12:26:55.177948Z"}, {"uuid": "bcd11b9d-1b16-4121-a07b-a8b2ebce0e3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfbc7bw6td2f", "content": "", "creation_timestamp": "2025-01-08T23:15:45.038244Z"}, {"uuid": "159b6c90-1449-477b-9337-c303cbc576ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lfpcbtsyt22q", "content": "", "creation_timestamp": "2025-01-14T12:54:30.167518Z"}, {"uuid": "8f7bacde-0307-4510-ae63-5e1e1b3177f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfcoqasdos2v", "content": "", "creation_timestamp": "2025-01-09T12:32:40.166538Z"}, {"uuid": "d9cf3167-962c-4166-9a84-8c0f1999e8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827399766442285", "content": "", "creation_timestamp": "2025-01-14T15:24:45.373604Z"}, {"uuid": "f45d0810-5cda-4400-8ebf-70ca04fe6123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfcp4y4jgs2v", "content": "", "creation_timestamp": "2025-01-09T12:39:52.135171Z"}, {"uuid": "078a0a6f-4a82-42f0-ae31-c9c784d4340b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfbecrikt22b", "content": "", "creation_timestamp": "2025-01-08T23:53:32.389801Z"}, {"uuid": "fbf01626-9554-4367-bd4f-fa0152bfce8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113794013127839389", "content": "", "creation_timestamp": "2025-01-08T17:54:03.728505Z"}, {"uuid": "25585751-0480-45a2-83ca-f811d34719ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lfkod5of4s2n", "content": "", "creation_timestamp": "2025-01-12T16:46:37.579112Z"}, {"uuid": "e8e3a0db-5a01-465b-bbba-d0650b30bbe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/113794064022742116", "content": "", "creation_timestamp": "2025-01-08T18:07:00.172455Z"}, {"uuid": "53805feb-6601-4eaf-aaba-543649b4207e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/dehavent.bsky.social/post/3lfdhqshpus2c", "content": "", "creation_timestamp": "2025-01-09T20:00:20.348138Z"}, {"uuid": "a44ebcf3-3c6c-4541-bdd2-8b38ae95428d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3lfaqxbdxih42", "content": "", "creation_timestamp": "2025-01-08T18:08:13.694625Z"}, {"uuid": "6271767d-8390-4d19-9bb0-758cb396e88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-0283", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lfvkykr2uf2g", "content": "", "creation_timestamp": "2025-01-17T00:46:18.315671Z"}, {"uuid": "d3162c2e-71c7-4c21-8031-3b5d41aaff57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113841074168672025", "content": "", "creation_timestamp": "2025-01-17T01:22:18.391185Z"}, {"uuid": "7e7de9e8-717d-40f0-923e-310684ea4229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/sheridan.co.uk/post/3lfas773ljk2z", "content": "", "creation_timestamp": "2025-01-08T18:29:24.957073Z"}, {"uuid": "468da539-115d-45a7-9fbe-cae767aebd0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/wizsecurity.bsky.social/post/3lfcyet7uuk2l", "content": "", "creation_timestamp": "2025-01-09T15:25:17.099713Z"}, {"uuid": "12265d96-43e8-4430-8497-7c547ff3fdbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/vulnerability-lookup.social.circl.lu.ap.brid.gy/post/3lfasy3nzewv2", "content": "", "creation_timestamp": "2025-01-08T18:43:28.343684Z"}, {"uuid": "1a4a9c5c-41c2-484c-a591-f0afb993c778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfvqijz3rz2m", "content": "", "creation_timestamp": "2025-01-17T02:24:43.030715Z"}, {"uuid": "c5683c13-af06-4557-a2e8-5f771e9986f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2025-0282-cve-2025-0283/", "content": "", "creation_timestamp": "2025-01-16T23:30:13.000000Z"}, {"uuid": "6f013b8b-7c05-45e2-8f59-dc95df7b6219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/seifreed.bsky.social/post/3lfwjxhqfsr2q", "content": "", "creation_timestamp": "2025-01-17T10:00:27.978958Z"}, {"uuid": "69ea444c-e523-44ef-be8e-42fca250c49d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-0283", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3lfwkdovg2x25", "content": "", "creation_timestamp": "2025-01-17T10:07:17.531721Z"}, {"uuid": "73b1fb5b-1fea-4863-b286-53d97c4e0de8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/cyberalliance.bsky.social/post/3lfwu3ujvgc2c", "content": "", "creation_timestamp": "2025-01-17T13:01:54.899100Z"}, {"uuid": "9f904ff1-6e2a-4166-85b0-bd8488c65692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lfxi6krcpk2t", "content": "", "creation_timestamp": "2025-01-17T19:01:19.612240Z"}, {"uuid": "