{"vulnerability": "CVE-2021-3448", "sightings": [{"uuid": "55f12785-20df-485f-8de2-1002076ccb09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "https://t.me/arpsyndicate/1087", "content": "#ExploitObserverAlert\n\nCVE-2021-34484\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-34484. Windows User Profile Service Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.001960000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T02:03:24.000000Z"}, {"uuid": "ccc007a6-2fdc-4d16-92a3-84101f4933d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/363", "content": "#poc #CVE-2021-34484\nWindows user profile service elevation of privilege vulnerability\n_ The problem affects all versions of the operating system, including Windows 10, Windows 11 and Windows Server 2022\n\nhttps://github.com/klinix5/ProfSvcLPE", "creation_timestamp": "2021-10-29T22:19:37.000000Z"}, {"uuid": "c6cb4f63-4a44-4241-9ccd-bd42ee95a54a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "exploited", "source": "https://t.me/true_secator/2270", "content": "\u041f\u043b\u043e\u0445\u0430\u044f \u043d\u043e\u0432\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u041e\u0421 Windows: \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Windows 10, Windows 11 \u0438 Windows Server 2022, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043d\u043e\u0432\u043e\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 LPE.\n \n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e SYSTEM \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n \n\u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043b\u0443\u0436\u0431\u044b \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0410\u0431\u0434\u0435\u043b\u044c\u0445\u0430\u043c\u0438\u0434\u043e\u043c \u041d\u0430\u0441\u0435\u0440\u0438.\n \n\u041d\u043e \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u0443\u0447\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043e\u043d \u0441\u043c\u043e\u0433 \u043e\u0431\u043e\u0439\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u043e\u0432\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043d \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043d\u0430 GitHub. \u041e\u043d \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u043a \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 SYSTEM, \u043f\u043e\u043a\u0430 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u043f\u0440\u043e\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0437\u0430\u043f\u0438\u0441\u044f\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 (UAC).\n \nZDI \u0438 Microsoft \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0438\u043b\u0438\u0441\u044c \u043b\u0438\u0448\u044c \u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0435, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0435\u0439 \u043f\u0440\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430. \u0412 \u0434\u0440\u0443\u0433\u0438\u0435 \u0430\u0441\u043f\u0435\u043a\u0442\u044b \u0438 \u043f\u0440\u0438\u0447\u0438\u043d\u044b Microsoft \u043d\u0435 \u0441\u0442\u0430\u043b\u0438 \u0443\u0433\u043b\u0443\u0431\u043b\u044f\u0442\u044c\u0441\u044f. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441\u043c\u043e\u0433 \u043f\u0435\u0440\u0435\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0438 \u0432\u043d\u043e\u0432\u044c \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n \n\u0425\u043e\u0440\u043e\u0448\u0430\u044f \u043d\u043e\u0432\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2021-34484 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0437\u043d\u0430\u043d\u0438\u044f \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043f\u0430\u0440\u043e\u043b\u044f \u043b\u044e\u0431\u043e\u0433\u043e \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0430\u043b\u043e\u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u043e\u0439 \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n \nCVE-2021-34484, \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u043d\u0435, \u043a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0430, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 PrintNightmare, \u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0432\u0441\u0435 \u0435\u0449\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430. \u0418 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0437\u043d\u0438\u043a\u043d\u0443\u0442\u044c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0435\u0439 \u043c\u043e\u0436\u043d\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0442\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n \n\u0412\u043f\u0440\u043e\u0447\u0435\u043c, Microsoft \u043a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430 - \u0432 \u0441\u0432\u043e\u0435\u043c \u0440\u0435\u043f\u0435\u0440\u0442\u0443\u0430\u0440\u0435.", "creation_timestamp": "2021-10-29T18:59:00.000000Z"}, {"uuid": "a51b7051-8a1b-4be9-8a8e-c815e3532dd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2760", "content": "\u200b\u200bMicrosoft \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u0443\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u0447\u0430\u0441\u0442\u043d\u044b\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u0432 \u0432\u043e\u043f\u0440\u043e\u0441\u0430\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0430\u0434 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 IT-\u0433\u0438\u0433\u0430\u043d\u0442 \u0442\u0449\u0435\u0442\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043c\u0435\u0441\u044f\u0446\u0430\u043c\u0438, \u0434\u0430\u0436\u0435 \u0441 \u0443\u0447\u0435\u0442\u043e\u043c \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0432 \u043f\u0430\u0431\u043b\u0438\u043a\u0435 \u043f\u043e\u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043f\u043e\u0434 \u043d\u0438\u0445. \n\n0-day CVE-2021-34484 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS v3 7,8 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows 10, Windows 11 \u0438 Windows Server, \u043d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u043e\u0431\u0440\u0435\u043b\u0430 \u0441\u0432\u043e\u0439 \u043f\u0430\u0442\u0447. \u042d\u0442\u0430 \u0442\u0430 \u0441\u0430\u043c\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0410\u0431\u0434\u0435\u043b\u044c\u0445\u0430\u043c\u0438\u0434 \u041d\u0430\u0441\u0435\u0440\u0438 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b PoC, \u043e\u0431\u0445\u043e\u0434\u0438\u0432\u0448\u0438\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Microsoft.\n\n\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u044d\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043d\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043b\u043e - \u043e\u043d\u0438 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e\u043c\u0435\u0442\u0438\u043b\u0438 \u0431\u0430\u0433\u0443 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439, \u0438 \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u044d\u0442\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437. \n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430 \u043f\u043e\u043c\u043e\u0449\u044c \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u043c \u043f\u0440\u0438\u0448\u043b\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 0patch, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows. \u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u0432\u0442\u043e\u0440\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 PatchTuesday \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0432 \u043e\u0431\u0445\u043e\u0434\u0443 \u043d\u043e\u0432\u044b\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-21919 \u0438\u00a0\u043f\u043e\u043c\u0435\u0442\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439. \n\n\u041d\u043e \u041d\u0430\u0441\u0435\u0440\u0438 \u0432\u043d\u043e\u0432\u044c \u043d\u0430\u0448\u0435\u043b \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0434\u043e\u0431\u0430\u0432\u0438\u0432, \u0447\u0442\u043e \u044d\u0442\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u0431\u044b\u043b\u0430 \u00ab\u0445\u0443\u0436\u0435 \u043f\u0435\u0440\u0432\u043e\u0439\u00bb. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u043b\u0435 \u0442\u0435\u0441\u0442\u043e\u0432 \u0435\u0449\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f profext.dll \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 0patch \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u043d \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0442 \u043d\u043e\u0432\u043e\u0433\u043e \u043c\u0435\u0442\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u044d\u0442\u0438\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438. \u041e\u0434\u043d\u0430\u043a\u043e \u043c\u0435\u0434\u0432\u0435\u0436\u044c\u044f \u0443\u0441\u043b\u0443\u0433\u0430 \u0432 \u0432\u0438\u0434\u0435 \u043d\u043e\u0432\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 Microsoft \u043f\u0440\u0438\u0432\u0435\u043b\u0430 