{"vulnerability": "CVE-2025-2784", "sightings": [{"uuid": "6fdb4b9a-127c-49f4-ab81-37a2a34b2595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljvez3nep22j", "content": "", "creation_timestamp": "2025-03-08T20:39:59.935712Z"}, {"uuid": "7bedcdb7-ae44-4c0e-a14c-165bdc74daae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-27840", "type": "seen", "source": "https://bsky.app/profile/redrightcrypto.bsky.social/post/3llmkpgpea62l", "content": "", "creation_timestamp": "2025-03-30T19:18:23.992045Z"}, {"uuid": "bcc495a1-7021-4692-af52-b5e4dbf70677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/pedalingforgood.bsky.social/post/3lk2ucpwlx22s", "content": "", "creation_timestamp": "2025-03-11T00:57:08.775280Z"}, {"uuid": "ac9142d4-df07-4a1e-b1b3-7efffc62acc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/perillamint.social.silicon.moe.ap.brid.gy/post/3ljx2obh3j4w2", "content": "", "creation_timestamp": "2025-03-09T12:40:23.609054Z"}, {"uuid": "eeb64b44-9905-4a58-aff5-cffd2a9ce812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ljx2t57cak2n", "content": "", "creation_timestamp": "2025-03-09T12:43:03.358484Z"}, {"uuid": "1d4eba0f-a24c-4abe-8541-97fba1b635e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ljz2tujwas2h", "content": "", "creation_timestamp": "2025-03-10T07:48:52.218333Z"}, {"uuid": "9be125e2-0e15-4f64-8e9f-02fd445a9876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/katchwreck.mastodon.social.ap.brid.gy/post/3lk4zts7cwff2", "content": "", "creation_timestamp": "2025-03-11T21:41:45.133035Z"}, {"uuid": "e2ebd5bb-d6cf-4dcb-aedb-210cb3afb541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/harmonic-osc.bsky.social/post/3ljyd4jgoxc2s", "content": "", "creation_timestamp": "2025-03-10T00:44:09.591233Z"}, {"uuid": "63a22de0-364f-4136-a006-440840ca85cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/newslit.co/post/3lk2a2vc27k2b", "content": "", "creation_timestamp": "2025-03-10T18:54:57.322142Z"}, {"uuid": "98ce92f6-921d-4b43-b3a2-10004c823bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2784", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114274198489762332", "content": "", "creation_timestamp": "2025-04-03T13:11:32.943775Z"}, {"uuid": "e5f9a53d-a990-4e7f-afbb-9261f19fc595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2784", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114274198489762332", "content": "", "creation_timestamp": "2025-04-03T13:11:32.958957Z"}, {"uuid": "ce27ab2b-d0c5-4786-b21d-136b8647c2ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/cryptonews-poster.bsky.social/post/3lmvl2ydp3j2p", "content": "", "creation_timestamp": "2025-04-16T02:44:00.946632Z"}, {"uuid": "270712a1-c9a0-4cc0-84d1-e4fc618c5758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/earlybirdsinvest.bsky.social/post/3lmxri6envz2k", "content": "", "creation_timestamp": "2025-04-16T23:44:06.749224Z"}, {"uuid": "cde4ae76-8818-40a6-b8b7-cc577ac82841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2784", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llvdossxud24", "content": "", "creation_timestamp": "2025-04-03T07:06:44.385267Z"}, {"uuid": "6e3e812a-b935-4289-ba62-16542ad22d4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmqq4wchdc2q", "content": "", "creation_timestamp": "2025-04-14T04:31:15.835341Z"}, {"uuid": "18d5704e-c090-4e01-a79e-5da40e043ac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lmqwqf4ckk2d", "content": "", "creation_timestamp": "2025-04-14T06:29:34.478682Z"}, {"uuid": "d8742855-e472-4beb-bd15-f29a0c18f407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3lmtwf3yzz724", "content": "", "creation_timestamp": "2025-04-15T11:01:11.909705Z"}, {"uuid": "020d4623-ac92-4885-aee3-82d499684639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/koinsaati.bsky.social/post/3lmwj2je3c22f", "content": "", "creation_timestamp": "2025-04-16T11:40:41.603098Z"}, {"uuid": "dcdfe883-a5d6-476a-8d67-fe8814268e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://bsky.app/profile/koinsaati.bsky.social/post/3lmwj2mhfys2f", "content": "", "creation_timestamp": "2025-04-16T11:40:42.145958Z"}, {"uuid": "e3b22e1c-dd70-4fe1-9a78-8decf999d898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:57.000000Z"}, {"uuid": "549b54aa-dd40-4ed4-85b8-44c3fdecc29b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-27840", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3lnir6cvaxki2", "content": "", "creation_timestamp": "2025-04-23T17:54:32.833322Z"}, {"uuid": "240b4f86-429d-4076-9f9b-5a6f36b3e0d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:40.000000Z"}, {"uuid": "84df73d8-740b-4e3a-b62a-eacb0d6e0ff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://t.me/cvedetector/19905", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27840 - Espressif ESP32 HCI Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27840 \nPublished : March 8, 2025, 8:15 p.m. | 1\u00a0hour, 50\u00a0minutes ago \nDescription : Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory). \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-08T23:33:04.000000Z"}, {"uuid": "a2e39902-e074-4d54-a0a0-b28cecbe5cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/17854", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aExpanded version of the code shown at RootedCON redone in python - CVE-2025-27840\nURL\uff1ahttps://github.com/em0gi/CVE-2025-27840\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-09T16:17:15.000000Z"}, {"uuid": "ea4e5fc8-ee80-4805-b7bd-18735aa4d411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/30569", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA Work-In-Progress for CVE-2025-27840 \nURL\uff1ahttps://github.com/ladyg00se/CVE-2025-27840-WIP\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-08T14:32:36.000000Z"}, {"uuid": "074e1093-6889-4023-95e8-61dbeadf7c29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6948", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27840\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L)\n\ud83d\udd39 Description: Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).\n\ud83d\udccf Published: 2025-03-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-08T20:11:55.412Z\n\ud83d\udd17 References:\n1. https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf\n2. https://x.com/pascal_gujer/status/1898442439704158276\n3. https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/\n4. https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/\n5. https://reg.rootedcon.com/cfp/schedule/talk/5", "creation_timestamp": "2025-03-08T20:41:50.000000Z"}, {"uuid": "ac93b380-bb34-4bce-abf1-0ffab19956c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2784", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10157", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2784\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.\n\ud83d\udccf Published: 2025-04-03T01:40:12.164Z\n\ud83d\udccf Modified: 2025-04-03T01:40:12.164Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-2784\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2354669\n3. https://gitlab.gnome.org/GNOME/libsoup/-/issues/422", "creation_timestamp": "2025-04-03T02:35:06.000000Z"}, {"uuid": "976da769-c31d-4c2f-b429-6e399f3696d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/27430", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aBitcoin Cryptanalysis: CVE-2025-27840 Vulnerability in ESP32 Microcontrollers Puts Billions of IoT Devices at Risk via Wi-Fi &amp; Bluetooth\nURL\uff1ahttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-30T16:16:24.000000Z"}, {"uuid": "fdb586ec-5413-41bf-9a52-b725d0f425da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://t.me/kasperskylab_ru/6003", "content": "\u0412 \u043d\u043e\u0432\u043e\u043c #kaspersky_securityweek:\n\n\ud83d\udfe3 \u0412 Bluetooth-\u043c\u043e\u0434\u0443\u043b\u0435 ESP32 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Espressif \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0440\u044f\u0434 \u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043d\u0430\u0447\u0430\u043b\u0443 \u043f\u0440\u0438\u043d\u044f\u043b\u0438 \u0437\u0430 \u0431\u044d\u043a\u0434\u043e\u0440. \u041e\u043d\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u043d\u0430\u0431\u043e\u0440\u043e\u043c vendor-specific commands \u2014 \u0444\u0438\u0447\u0430\u043c\u0438 \u0434\u043b\u044f \u043e\u0431\u043c\u0435\u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043c\u0435\u0436\u0434\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u0438 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u043c \u043c\u043e\u0434\u0443\u043b\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043b\u044c\u0437\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u00ab\u0441\u043d\u0430\u0440\u0443\u0436\u0438\u00bb. \u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u0447\u043b\u0438 \u0438\u0445 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u043e\u0439, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0435\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c \u0432 ESP32 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-27840.