{"uuid": "9d3a1cc4-f5b3-40b0-87a2-2c49fc595be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49115", "type": "seen", "source": "https://t.me/ViralCyber/9043", "content": "\ud83d\udd34\u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a 71 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u0631\u0627 \u0647\u0645\u0631\u0627\u0647 \u0628\u0627 \u06cc\u06a9 Zeroday \u062c\u062f\u06cc\u062f Patch \u06a9\u0631\u062f.\n\u25c0\ufe0f\u062e\u0644\u0627\u0635\u0647 Patch\u0647\u0627:\n\ud83d\udd3416 Critical Vulnerabilities: All involve remote code execution.\n\n\ud83d\udd34Vulnerability Categories:\n\u27a1\ufe0f27 Elevation of Privilege\n\u27a1\ufe0f30 Remote Code Execution (RCE)\n\u27a1\ufe0f7 Information Disclosure\n\u27a1\ufe0f5 Denial of Service\n\u27a1\ufe0f1 Spoofing\n\n\ud83d\udd34\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc Zeroday:\n\u27a1\ufe0fCVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability. This zero-day vulnerability enables attackers to gain SYSTEM privileges on Windows devices.\n\n\ud83d\udfe0\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u062f\u0631 Windows Remote Desktop Services\n\u25c0\ufe0f\u062f\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u06a9\u0634\u0641 \u0634\u062f\u0647\u060c \u062a\u0648\u062c\u0647 \u0628\u0647 \u062f\u0648 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc  \u062f\u0631 \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627\u06cc Remote Desktop (RDP) \u0636\u0631\u0648\u0631\u06cc \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u0647\u0627\u06cc CVE-2024-49115 \u0648 CVE-2024-49132 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u0648 \u062f\u0631 \u062f\u0633\u062a\u0647\u200c\u0628\u0646\u062f\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u0646\u062f.\n\u25c0\ufe0f\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-49115: \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE) \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647\u06cc \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\u25c0\ufe0f\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-49132 : \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0631\u062a\u0642\u0627\u0621 \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc (EoP) \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0631 \u0633\u0637\u062d Admin \u0631\u0627 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u067e\u0633 \u0627\u0632 \u0646\u0641\u0648\u0630 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\ud83d\udd34\u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a Patch \u06a9\u0646\u06cc\u062f...\n\n\u2709\ufe0f @PingChannel\n\u062e\u0628\u0631\u060c \u062a\u062d\u0644\u06cc\u0644\u060c \u0627\u0646\u062a\u0642\u0627\u062f - \u0641\u0646\u0627\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a\n\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\u00a0 \ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b", "creation_timestamp": "2024-12-12T08:16:06.000000Z"}