{"vulnerability": "CVE-2025-4632", "sightings": [{"uuid": "9a6981e9-1ac8-4da0-b8e0-6fad0550806e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpwcspxg2k2l", "content": "", "creation_timestamp": "2025-05-24T14:04:31.345801Z"}, {"uuid": "92a4dc6a-06af-427c-8bf3-6618682aa5b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpwcy6ehsk2l", "content": "", "creation_timestamp": "2025-05-24T14:07:32.463384Z"}, {"uuid": "55e9c2c1-7a40-4bb6-8480-c25ba1120c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46327", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnvx5ugpdl2d", "content": "", "creation_timestamp": "2025-04-28T23:45:34.549373Z"}, {"uuid": "bfc495cc-f56a-4aca-ac51-7c134abdf611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114517512490374930", "content": "", "creation_timestamp": "2025-05-16T12:29:27.495750Z"}, {"uuid": "e19df3be-1548-4092-ad81-eb6737666a20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lpbzrnyqfk25", "content": "", "creation_timestamp": "2025-05-16T12:29:35.762417Z"}, {"uuid": "ab2d8340-c016-4134-a0d0-dfe537104e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lprmjzxrss2n", "content": "", "creation_timestamp": "2025-05-22T17:15:15.641577Z"}, {"uuid": "b6c6557d-e467-4fd0-ae3c-3e504c867ba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4064350", "content": "", "creation_timestamp": "2025-05-22T18:26:12.282528Z"}, {"uuid": "3635cec7-d6ec-4980-bd78-c7c9b86215c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/dasgeldco.bsky.social/post/3lsalzfkqoz2l", "content": "", "creation_timestamp": "2025-06-23T03:06:17.403896Z"}, {"uuid": "9e1be2f8-3f31-4d58-a971-d676412fc519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lprsr3o6fc2f", "content": "", "creation_timestamp": "2025-05-22T19:06:35.185115Z"}, {"uuid": "9605a337-4311-4957-8056-e9c677d0faa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46326", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnvx5ukaaw2l", "content": "", "creation_timestamp": "2025-04-28T23:45:35.077150Z"}, {"uuid": "fdf6019b-d68a-4638-a6dd-a9b599060989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46328", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnvx5vjscz2s", "content": "", "creation_timestamp": "2025-04-28T23:45:39.867355Z"}, {"uuid": "ea4e415a-66a1-4d9f-8811-728567ad23cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lpubmc54732w", "content": "", "creation_timestamp": "2025-05-23T18:37:39.108755Z"}, {"uuid": "5de9a596-1520-4238-a415-d7ce6b4f2346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lpsetlwmjv2y", "content": "", "creation_timestamp": "2025-05-23T00:30:06.276828Z"}, {"uuid": "c4b155b0-727f-4f97-8f51-027335a0a9d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lps3xo6ksc2d", "content": "", "creation_timestamp": "2025-05-22T21:51:20.791596Z"}, {"uuid": "fe879566-99ac-48c7-bb81-45934126149c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3lq2q5bmsr32d", "content": "", "creation_timestamp": "2025-05-26T08:13:40.829405Z"}, {"uuid": "6ea357a0-6c55-4e7c-aa67-2954a0f5839d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lptuzh7r3c2u", "content": "", "creation_timestamp": "2025-05-23T14:52:26.430223Z"}, {"uuid": "5e425b0e-9904-419b-811a-388822218657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpujoxojec2u", "content": "", "creation_timestamp": "2025-05-23T21:02:30.293007Z"}, {"uuid": "e09c4427-35d0-46dd-847f-315592b4b1e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lozvazwfdb2e", "content": "", "creation_timestamp": "2025-05-13T06:47:26.899568Z"}, {"uuid": "0cf3dea0-780b-4b38-984c-6fb51d9cc6b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/thezero.org/post/3lp2j5kmfyk2c", "content": "", "creation_timestamp": "2025-05-13T12:43:21.837071Z"}, {"uuid": "ad24056b-46bc-4d88-ab10-fd870f721ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp5mgttbhb42", "content": "", "creation_timestamp": "2025-05-14T18:22:50.646315Z"}, {"uuid": "9121265e-933e-477c-bc1a-a6829a91c382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lp4kj4pqqs24", "content": "", "creation_timestamp": "2025-05-14T08:13:04.428384Z"}, {"uuid": "71930287-d6a9-4c97-8ee9-311fbe8e9c4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lp5og5lkq3z2", "content": "", "creation_timestamp": "2025-05-14T18:58:58.835970Z"}, {"uuid": "8abf14a6-73f2-4c3d-8fbb-2c86d582f4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/techit.bsky.social/post/3lp5oo333432k", "content": "", "creation_timestamp": "2025-05-14T19:00:06.343308Z"}, {"uuid": "db8f0b2b-c224-44ae-9ca5-7be76fd3c6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://thehackernews.com/2025/05/samsung-patches-cve-2025-4632-used-to.html", "content": "", "creation_timestamp": "2025-05-14T15:57:00.000000Z"}, {"uuid": "931ff940-4769-4d77-9d82-e94de27eec94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lp5uudyycgr2", "content": "", "creation_timestamp": "2025-05-14T20:54:02.147342Z"}, {"uuid": "8de5ebc9-309f-49cb-b683-75153260c329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lp5mncfasd2n", "content": "", "creation_timestamp": "2025-05-14T18:23:50.163495Z"}, {"uuid": "b3a7878a-29a6-42fb-8201-233a1815f073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lp5mwt6dnf26", "content": "", "creation_timestamp": "2025-05-14T18:29:10.380862Z"}, {"uuid": "587663d6-f77c-4667-9cfb-e970231f08f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lp5n5oghh52v", "content": "", "creation_timestamp": "2025-05-14T18:33:00.599173Z"}, {"uuid": "a70a356d-03b7-44f6-98a3-57053aeaee09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lp5nksh33m42", "content": "", "creation_timestamp": "2025-05-14T18:41:35.985873Z"}, {"uuid": "49311b8d-1823-4095-94e1-74b1fe3e9542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lp5nl2wimhz2", "content": "", "creation_timestamp": "2025-05-14T18:41:37.805840Z"}, {"uuid": "b1c848cd-3c67-4aa1-bd4e-d9f1145ae6f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lp7r6xmfmb27", "content": "", "creation_timestamp": "2025-05-15T14:50:38.172762Z"}, {"uuid": "9503bc6b-9c02-4544-9c56-9c4ba10e15eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3lp6clybmhh2d", "content": "", "creation_timestamp": "2025-05-15T00:56:49.102534Z"}, {"uuid": "58a6da55-9a8e-4eed-8a4c-c2645b3d570a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lpa6mjxqas2c", "content": "", "creation_timestamp": "2025-05-15T18:50:52.248183Z"}, {"uuid": "ae8d412d-df5e-4354-b770-9d0921f6c3f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-4632", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lp72wvkgvc2k", "content": "", "creation_timestamp": "2025-05-15T08:12:24.831319Z"}, {"uuid": "fe62d3ca-9a93-48da-89fc-dcd68b62e50b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3lp7a3dc6dc2j", "content": "", "creation_timestamp": "2025-05-15T09:44:25.942645Z"}, {"uuid": "c2b81a27-16fb-49c2-9dfd-40f47e0b1113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpafxu3rvj2c", "content": "", "creation_timestamp": "2025-05-15T21:02:32.933881Z"}, {"uuid": "3325a456-09c4-4ada-98dc-226a827f6e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://www.darkreading.com/endpoint-security/attackers-target-samsung-magicinfo-server-bug", "content": "", "creation_timestamp": "2025-05-15T17:10:38.000000Z"}, {"uuid": "0e1acaef-2f03-472f-8f13-a778aea82139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "28d6bb91-0c9b-4acd-900c-eebb94e35d70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:18.000000Z"}, {"uuid": "d9b5af56-6007-43ae-8edf-ea570a4ad084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lx3ulrn2f726", "content": "", "creation_timestamp": "2025-08-23T21:02:31.148315Z"}, {"uuid": "ab249fe9-cbc4-4853-9421-b4764a56810d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-4632.yaml", "content": "", "creation_timestamp": "2025-08-22T20:40:04.000000Z"}, {"uuid": "47a9e0e2-3b26-408a-b911-460686846de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46320", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mfn4o5meaj2z", "content": "", "creation_timestamp": "2026-02-24T21:34:50.268788Z"}, {"uuid": "42880e69-f59b-43df-8547-89fbd34b70fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46326", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13752", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46326\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1.