\n\n\ud83d\udfe3 \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb \u0438\u0437\u0443\u0447\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u0441\u043b\u0443\u0447\u0430\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043f\u043e\u0434 \u0432\u0438\u0434\u043e\u043c \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u044e\u0442 \u0442\u0440\u043e\u044f\u043d\u0441\u043a\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043f\u043e\u0434 Windows-\u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0447\u0430\u0442-\u0431\u043e\u0442\u043e\u0432 DeepSeek \u0438 Grok, \u0430 \u043c\u0430\u0439\u043d\u0435\u0440 SilentCryptoMiner \u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0432\u043d\u0443\u0442\u0440\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a.\n\n\ud83d\udfe3 \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0438\u0440\u0430\u0442\u0441\u043a\u0438\u0445 \u0441\u0442\u0440\u0438\u043c\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432. \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0440\u0435\u043a\u043b\u0430\u043c\u0430 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0430 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 GitHub \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b, \u0433\u0434\u0435 \u0431\u044b\u043b \u0440\u0430\u0437\u043c\u0435\u0449\u0451\u043d \u0434\u0440\u043e\u043f\u043f\u0435\u0440.", "creation_timestamp": "2025-03-11T15:15:17.000000Z"}, {"uuid": "67b636de-c0af-4d3b-951a-50dd05618a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "Telegram/1C38MQWT5QmNhRX51JHqfnd4znbmXyhdniTTIbwdT21YchYT", "content": "", "creation_timestamp": "2025-03-09T10:38:05.000000Z"}, {"uuid": "91898045-a792-4485-907f-97e557a48201", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "Telegram/vX3g4mvJzAdJEXPeWK1wvxyjtcunDPCaU_dYys2zKstWHBAE", "content": "", "creation_timestamp": "2025-03-10T14:45:04.000000Z"}, {"uuid": "9dc136c8-90b9-423f-a9d0-b5ab0120d489", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "Telegram/sgIC_4Wtl3CWhknGNhHZ5eO8agzYEhcpZkUIuq1suLzZp3er", "content": "", "creation_timestamp": "2025-03-10T14:45:04.000000Z"}, {"uuid": "39e9cf7a-362b-42a3-bec9-f93570787c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2784", "type": "seen", "source": "https://t.me/cvedetector/21940", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2784 - Libsoup HTTP Response Heap Buffer Over-Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2784 \nPublished : April 3, 2025, 3:15 a.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T06:52:20.000000Z"}, {"uuid": "91f408f6-13fc-4a8c-bf03-9c109dde6196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "Telegram/GHRtgnKXds6z1Y6nUb711WN1Hi19P_ZCSEXaK-8RipxJGtrF", "content": "", "creation_timestamp": "2025-03-09T10:38:05.000000Z"}, {"uuid": "70ba5633-243d-4ca9-9ded-e7211aafec9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "Telegram/pp3zaZuHAWmnA0kR0Tja0bjF9QWDV_Ck_mWcnSJpgSdDq38", "content": "", "creation_timestamp": "2025-04-08T23:00:05.000000Z"}, {"uuid": "5bc907ee-389e-437c-ab73-c16ee73191f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://t.me/CyberBulletin/2554", "content": "\u26a1CVE-2025-27840: Espressif Chip\u2019s Backdoor Threatens Global Networks.\n\n#CyberBulletin", "creation_timestamp": "2025-03-10T14:45:35.000000Z"}, {"uuid": "a7a2fb07-6f8d-4f2a-9c04-5efdaea8ed65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/8406", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T18:38:27.000000Z"}, {"uuid": "1e33ec9e-dc1c-47be-8c37-dd4b646130df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "Telegram/cCprvSF-jIEZXIvbJarzW7KGxYqk_jredhzN22rQASiVQ4Ly", "content": "", "creation_timestamp": "2025-03-10T19:39:04.000000Z"}, {"uuid": "191f6679-50b0-44f8-962a-3c60d446afd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2784", "type": "published-proof-of-concept", "source": "Telegram/EmS9bgYgLpx5pRbXrtQctY-Iz8lbm4p2ZetMSDDYp7zCam8", "content": "", "creation_timestamp": "2025-04-03T07:31:02.000000Z"}, {"uuid": "6dcdd1c2-2def-4171-9223-92680fc90130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "Telegram/QaDCHeyCTQEDx9YMMCpkZWSmm-dNNJ2lC0YJEGLd_C3RP10", "content": "", "creation_timestamp": "2025-03-31T21:00:07.000000Z"}, {"uuid": "7a45402d-cb97-478a-a920-8508e0e6d3c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3335", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T18:38:27.000000Z"}, {"uuid": "394e0a8d-c124-4520-8ffe-fa86108b0fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "Telegram/zEk_HXoAHYbN-ujTxJ8PcQeC84E24nW8JY4fSgy7ljAdj1A9", "content": "", "creation_timestamp": "2025-03-10T14:45:03.000000Z"}, {"uuid": "534999db-ff98-4383-9340-1eef934dced6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "Telegram/eVE5YmoRFUZV8c7TTGPUWrAfKBs48EKz-_YLWjtS9xYVJuE", "content": "", "creation_timestamp": "2025-03-30T23:00:06.000000Z"}, {"uuid": "e61406db-5654-40a3-b5d8-d16f2c247751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "Telegram/ZUefEkmkQwFMO0TqAL2kJX0i2-tmG7HnAD4YlbPg5kyxc3w", "content": "", "creation_timestamp": "2025-03-08T22:00:26.000000Z"}, {"uuid": "9c8a7347-bbfc-4191-8026-4ab8d3b5d1a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "Telegram/OtbbrBGaTX9xQfsVqBCkOe-xfQg63w2IwNNujWjvUyDz4Hs", "content": "", "creation_timestamp": "2025-03-09T22:00:06.000000Z"}, {"uuid": "546cc584-25c2-4bd0-89bd-b7fa1845d7cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "seen", "source": "https://t.me/true_secator/6823", "content": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0432 