347aae30-7d12-4693-b295-54dfb96d3268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://threatintel.cc/2025/01/17/threat-brief-cve-and-cve.html", "content": "", "creation_timestamp": "2025-01-17T12:25:49.000000Z"}, {"uuid": "71706a25-1cc8-4819-9061-4d8db0754e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lg46b27d2625", "content": "", "creation_timestamp": "2025-01-19T15:47:02.731673Z"}, {"uuid": "ffebdee1-6a6c-4d24-91af-96163decabbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lg6ans5k4d23", "content": "", "creation_timestamp": "2025-01-20T11:35:17.546173Z"}, {"uuid": "9636da3b-eae4-42cb-89f3-568dc70f77f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/113913984967247498", "content": "", "creation_timestamp": "2025-01-29T22:24:30.216180Z"}, {"uuid": "fcce90ec-b412-4743-b9f6-23a5ce4c740d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3lgvz5252qri2", "content": "", "creation_timestamp": "2025-01-29T22:24:45.695127Z"}, {"uuid": "9ebba15d-125a-46ef-a974-cd1febca3310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lh5gyryy7s2n", "content": "", "creation_timestamp": "2025-02-01T21:21:24.978855Z"}, {"uuid": "f047ece8-3236-4a7d-82e0-cab1d0dcb79d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/114275453831928356", "content": "", "creation_timestamp": "2025-04-03T18:30:45.858486Z"}, {"uuid": "3dce0a26-5d3d-465b-8c4d-f05b05cf005e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/114275453831928356", "content": "", "creation_timestamp": "2025-04-03T18:30:45.871868Z"}, {"uuid": "c98ee251-479b-4b91-8815-29d1364262ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_2/2025", "content": "", "creation_timestamp": "2025-01-08T21:26:07.000000Z"}, {"uuid": "3bd57e85-a226-4fa0-96d6-b10742947692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "MISP/db5f885b-7a82-4952-b138-956e39033df0", "content": "", "creation_timestamp": "2025-04-15T14:31:55.000000Z"}, {"uuid": "bb10fe10-f4cf-45c2-87d7-f1799f1b678d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c4a175b4-dfdf-4bd2-83a1-db67f7fb9aa5", "content": "", "creation_timestamp": "2025-01-08T18:43:09.190345Z"}, {"uuid": "31f2fc8c-1727-414d-910c-0b2a71d6c3c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0ff87615-7549-4602-8c19-766d8fd43c8d", "content": "", "creation_timestamp": "2025-01-17T08:21:59.963244Z"}, {"uuid": "f3b57d6f-a91a-4a92-a3c3-8dc6b483f36e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "MISP/9ad85f94-db72-495e-bff9-3bbf7e49541a", "content": "", "creation_timestamp": "2025-07-10T22:08:43.000000Z"}, {"uuid": "20f45652-9e60-4a2e-bb43-c6bcacda08c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mfzaugkbu22b", "content": "", "creation_timestamp": "2026-03-01T17:21:53.162870Z"}, {"uuid": "29458072-780a-4e8d-a34b-f865360afcdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1455", "content": "", "creation_timestamp": "2025-01-09T04:00:00.000000Z"}, {"uuid": "ffe87308-af87-4097-81b5-50a9eccec68e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://t.me/true_secator/7103", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 2024 \u0433\u043e\u0434\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0438\u0445 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043c\u043d\u043e\u0433\u0438\u0435 CWE \u0438\u0437 TOP 10 \u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Microsoft \u0438 \u044f\u0434\u0440\u0430 Linux \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043b\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0430\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0447\u0430\u0441\u0442\u043e \u043a \u00ab\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e\u00bb \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0442\u0430\u043a \u0434\u043b\u044f Linux \u043d\u0430 Windows \u0438 \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0430\u0449\u0435 \u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2018-0802, CVE-2017-11882 (\u043e\u0431\u0435 RCE \u0432 Equation Editor), CVE-2017-0199 (Microsoft Office \u0438 WordPad).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 2024 \u0433\u043e\u0434\u0430, \u0438 \u043c\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 WinRAR \u0438 \u0432 \u0441\u0430\u043c\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (WinRAR), CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0ks.sys) \u0438 CVE-2022-3699 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Lenovo Diagnostics).