\n\ud83d\udccf Published: 2025-04-28T22:33:01.627Z\n\ud83d\udccf Modified: 2025-04-28T22:33:01.627Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/snowflake-connector-net/security/advisories/GHSA-c82r-c9f7-f5mj\n2. https://github.com/snowflakedb/snowflake-connector-net/commit/393aad3cfa81045a05dd488944db45256e861bff\n3. https://github.com/snowflakedb/snowflake-connector-net/releases/tag/v4.4.1", "creation_timestamp": "2025-04-28T23:10:56.000000Z"}, {"uuid": "fd037114-03ac-47e6-b408-b55e9894f9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/19c7bf81-024f-40ee-8fb8-6d02010e2383", "content": "", "creation_timestamp": "2026-02-02T12:26:00.337293Z"}, {"uuid": "4b755e0b-fff2-4fe4-8532-899a83cdeaaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/ctinow/235334", "content": "Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit\nhttps://ift.tt/cgDwhsi", "creation_timestamp": "2025-05-14T18:09:36.000000Z"}, {"uuid": "360bd867-af67-4e95-abfa-4d390eb3dc1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46329", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13786", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46329\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. This issue has been patched in version 2.2.0.\n\ud83d\udccf Published: 2025-04-29T04:35:49.431Z\n\ud83d\udccf Modified: 2025-04-29T04:35:49.431Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/libsnowflakeclient/security/advisories/GHSA-jx4f-645p-wjpx\n2. https://github.com/snowflakedb/libsnowflakeclient/commit/3caa8a6a3ee95e0a66ead03b4bf6a2d1ca42ebfe", "creation_timestamp": "2025-04-29T05:11:27.000000Z"}, {"uuid": "16dd79bd-fa22-48bc-b085-da191d305b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46327", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13751", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46327\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 1.13.3.\n\ud83d\udccf Published: 2025-04-28T22:33:05.249Z\n\ud83d\udccf Modified: 2025-04-28T22:33:05.249Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/gosnowflake/security/advisories/GHSA-6jgm-j7h2-2fqg\n2. https://github.com/snowflakedb/gosnowflake/commit/ba94a4800e23621eff558ef18ce4b96ec5489ff0", "creation_timestamp": "2025-04-28T23:10:55.000000Z"}, {"uuid": "376fd71c-ce29-4067-af27-f9cf9f7cc3ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46328", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46328\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 2.0.4.\n\ud83d\udccf Published: 2025-04-28T22:33:09.632Z\n\ud83d\udccf Modified: 2025-04-28T22:33:09.632Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/snowflake-connector-nodejs/security/advisories/GHSA-wmjq-jrm2-9wfr\n2. https://github.com/snowflakedb/snowflake-connector-nodejs/commit/e94c24112271e1f44c271634bf29a3188acc68d0", "creation_timestamp": "2025-04-28T23:10:54.000000Z"}, {"uuid": "0f04aae4-5d7c-43b4-8bf3-397a86b23b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://t.me/cvedetector/25168", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4632 - Samsung MagicINFO 9 Server Path Traversal Write Arbitrary File Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4632 \nPublished : May 13, 2025, 6:15 a.m. | 37\u00a0minutes ago \nDescription : Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T09:41:16.000000Z"}, {"uuid": "3bc8a5a7-dca6-4aab-b5d3-933736715325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://www.acn.gov.it/portale/w/samsung-rilevato-sfruttamento-in-rete-della-cve-2025-4632-relativa-a-magicinfo", "content": "", "creation_timestamp": "2025-05-16T05:16:07.000000Z"}, {"uuid": "09b6a14e-74fc-4b6a-b663-f0116979489d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16080", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4632\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.\n\ud83d\udccf Published: 2025-05-13T05:19:19.254Z\n\ud83d\udccf Modified: 2025-05-13T05:19:19.254Z\n\ud83d\udd17 References:\n1. https://security.samsungtv.com/securityUpdates#SVP-MAY-2025", "creation_timestamp": "2025-05-13T06:30:12.000000Z"}, {"uuid": "2c06a643-156d-410f-85b5-955a618a0971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/2274", "content": "Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \u2013 thehackernews.com\n\nThu, 15 May 2025 01:57:00", "creation_timestamp": "2025-05-14T20:03:33.000000Z"}, {"uuid": "93205096-6250-43d2-aae3-38abbb292cc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "Telegram/x1eex3kndcEqy6z661kya4yDXTj4TvSSihGKNCSEdQmepQ", "content": "", "creation_timestamp": "2025-05-14T20:01:26.000000Z"}, {"uuid": "4f5e57c4-684e-418b-a0d8-20a91882b48b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "seen", "source": "https://t.me/DarkWebInformer_News/4508", "content": "\ud83d\udea8 News Alert!