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 1 \u043c\u043b\u0440\u0434. \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 IoT \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 ESP32 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f Espressif, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e WiFi \u0438 Bluetooth, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043d\u0435\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c, \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u044c \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0441\u0435\u0442\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u043e\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435.\n\n\u041a \u0442\u0430\u043a\u0438\u043c \u0432\u044b\u0432\u043e\u0434\u0430\u043c \u043f\u0440\u0438\u0448\u043b\u0438 \u0438\u0441\u043f\u0430\u043d\u0441\u043a\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Tarlogic Security,\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0441\u0432\u043e\u0435\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 RootedCON\u00a0\u0432 \u041c\u0430\u0434\u0440\u0438\u0434\u0435.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u0430\u043a\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0430\u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b, \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b, \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u0430\u043c\u043a\u0438 \u0438\u043b\u0438 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u043e\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u043e\u0431\u0445\u043e\u0434\u044f \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0430\u0443\u0434\u0438\u0442\u0430 \u043a\u043e\u0434\u0430.\n\n\u0412 \u0441\u0432\u043e\u0435\u0439 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Tarlogic \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 USB Bluetooth \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 C, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e-\u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u043c \u0438 \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u044b\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043f\u0440\u044f\u043c\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0431\u0435\u0437 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f API-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u0432, \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u043d\u044b\u0445 \u0434\u043b\u044f \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u041e\u0421.\n\n\u0412\u043e\u043e\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0441\u044c \u043d\u043e\u0432\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u0441 \u043f\u0440\u044f\u043c\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0442\u0440\u0430\u0444\u0438\u043a\u0443 Bluetooth, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u043d\u044b\u0435 \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u044b (\u043a\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 0x3F) \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 ESP32 Bluetooth, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c\u0438 Bluetooth.\n\n\u0412\u0441\u0435\u0433\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043e 29 \u043d\u0435\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u0434\u043b\u044f \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u044c\u044e (\u0447\u0442\u0435\u043d\u0438\u0435/\u0437\u0430\u043f\u0438\u0441\u044c \u041e\u0417\u0423 \u0438 \u0444\u043b\u044d\u0448-\u043f\u0430\u043c\u044f\u0442\u0438), \u043f\u043e\u0434\u043c\u0435\u043d\u044b MAC-\u0430\u0434\u0440\u0435\u0441\u0430 (\u0432\u044b\u0434\u0430\u0447\u0430 \u0441\u0435\u0431\u044f \u0437\u0430 \u0434\u0440\u0443\u0433\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e) \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0430\u043a\u0435\u0442\u043e\u0432 LMP/LLCP.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Espressif \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u044d\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0438\u0431\u043e \u0432\u043e\u0432\u0441\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c, \u043b\u0438\u0431\u043e \u043e\u0441\u0442\u0430\u043b\u0438\u0441\u044c \u043f\u043e \u043e\u0448\u0438\u0431\u043a\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-27840.