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2022-0847 (Dirty Pipe), CVE-2019-13272 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-3156 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435\u00a0sudo).\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u0430\u043a \u0441\u0430\u043c\u043e\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043b\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c - \u044d\u0442\u0430 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft Office.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 APT, \u0432 \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430: CVE-2025-0282, CVE-2024-21887 \u0438 CVE-2025-0283 (Ivanti Connect Secure), CVE-2020-1472 (Netlogon Windows), CVE-2023-46805 (Ivanti ICS), CVE-2023-48788 (Fortinet) \u0438 \u0434\u0440.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0432 TOP 10 \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438: \n\n- ZDI-CAN-25373: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 lnk-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 Windows;\n\n- CVE-2025-21333: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 vkrnlintvsp.sys;\n\n- CVE-2025-24071: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 NetNTLM-\u0445\u044d\u0448\u0430 \u0432 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-04T18:00:07.000000Z"}, {"uuid": "3f93c6b1-b943-4903-af19-fa266b982809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/10687", "content": "The Hidden Dangers of VPNs: Critical Vulnerabilities Exposed (Late 2024 \u2013 Early 2025)\n\nVirtual Private Networks (VPNs) have long been considered an essential tool for securing online activity. However, a closer examination reveals an unsettling reality: VPNs themselves are increasingly becoming high-value targets for attackers. Over the past several months, a wave of critical vulnerabilities has shaken trust in these technologies, impacting both consumers and enterprises alike.\n\nIn this report, we highlight the most significant VPN vulnerabilities discovered from late 2024 into early 2025 \u2014 and why blind reliance on VPNs may no longer be a safe bet.\n\n\n---\n\nCVE-2025-22457: Critical Buffer Overflow in Ivanti Connect Secure and Pulse Connect Secure\n\nIn April 2025, researchers uncovered CVE-2025-22457, a critical unauthenticated stack-based buffer overflow vulnerability affecting Ivanti Connect Secure (ICS) and Pulse Connect Secure VPN appliances. Impacted versions include ICS 22.7R2.5 and earlier, as well as Pulse Connect Secure 9.1x, which reached end-of-support in December 2024.\n\nInitially, Ivanti assessed the issue as non-exploitable due to character restrictions (periods and numbers only) within the overflow. However, a suspected Chinese advanced persistent threat (APT) group, dubbed UNC5221, demonstrated that \u2014 through intricate exploitation techniques \u2014 remote code execution was indeed achievable.\n\nExploitation Details:\n\nProof-of-concept (PoC) exploits are already available publicly, such as the sfewer-r7 implementation on GitHub. Attackers can leverage these to gain a reverse shell with limited user privileges (\"nr\"), circumventing initial vendor assumptions about exploitability.\n\nA netcat listener captures the shell.\n\nThe exploit brute-forces address space layout randomization (ASLR) protections by guessing base addresses for libdsplibs.so.\n\nSuccessful exploitation results in unauthorized access to the underlying system.\n\n\nExposure:\nAs of April 2025, Shodan scans indicated over 4,000 vulnerable instances exposed online.\n\n\n---\n\nCVE-2024-53704: Authentication Bypass in SonicWall SSL VPN\n\nAnother significant threat emerged with CVE-2024-53704, a critical authentication bypass vulnerability impacting SonicWall\u2019s SSL VPN solutions based on SonicOS versions 7.1.x (through 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035.\n\nDiscovered by Computest Security in November 2024 and patched in January 2025, this flaw allows attackers to hijack active VPN sessions by manipulating Base64-encoded session cookies \u2014 bypassing even multi-factor authentication (MFA) mechanisms.\n\nAttack Technique:\n\nBy inserting 32 null bytes encoded in Base64 into the swap cookie of a GET request, adversaries can effectively impersonate legitimate users without valid credentials.