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044e \u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e 0patch\u00a0\u0432\u043d\u043e\u0432\u044c \u0432\u044b\u0440\u0443\u0447\u0438\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0443\u0436\u0435 \u043d\u043e\u0432\u044b\u0439 \u043c\u0438\u043a\u0440\u043e\u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows. \u0421\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e Windows 10 1803, Windows 10 1809 \u0438 Windows 10 2004 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043f\u0430\u0442\u0447\u0435\u043c 0patch, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u044d\u0442\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0437\u0430\u043a\u043e\u043d\u0447\u0438\u043b\u0430\u0441\u044c \u0438 \u043e\u043d\u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Microsoft, \u0437\u0430\u043c\u0435\u043d\u044f\u044e\u0449\u0435\u0433\u043e DLL.\n\n\u0421\u0430\u043c\u0438 Microsoft \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0434\u0430\u0436\u0435 \u043d\u0435 \u0432 \u043a\u0443\u0440\u0441\u0435 \u0432\u0441\u0435\u0445 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0438 \u0432\u043e\u043e\u0431\u0449\u0435 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c LPE, \u043d\u043e \u043e\u0431\u0435\u0449\u0430\u043b\u0438 \u0437\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c \u0432\u043e\u043f\u0440\u043e\u0441\u043e\u043c, \u0447\u0442\u043e \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442, \u043f\u043e\u0436\u0430\u043b\u0443\u0439, \u0442\u043e\u043b\u044c\u043a\u043e \u0431\u043e\u043b\u044c.\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u044d\u0442\u043e \u0432\u0441\u0435, \u0447\u0442\u043e \u0432\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u0437\u043d\u0430\u0442\u044c \u043e Microsoft.", "creation_timestamp": "2022-03-22T18:20:00.000000Z"}, {"uuid": "a3e34165-7cb4-4eaf-9356-909895b26d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "exploited", "source": "https://t.me/NeKaspersky/1395", "content": "\u041f\u043e \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0438 \u0432 \u0425\u044d\u043b\u043b\u043e\u0443\u0438\u043d \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u044f\u0442 \u0441\u0442\u0440\u0430\u0448\u043d\u044b\u0435 \u0432\u0435\u0449\u0438. \u041d\u043e \u043e\u0442 Microsoft \u0442\u0430\u043a\u043e\u0433\u043e \u0441\u044e\u0440\u043f\u0440\u0438\u0437\u0430 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0436\u0434\u0430\u043b.(\u0421\u043c\u0435\u0445 \u043d\u0430\u0448\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0430 \u043f\u043e \u0418\u0411 \u0437\u0430 \u043a\u0430\u0434\u0440\u043e\u043c)\n\n\u0412\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Windows 10, 11 \u0438 Server 2022 \u0432 \u0437\u043e\u043d\u0435 \u0440\u0438\u0441\u043a\u0430 \u0438\u0437-\u0437\u0430 \u043d\u043e\u0432\u043e\u0439 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 LPE. \n\nPoC \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0443\u0436\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e System.\n\n\u041a \u0441\u043b\u043e\u0432\u0443, \u0434\u043b\u044f Windows \u0443\u0436\u0435 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0410\u0431\u0434\u0435\u043b\u044c\u0445\u0430\u043c\u0438\u0434 \u041d\u0430\u0441\u0435\u0440\u0438. \u0412 \u043e\u0431\u0449\u0435\u043c, \u041d\u0430\u0441\u0435\u0440\u0438 \u043c\u043e\u043b\u043e\u0434\u0435\u0446, \u043d\u043e \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0441\u0432\u043e\u0435\u0439 \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043e\u043d \u0441\u043d\u043e\u0432\u0430 \u043d\u0430\u0441\u0435\u0440\u0438\u043b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Microsoft. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u043e\u0432\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 ZDI \u0438 Microsoft \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d\u0438 \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0438\u043b\u0438\u0441\u044c \u043b\u0438\u0448\u044c \u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0435, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0435\u0439 \u043f\u0440\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430. \u0414\u0440\u0443\u0433\u0438\u0435 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043e\u0448\u043b\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u043e\u0439, \u043d\u0435 \u0441\u0442\u0430\u0432 \u0443\u0433\u043b\u0443\u0431\u043b\u044f\u0442\u044c\u0441\u044f. \n\n\u041d\u043e \u043e\u0434\u0438\u043d \u043d\u044e\u0430\u043d\u0441 \u0442\u0443\u0442 \u0440\u0430\u0434\u0443\u0435\u0442: \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-34484 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0437\u043d\u0430\u0442\u044c \u0438\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u041d\u0435 \u0432\u0441\u044f\u043a\u043e\u043c\u0443 \u0437\u0430\u0445\u043e\u0447\u0435\u0442\u0441\u044f \u043d\u0430\u043f\u0440\u044f\u0433\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e. \n\nMicrosoft \u0441\u043a\u043e\u0440\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f, \u043a\u0430\u043a Facebook \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u0445\u043e\u0442\u044c \u043a\u0430\u043a-\u0442\u043e \u0441\u0442\u0435\u0440\u0435\u0442\u044c \u0441\u043b\u0435\u0434 \u0441\u0432\u043e\u0435\u0439 \u0438\u0441\u043f\u043e\u0440\u0447\u0435\u043d\u043d\u043e\u0439 \u0440\u0435\u043f\u0443\u0442\u0430\u0446\u0438\u0438. PrintNigtmare \u2014 \u044d\u0442\u043e \u0431\u0440\u0435\u043d\u0434, \u0430 CVE-2021-34484 \u2014 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0435\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0431\u0443\u0434\u0443\u0442 \u043d\u0435 \u0442\u0430\u043a\u0438\u043c\u0438 \u043b\u0435\u043d\u0438\u0432\u044b\u043c\u0438, \u043a\u0430\u043a \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.", "creation_timestamp": "2021-10-30T14:34:03.000000Z"}, {"uuid": "7312a556-37ca-4bf4-8112-4864e99465af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "exploited", "source": "https://t.me/pwnwiki_zhchannel/832", "content": "CVE-2021-34481 Windows Print Spooler \u672c\u5730\u6b0a\u9650\u63d0\u5347\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-34481_Windows_Print_Spooler_%E6%9C%AC%E5%9C%B0%E6%AC%8A%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T04:41:58.000000Z"}, {"uuid": "ee63b349-8202-46b7-a865-1d841b1b59a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "https://t.me/thehackernews/1371", "content": "Microsoft warns of a new unpatched vulnerability (CVE-2021-34481) affecting the Windows Print Spooler service.\n\nRead: https://thehackernews.com/2021/07/microsoft-warns-of-new-unpatched.html\n\nAn attacker who successfully exploited it could execute arbitrary code with SYSTEM privileges.", "creation_timestamp": "2021-07-16T06:44:30.000000Z"}, {"uuid": "ea102094-561a-46f8-93f2-40dc7cd23988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1124", "content": "1. CVE-2021-34486:\nWindows 20H2 x64 Etw LPE\nhttps://github.com/KaLendsi/CVE-2021-34486\n\n2. CVE-2021-26085 / CVE-2021-26086:\nAtlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability / Atlassian Jira Server/DataCenter 8.4.0 - Arbitrary File read\nhttps://github.com/ColdFusionX/CVE-2021-26085\nhttps://github.com/ColdFusionX/CVE-2021-26086\n#exploit\n@BlueRedTeam", "creation_timestamp": "2021-10-13T10:34:16.000000Z"}, {"uuid": "d6021464-e5d0-4c66-b95c-346eaccd0c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "published-proof-of-concept", "source": "Telegram/h-AibXDnZg5F4B2jC8WepZFTZlIcNgcGN5QNOmJuz65vcVZD", "content": "", "creation_timestamp": "2021-11-10T23:12:02.000000Z"}, {"uuid": "28020fc8-27b3-455e-ba30-e0bd3e6dde1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34480", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4306", "content": "#Fuzzing\nFuzzing Closed-Source JavaScript Engines with Coverage Feedback\nhttps://googleprojectzero.blogspot.com/2021/09/fuzzing-closed-source-javascript.html\n]-&gt; CVE-2021-26419:  https://bugs.chromium.org/p/project-zero/issues/detail?id=2157\n]-&gt; CVE-2021-31959:  https://bugs.chromium.org/p/project-zero/issues/detail?id=2168\n]-&gt; CVE-2021-34480:  https://bugs.chromium.org/p/project-zero/issues/detail?id=2188", "creation_timestamp": "2022-07-12T11:36:29.000000Z"}, {"uuid": "7a56b15b-856b-4c58-9b12-8f3279ffd9ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4016", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (July 1-31)\nCVE-2021-1675 - Windows Print Spooler EoP\nhttps://t.me/cybersecuritytechnologies/3723\nCVE-2021-34527 - Windows Print Spooler RCE\nhttps://t.me/cybersecuritytechnologies/3750\nCVE-2021-36934 - Windows SeriousSAM EoP\nhttps://t.me/cybersecuritytechnologies/3891\nCVE-2021-33909 - Sequoia - A LPE Vulnerability in Linux\u2019s Filesystem Layer\nhttps://t.me/cybersecuritytechnologies/3884\nCVE-2021-22555 - Heap out-of-bounds