\n\n\u0421\u0440\u0435\u0434\u0438 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u0442\u0438\u0445 \u043a\u043e\u043c\u0430\u043d\u0434, - \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 OEM \u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n\u0412 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0441\u0442\u0435\u043a\u0438 Bluetooth \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b HCI \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0438\u043b\u0438 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 Bluetooth.\n\n\u042d\u0442\u043e \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e, \u0435\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0436\u0435 \u0438\u043c\u0435\u0435\u0442 \u043f\u0440\u0430\u0432\u0430 root, \u0432\u043d\u0435\u0434\u0440\u0438\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0438\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0435\u0435 \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 USB \u0438\u043b\u0438 UART \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u044b\u043b \u0431\u044b \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u0438 \u0440\u0435\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u043d\u044b\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u043c \u0430\u0442\u0430\u043a\u0438.\n\n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0447\u0438\u043f\u043e\u043c ESP32 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0447\u0438\u043f\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u0438 \u0444\u043b\u044d\u0448-\u043f\u0430\u043c\u044f\u0442\u044c.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0447\u0438\u043f\u0435, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 ESP32 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u0441\u043b\u043e\u0436\u043d\u044b\u0435 Bluetooth-\u0430\u0442\u0430\u043a\u0438.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u0440\u0435\u0430\u043a\u0446\u0438\u0438 Espressif, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0441\u0447\u0438\u0442\u0430\u044e\u0442, \u0447\u0442\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u043d\u0435\u043a\u043e\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430,\u00a0\u0430 \u043d\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u0430.", "creation_timestamp": "2025-03-10T13:30:05.000000Z"}, {"uuid": "123c3438-b787-4a44-8503-1847c5c71eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11988", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T12:29:08.000000Z"}, {"uuid": "3573e282-4e5c-4f39-9ea8-90f567b70b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27840", "type": "exploited", "source": "https://t.me/SecLabNews/16286", "content": "\ud83d\udd75\u200d\u2642\ufe0f \u0411\u044d\u043a\u0434\u043e\u0440 \u0432 \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432: \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 ESP32 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 IoT\n\n\ud83e\udda0  \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Tarlogic Security \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 29 \u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043c\u0438\u043a\u0440\u043e\u0447\u0438\u043f\u0435 ESP32 \u043e\u0442 Espressif. \u042d\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0447\u0438\u043f \u043a\u0430\u043a \u0442\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0441\u0435\u0442\u0438.\n\n\ud83d\udce1 \u041c\u0438\u043a\u0440\u043e\u0447\u0438\u043f ESP32 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u0432 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u043c\u043d\u044b\u0435 \u0437\u0430\u043c\u043a\u0438 \u0438 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u043e\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-27840, \u043e\u0434\u043d\u0430\u043a\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Espressif \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n\ud83d\udca5\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 USB-Bluetooth \u043d\u0430 \u044f\u0437\u044b\u043a\u0435 C \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0440\u0430\u0431\u043e\u0442\u044b ESP32 \u043d\u0430 \u043d\u0438\u0437\u043a\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u0435. \u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u0442\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 Bluetooth ESP32 (Opcode 0x3F), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c\u0438 Bluetooth.\n\n#IoT #\u041a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u044b #ESP32\n\n@SecLabNews", "creation_timestamp": "2025-03-11T11:12:23.000000Z"}]}