\n\nSource: The Hacker News\nTitle: Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit\nLink: https://thehackernews.com/2025/05/samsung-patches-cve-2025-4632-used-to.html", "creation_timestamp": "2025-05-14T18:03:16.000000Z"}, {"uuid": "49a4fd7b-e89e-4d7e-99fb-8104b1cbecd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46326", "type": "seen", "source": "https://t.me/cvedetector/23955", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46326 - Snowflake-Connector-Net TOCTOU Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46326 \nPublished : April 28, 2025, 11:15 p.m. | 40\u00a0minutes ago \nDescription : snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T02:36:57.000000Z"}, {"uuid": "1a3463ba-3a2f-4ab3-8d35-ee25691cb57d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46328", "type": "seen", "source": "https://t.me/cvedetector/23957", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46328 - Snowflake-Connector-Nodejs TOCTOU Race Condition Local File Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46328 \nPublished : April 28, 2025, 11:15 p.m. | 40\u00a0minutes ago \nDescription : snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 2.0.4. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T02:36:58.000000Z"}, {"uuid": "9825c850-72b8-4a17-adf9-5a5582fe1dfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46327", "type": "seen", "source": "https://t.me/cvedetector/23956", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46327 - Snowflake Golang Driver Local File Configuration TOCTOU\", \n  \"Content\": \"CVE ID : CVE-2025-46327 \nPublished : April 28, 2025, 11:15 p.m. | 40\u00a0minutes ago \nDescription : gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 1.13.3. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T02:36:57.000000Z"}, {"uuid": "f0cda18d-b9e5-4143-8b9a-f25ef7cea3af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/cibsecurity/84762", "content": "\ud83d\udd8b\ufe0f Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \ud83d\udd8b\ufe0f\n\nSamsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. \"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-05-14T21:50:49.000000Z"}, {"uuid": "5dfd5fe4-d99f-48fb-a9c8-cb8a3c8b5d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46329", "type": "seen", "source": "https://t.me/cvedetector/23981", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46329 - Snowflake libsnowflakeclient Sensitive Information Logging\", \n  \"Content\": \"CVE ID : CVE-2025-46329 \nPublished : April 29, 2025, 5:15 a.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. This issue has been patched in version 2.2.0. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T08:28:15.000000Z"}, {"uuid": "37fae475-ea77-40f5-b47b-2d7c450b2dde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/cibsecurity/84761", "content": "\ud83d\udd8b\ufe0f Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \ud83d\udd8b\ufe0f\n\nSamsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. \"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-05-14T21:50:49.000000Z"}, {"uuid": "49e0288b-278d-4c12-9e8d-c748f49121e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/cibsecurity/84760", "content": "\ud83d\udd8b\ufe0f Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \ud83d\udd8b\ufe0f\n\nSamsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. \"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-05-14T21:05:52.000000Z"}, {"uuid": "e67038d4-c83d-425c-a959-44fc0d1c41b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/MalaysiaHacktivistz/4144", "content": "Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \u2013 thehackernews.com\n\nThu, 15 May 2025 