write vuln in Linux Netfilter\nhttps://t.me/cybersecuritytechnologies/3841\nCVE-2021-30807 - OOBR in AppleCLCD/IOMobileFrameBuffer\nhttps://t.me/cybersecuritytechnologies/3930\nCVE-2020-27020 - Vulnerability in Kaspersky Password Manager\nhttps://donjon.ledger.com/kaspersky-password-manager\nCVE-2021-35211 - SolarWinds Serv-U Managed File Transfer Vuln\nhttps://t.me/CyberSecurityTechnologies/4714\nCVE-2021-34481 - Windows Print Spooler EoP\nhttps://mobile.twitter.com/gentilkiwi/status/1416429860566847490\nCVE-2021-3438 - Printer\u2019s Drivers Vulnerability\nhttps://t.me/cybersecuritytechnologies/3969", "creation_timestamp": "2024-01-18T03:22:33.000000Z"}, {"uuid": "ca470a04-e55f-4d67-8f2e-1348e8dbffb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4511", "content": "#exploit\n1. CVE-2021-34486:\nWindows 20H2 x64 Etw LPE\nhttps://github.com/KaLendsi/CVE-2021-34486\n\n2. CVE-2021-26085 / CVE-2021-26086:\nAtlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability / Atlassian Jira Server/DataCenter 8.4.0 - Arbitrary File read\nhttps://github.com/ColdFusionX/CVE-2021-26085\nhttps://github.com/ColdFusionX/CVE-2021-26086", "creation_timestamp": "2021-10-13T11:07:01.000000Z"}, {"uuid": "8f8694c3-43e3-4485-be81-3d4207ca1a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "seen", "source": "MISP/7feea642-93ce-4a7b-8892-a36c0332d4c1", "content": "", "creation_timestamp": "2024-11-14T06:09:51.000000Z"}, {"uuid": "7aaefd81-4b9f-474f-890e-d8c635ab607d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971491", "content": "", "creation_timestamp": "2024-12-24T20:30:06.108058Z"}, {"uuid": "cea5fde3-758a-42a2-91e6-c3e353ff55dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8f383a2c-0933-4595-a47a-b72b986c464e", "content": "", "creation_timestamp": "2026-02-02T12:27:54.438103Z"}, {"uuid": "4c610315-c01b-438e-b7ff-4e9928980e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8f383a2c-0933-4595-a47a-b72b986c464e", "content": "", "creation_timestamp": "2026-02-02T12:27:54.438103Z"}, {"uuid": "96f58d0f-8f80-48ca-bcca-d33d273a28db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "https://t.me/cKure/6196", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Microsoft shares guidance on new Windows Print Spooler vulnerability.\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34481\n\nhttps://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/", "creation_timestamp": "2021-07-16T11:21:39.000000Z"}, {"uuid": "a7ce3d47-ea2d-4334-b486-f548458be3cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "https://t.me/cKure/6195", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-day: Microsoft Warns of New Unpatched Windows Print Spooler Vulnerability identified by Jacob Baines.\n\nTracked as\u00a0CVE-2021-34481\u00a0(CVSS score: 7.8), the issue concerns a local privilege escalation flaw that could be abused to perform unauthorized actions on the system.\n\nhttps://thehackernews.com/2021/07/microsoft-warns-of-new-unpatched.html", "creation_timestamp": "2021-07-16T11:20:26.000000Z"}, {"uuid": "0badba23-8994-4342-8790-ee1bd3292f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "https://t.me/cibsecurity/32325", "content": "\u274c Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix \u274c\n\nResearchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2021-11-12T21:13:23.000000Z"}, {"uuid": "71561ebd-2d10-4bc3-8029-24ae741b743a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/4757", "content": "#exploit\nCVE-2021-34484:\nWindows User Profile Service 0day LPE\nhttps://github.com/klinix5/ProfSvcLPE/blob/main/write-up.docx\n]-&gt; PoC:\nhttps://github.com/klinix5/ProfSvcLPE/tree/main/DoubleJunctionEoP", "creation_timestamp": "2021-11-15T13:14:59.000000Z"}, {"uuid": "9b2dd53d-ff67-412e-90bc-cfe9f7a17650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971483", "content": "", "creation_timestamp": "2024-12-24T20:29:58.541694Z"}, {"uuid": "d10329b6-24fb-41fb-98f9-36fc39848cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_19/2021", "content": "", "creation_timestamp": "2026-03-17T15:00:58.081796Z"}, {"uuid": "befafa89-c5d3-41b5-bd10-5ebe10b5dda0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_19/2021", "content": "", "creation_timestamp": "2021-07-01T09:58:27.000000Z"}, {"uuid": "6f1ecf38-4f8a-4957-9e85-ac35bb7f0a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f12a6188-2357-4d44-a15f-010c7da0b35c", "content": "", "creation_timestamp": "2026-02-02T12:27:55.357949Z"}, {"uuid": "8b60e6e2-3789-47e4-ab1a-279e5bc4c0a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f12a6188-2357-4d44-a15f-010c7da0b35c", "content": "", "creation_timestamp": "2026-02-02T12:27:55.357949Z"}, {"uuid": "36e6735b-c78d-4856-90dc-e9141048e27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "Telegram/ChiQjS4UaWKnqMA3WFN9IYyYRRDrGxvTzw0QktDoPe9cKg", "content": "", "creation_timestamp": "2021-08-10T23:24:21.000000Z"}, {"uuid": "c6bea80a-5dac-4dca-83b2-bc2ecaa83659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/175", "content": "\u041f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \ud83d\udc47\n\n\u0412 \u0434\u0432\u0443\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 npm \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043c\u0430\u043b\u0432\u0430\u0440\u044c\nhttps://xakep.ru/2021/11/08/coa-rc-hacked/\n\n\u041d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u043a\u0443\u043f\u043a\u0438 \u0432 Apple Pay, Samsung Pay \u0438 Google Pay\nhttps://xakep.ru/2021/11/11/apple-pay-samsung-pay-google-pay/\n\n\u0414\u043b\u044f 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0430\u0442\u0447\nhttps://xakep.ru/2021/11/12/cve-2021-34484/\n\n\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0447\u0430\u0442-\u0431\u043e\u0442\u0430 \u043d\u0430 \u043f\u043e\u0440\u0442\u0430\u043b\u0435 \u0413\u043e\u0441\u0443\u0441\u043b\u0443\u0433\nhttps://xakep.ru/2021/11/12/gosuslugi-attack/\n\n\u0413\u043b\u0430\u0432\u0430 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Methbot \u043f\u0440\u0438\u0433\u043e\u0432\u043e\u0440\u0435\u043d \u043a 10 \u0433\u043e\u0434\u0430\u043c \u0442\u044e\u0440\u044c\u043c\u044b\nhttps://xakep.ru/2021/11/12/methbot-op-sentenced/\n\nWhatsApp \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0442 \u0432\u044b\u0431\u0440\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u043e\u0432\nhttps://www.securitylab.ru/news/526523.php\n\n\u0428\u043f\u0438\u043e\u043d \u0434\u043b\u044f Android \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440 \u0441\u043e \u0441\u043a\u0432\u043e\u0437\u043d\u044b\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c\nhttps://www.anti-malware.ru/news/2021-11-15-111332/37471\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0424\u0411\u0420 \u0438 \u0440\u0430\u0437\u043e\u0441\u043b\u0430\u043b\u0438 \u0441\u0442\u0440\u0430\u0448\u0438\u043b\u043a\u0443 \u043e \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0435\nhttps://www.anti-malware.ru/news/2021-11-15-111332/37470", "creation_timestamp": "2021-11-15T07:11:59.000000Z"}, {"uuid": "b9bffcc9-b16a-488e-9ca9-0942332a9e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34480", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/59", "content": "\ud83d\udd26  \u041a\u0430\u043a \u043c\u044b \u043d\u0430\u0448\u043b\u0438 ITW-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2024-38178\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0441\u0432\u0435\u0436\u0435\u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u044b \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 ESC-VR \u043e\u0431\u0440\u0430\u0449\u0430\u0435\u043c \u043f\u0440\u0438\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u0422\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043d\u0430\u0448\u0435\u0439 \u0433\u043b\u0430\u0432\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a\u0430\u044f \u0431\u044b \u0442\u043e \u043d\u0438 \u0431\u044b\u043b\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u0445. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38178 \u2014 \u044d\u0442\u043e \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0442\u0438\u043f\u0430 Type Confusion (CWE-843). \u0413\u043e\u0432\u043e\u0440\u044f \u043f\u043e-\u043f\u0440\u043e\u0441\u0442\u043e\u043c\u0443: \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f, \u043a\u043e\u0433\u0434\u0430 \u043e\u0431\u043b\u0430\u0441\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u0438, \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u043c\u0430\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u0442\u0438\u043f\u0430 A, \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u0434\u043e\u043c \u043a\u0430\u043a \u043e\u0431\u044a\u0435\u043a\u0442 \u0442\u0438\u043f\u0430 B.