\n\nDespite available patches, thousands of systems remained unpatched into early 2025. According to Bishop Fox, more than 4,500 SonicWall VPN instances were still exposed as of February 2025.\n\n\n---\n\nCVE-2025-0282 and CVE-2025-0283: Stack-Based Buffer Overflows in Ivanti Products\n\nIn January 2025, Ivanti disclosed two additional vulnerabilities:\n\nCVE-2025-0282 (CVSS 9.0): Unauthenticated stack-based buffer overflow enabling remote code execution.\n\nCVE-2025-0283 (CVSS 7.0): Local privilege escalation via stack-based buffer overflow.\n\n\nAffected products included Ivanti Connect Secure, Policy Secure, and Neurons for Zero Trust Access (ZTA) gateways.\n\nExploitation Insights:\n\nPublic exploits, such as the one by sfewer-r7, target specific product versions with tailored ROP (Return-Oriented Programming) chains.\n\nSuccessful exploitation allows execution of operating system commands under non-root privileges, confirming breach activity.\n\n\nNotably, the exploit requires multiple attempts due to ASLR protections but ultimately grants unauthorized access if persistence is maintained.\n\n\n---\n\nCVE-2025-20212: Cisco Meraki AnyConnect VPN Denial-of-Service Vulnerability\n\nCisco disclosed CVE-2025-20212, a high-severity DoS vulnerability affecting AnyConnect VPN servers on Meraki MX and Z series devices.", "creation_timestamp": "2025-04-27T03:42:30.000000Z"}, {"uuid": "beca21c3-1cc0-47e7-ab11-276bc965f7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "Telegram/C2Qid0DD71KHWHfi7vCoKFVvWdzEoSlx9OTdO2c0906YnO0", "content": "", "creation_timestamp": "2025-01-09T00:30:46.000000Z"}, {"uuid": "72531d05-3708-4f70-8a0f-9a286867d9d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://t.me/cvedetector/14747", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0283 - Ivanti Connect Secure Buffer Overflow Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-0283 \nPublished : Jan. 8, 2025, 11:15 p.m. | 40\u00a0minutes ago \nDescription : A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T01:01:41.000000Z"}, {"uuid": "97760662-6ae2-4543-b880-d52364487fbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "seen", "source": "https://t.me/TheDarkWebInformer/10160", "content": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US", "creation_timestamp": "2025-01-08T22:00:24.000000Z"}, {"uuid": "b3a19b99-936e-426e-a34e-460975a2c28d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "exploited", "source": "https://t.me/TheDarkWebInformer/10161", "content": "\ud83d\udea8\ud83d\udea8\ud83d\udea8Ivanti, a leading provider of enterprise security solutions, has announced the discovery of two critical zero-day vulnerabilities in its Connect Secure (ICS) product. https://www.ivanti.com/blog/security-update-ivanti-connect-secure-policy-secure-and-neurons-for-zta-gateways\n\nThe vulnerabilities, identified as CVE-2025-0282 and CVE-2025-0283, are currently being actively exploited by malicious actors.", "creation_timestamp": "2025-01-08T22:07:14.000000Z"}, {"uuid": "6bb6c4ce-1620-4358-a80a-27d52e038855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/3124", "content": "The Hidden Dangers of VPNs: Critical Vulnerabilities Exposed (Late 2024 \u2013 Early 2025)\n\nVirtual Private Networks (VPNs) have long been considered an essential tool for securing online activity. However, a closer examination reveals an unsettling reality: VPNs themselves are increasingly becoming high-value targets for attackers. Over the past several months, a wave of critical vulnerabilities has shaken trust in these technologies, impacting both consumers and enterprises alike.\n\nIn this report, we highlight the most significant VPN vulnerabilities discovered from late 2024 into early 2025 \u2014 and why blind reliance on VPNs may no longer be a safe bet.\n\n\n---\n\nCVE-2025-22457: Critical Buffer Overflow in Ivanti Connect Secure and Pulse Connect Secure\n\nIn April 2025, researchers uncovered CVE-2025-22457, a critical unauthenticated stack-based buffer overflow vulnerability affecting Ivanti Connect Secure (ICS) and Pulse Connect Secure VPN appliances. Impacted versions include ICS 22.7R2.5 and earlier, as well as Pulse Connect Secure 9.1x, which reached end-of-support in December 2024.