01:57:00", "creation_timestamp": "2025-05-14T22:03:33.000000Z"}, {"uuid": "02522b7b-d69d-45b1-b82d-1a58c639914e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/MalaysiaHacktivistz/12950", "content": "Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \u2013 thehackernews.com\n\nThu, 15 May 2025 01:57:00", "creation_timestamp": "2025-05-14T22:03:33.000000Z"}, {"uuid": "48b1034d-d838-48c8-9790-ea198445e494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/30984", "content": "Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit \u2013 thehackernews.com\n\nThu, 15 May 2025 01:57:00", "creation_timestamp": "2025-05-14T22:03:33.000000Z"}, {"uuid": "9b7f4cd4-2a99-4b95-8380-938ca11075fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/thehackernews/6838", "content": "\ud83d\uded1 Actively Exploited Samsung Flaw Hits Critical Alert!\n\nPoC dropped. Exploits followed fast.\n\nA 9.8 CVSS bug in Samsung\u2019s MagicINFO 9 Server (CVE-2025-4632) is being used in the wild\u2014even to deploy Mirai malware.\n\nRead \u2192 https://thehackernews.com/2025/05/samsung-patches-cve-2025-4632-used-to.html", "creation_timestamp": "2025-05-14T20:04:53.000000Z"}, {"uuid": "6c553f47-ebc3-413e-8f0f-0dc14f3f0387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/CyberBulletin/3266", "content": "\u26a1\ufe0fSamsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit.\n\n#CyberBulletin", "creation_timestamp": "2025-05-15T05:09:07.000000Z"}, {"uuid": "f1591dd9-3f64-42ab-9585-adf1c87721fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4632", "type": "exploited", "source": "https://t.me/true_secator/7034", "content": "Samsung \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 MagicINFO 9 Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-4632 (CVSS: 9,8) \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043f\u0443\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 21.1052 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e CVE-2025-4632 - \u044d\u0442\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f CVE-2024-7399, \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 \u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 Samsung \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 30 \u0430\u043f\u0440\u0435\u043b\u044f 2025 \u0433\u043e\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 SSD Disclosure \u043f\u0440\u043e\u0442\u043e\u0442\u0438\u043f\u0430 PoC CVE-2025-4632 \u0441\u0442\u0430\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f\u00a0\u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0434\u0430\u0436\u0435 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-7399.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 Huntress \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u043f\u0435\u0440\u0432\u043e\u043f\u0440\u0438\u0447\u0438\u043d\u0443 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445 MagicINFO 9 Server, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 21.1050.\n\n\u0412 \u0441\u0432\u043e\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u0442 9 \u043c\u0430\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Huntress \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u043b\u0438\u00a0\u043e \u0442\u0440\u0435\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE-2025-4632.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043d\u0435\u043e\u043f\u043e\u0437\u043d\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0447\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u043a\u043e\u043c\u0430\u043d\u0434 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a srvany.exe \u0438 services.exe \u043d\u0430 \u0434\u0432\u0443\u0445 \u0445\u043e\u0441\u0442\u0430\u0445 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443 \u043d\u0430 \u0442\u0440\u0435\u0442\u044c\u0435\u043c.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Samsung MagicINFO 9 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0434\u0430\u0431\u044b \u043d\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c \u043f\u043e\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u043f\u0438\u0441\u043e\u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0436\u0435\u0440\u0442\u0432.", "creation_timestamp": "2025-05-15T14:43:02.000000Z"}]}