\n\nInitially, Ivanti assessed the issue as non-exploitable due to character restrictions (periods and numbers only) within the overflow. However, a suspected Chinese advanced persistent threat (APT) group, dubbed UNC5221, demonstrated that \u2014 through intricate exploitation techniques \u2014 remote code execution was indeed achievable.\n\nExploitation Details:\n\nProof-of-concept (PoC) exploits are already available publicly, such as the sfewer-r7 implementation on GitHub. Attackers can leverage these to gain a reverse shell with limited user privileges (\"nr\"), circumventing initial vendor assumptions about exploitability.\n\nA netcat listener captures the shell.\n\nThe exploit brute-forces address space layout randomization (ASLR) protections by guessing base addresses for libdsplibs.so.\n\nSuccessful exploitation results in unauthorized access to the underlying system.\n\n\nExposure:\nAs of April 2025, Shodan scans indicated over 4,000 vulnerable instances exposed online.\n\n\n---\n\nCVE-2024-53704: Authentication Bypass in SonicWall SSL VPN\n\nAnother significant threat emerged with CVE-2024-53704, a critical authentication bypass vulnerability impacting SonicWall\u2019s SSL VPN solutions based on SonicOS versions 7.1.x (through 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035.\n\nDiscovered by Computest Security in November 2024 and patched in January 2025, this flaw allows attackers to hijack active VPN sessions by manipulating Base64-encoded session cookies \u2014 bypassing even multi-factor authentication (MFA) mechanisms.\n\nAttack Technique:\n\nBy inserting 32 null bytes encoded in Base64 into the swap cookie of a GET request, adversaries can effectively impersonate legitimate users without valid credentials.\n\nDespite available patches, thousands of systems remained unpatched into early 2025. According to Bishop Fox, more than 4,500 SonicWall VPN instances were still exposed as of February 2025.\n\n\n---\n\nCVE-2025-0282 and CVE-2025-0283: Stack-Based Buffer Overflows in Ivanti Products\n\nIn January 2025, Ivanti disclosed two additional vulnerabilities:\n\nCVE-2025-0282 (CVSS 9.0): Unauthenticated stack-based buffer overflow enabling remote code execution.\n\nCVE-2025-0283 (CVSS 7.0): Local privilege escalation via stack-based buffer overflow.\n\n\nAffected products included Ivanti Connect Secure, Policy Secure, and Neurons for Zero Trust Access (ZTA) gateways.\n\nExploitation Insights:\n\nPublic exploits, such as the one by sfewer-r7, target specific product versions with tailored ROP (Return-Oriented Programming) chains.\n\nSuccessful exploitation allows execution of operating system commands under non-root privileges, confirming breach activity.\n\n\nNotably, the exploit requires multiple attempts due to ASLR protections but ultimately grants unauthorized access if persistence is maintained.\n\n\n---\n\nCVE-2025-20212: Cisco Meraki AnyConnect VPN Denial-of-Service Vulnerability\n\nCisco disclosed CVE-2025-20212, a high-severity DoS vulnerability affecting AnyConnect VPN servers on Meraki MX and Z series devices.", "creation_timestamp": "2025-04-27T05:42:31.000000Z"}, {"uuid": "33467da5-b951-4cc8-8abd-5fb68b836cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0283", "type": "exploited", "source": "https://t.me/true_secator/6604", "content": "\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Ivanti \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0438 \u0440\u043e\u0436\u0434\u0435\u0441\u0442\u0432\u0435\u043d\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0430\u0440\u043e\u0447\u043a\u0438 \u0432 \u0432\u0438\u0434\u0435 \u043d\u043e\u0432\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day, \u043d\u0430 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0443 \u043f\u043e\u0437\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Mandiant \u0438\u0437 Google Cloud.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 Ivanti \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0432 \u0435\u0435 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Connect Secure (ICS) \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - CVE-2025-0282 \u0438 CVE-2025-0283.\u00a0\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0435 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430\u00a0\u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0417\u0430\u0442\u0435\u043c Mandiant, \u043f\u0440\u0438\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u0430\u044f Ivanti \u043a \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0430\u0442\u0430\u043a, \u0432\u044b\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0431\u044b\u043b\u0430\u00a0\u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0430 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0435\u0449\u0435 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2025-0282 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u041d\u043e \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Spawn, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0431\u044b\u043b\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 UNC5337.\n\nSpawn \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a SpawnAnt, \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0440 SpawnMole \u0438 SSH-\u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c SpawnSnail.\n\n\u0412 Mandiant \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e UNC5337 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e\u00a0\u0433\u0440\u0443\u043f\u043f\u044b \u0443\u0433\u0440\u043e\u0437 UNC5221, \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Ivanti (CVE-2023-46805 \u0438 CVE-2024-21887). \u0416\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a \u0442\u043e\u0433\u0434\u0430 \u0441\u0442\u0430\u043b\u0438\u00a0MITRE\u00a0\u0438\u00a0CISA.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u043d\u043e\u0432\u044b\u043c \u043d\u0443\u043b\u0435\u043c Ivanti ICS Mandiant \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f DryHook \u0438 PhaseJam, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0449\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043d\u044b \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 \u0443\u0433\u0440\u043e\u0437.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043a\u043e\u0434\u043e\u0432 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Spawn, DryHook \u0438 PhaseJam) \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u043d\u043e \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0442\u0447\u0435\u0442\u0430 \u0442\u043e\u0447\u043d\u043e \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0447\u0438\u0441\u043b\u043e \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0443\u0433\u0440\u043e\u0437, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 CVE-2025-0282, \u0432 Mandiant \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438.\n\n\u0412 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 CVE-2025-0282, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u043b\u0438 SELinux, \u0432\u043d\u0435\u0441\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 PhaseJam - \u044d\u0442\u043e \u0434\u0440\u043e\u043f\u043f\u0435\u0440, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Ivanti Connect Secure, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u043e\u0431\u043b\u0435\u0433\u0447\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043b\u0430\u0446\u0434\u0430\u0440\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435.\n\nDryHook \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\u00a0\n\n\u0412 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e SpawnAnt, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0431\u044f \u0438 \u0441\u0432\u043e\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0434\u0435\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e PhaseJam \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u043e \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u0448\u043a\u0430\u043b\u0443 \u043f\u0440\u043e\u0433\u0440\u0435\u0441\u0441\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u0439.\n\nMandiant \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e CVE-2025-0282, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC.\u00a0\n\n\u041f\u043e\u043a\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0440\u0430\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, Ivanti \u0432\u043d\u043e\u0432\u044c \u0443\u0441\u0435\u0440\u0434\u043d\u043e \u043f\u0438\u043b\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043b\u0438\u0448\u044c \u0434\u043b\u044f Connect Secure.\n\n\u041e\u0434\u043d\u0430\u043a\u043e Policy Secure \u0438 Neurons \u0434\u043b\u044f ZTA \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0442\u043e\u043b\u044c\u043a\u043e 21 \u044f\u043d\u0432\u0430\u0440\u044f.\u00a0", "creation_timestamp": "2025-01-09T17:46:04.000000Z"}]}