\n\n\u041f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u0430\u0442\u0447, \u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0441\u0434\u0435\u043b\u0430\u043d\u044b \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043c\u0430\u0441\u0441\u0438\u0432\u0430\u043c\u0438, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 GlobOpt::OptArraySrc. \u041f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430\u0441\u044c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u043a\u043e\u0433\u0434\u0430 \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0442\u043e\u0440 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043d\u043e\u0433\u0434\u0430 \u0442\u0438\u043f \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0432 runtime.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0441\u043b\u0435\u0434\u0438\u0442\u0435 \u0437\u0430 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e Google ProjectZero \u0442\u0430\u043a \u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e, \u043a\u0430\u043a \u0438 \u043c\u044b, \u0442\u043e \u0432\u044b \u0443\u0436\u0435 \u043e\u0431\u043e \u0432\u0441\u0435\u043c \u0434\u043e\u0433\u0430\u0434\u0430\u043b\u0438\u0441\u044c \ud83d\ude09\n\n\u0424\u0443\u043d\u043a\u0446\u0438\u044f GlobOpt::OptArraySrc \u0443\u0436\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0432 ITW-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0435, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u0432 \u043f\u043e\u0441\u0442\u0435, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0435\u043c CVE-2022-41128. \n\n\u0412 \u043f\u043e\u0441\u0442\u0435 \u0435\u0441\u0442\u044c PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2022\u201341128. \u0412\u0437\u044f\u0432 \u0438\u0437 \u043d\u0435\u0433\u043e \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0441\u0442\u0440\u043e\u043a\u0438, \u043c\u044b \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u043f\u043e\u0438\u0441\u043a \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0438 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430\u0445 \u043f\u043e \u0444\u0430\u0439\u043b\u0430\u043c, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u043e\u0434\u0441\u0442\u0440\u043e\u043a\u0438:\n\n\u2022 6E6577204F626A656374287B0D0A20 \n\u2022 206E657720496E7433324172726179\n\n\u041c\u044b \u043d\u0430\u0448\u043b\u0438 \u0432\u0441\u0435\u0433\u043e \u043e\u0434\u0438\u043d \u0444\u0430\u0439\u043b. \u041e\u043d \u0431\u044b\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0438\u0437 KR, \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u044d\u0442\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0435, \u043e \u0447\u0435\u043c \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 Microsoft. \n\n\u041f\u0440\u043e\u0433\u043d\u0430\u0432 \u0444\u0430\u0439\u043b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u043f\u0430\u0442\u0447\u0435\u043c \u0438 \u0431\u0435\u0437 \u043d\u0435\u0433\u043e, \u043c\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u043e\u043d\u044f\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u043e, \u0447\u0442\u043e \u043c\u044b \u0438\u0441\u043a\u0430\u043b\u0438. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0441\u0445\u043e\u0436\u0435\u0441\u0442\u044c\u044e \u0441 CVE-2022-41128 \u043c\u044b \u0441\u0447\u0438\u0442\u0430\u0435\u043c, \u0447\u0442\u043e \u0438 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u0437\u0437\u0438\u043d\u0433, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0441\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c PoC \u0434\u043b\u044f CVE-2022-41128 \u0438 CVE-2021-34480.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 JIT-\u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u0443\u0431\u0435\u0436\u0434\u0435\u043d, \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0430\u044f X \u0438\u043c\u0435\u0435\u0442 \u0442\u0438\u043f js::TypedArray, \u043d\u043e \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 X \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 Y \u0442\u0438\u043f\u0430 js::DynamicObj. \u0414\u0430\u043b\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e \u0438\u043d\u0434\u0435\u043a\u0441\u0443 4, 11, 12, \u0447\u0442\u043e\u0431\u044b \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u043f\u043e\u043b\u044f \u043c\u0430\u0441\u0441\u0438\u0432\u0430 js::JavaScriptNativeArray, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e\u0441\u044f \u0432 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0441\u0432\u043e\u0439\u0441\u0442\u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f Y. \u041c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u043f\u043e\u043b\u044f \u0445\u0440\u0430\u043d\u044f\u0442 \u0440\u0430\u0437\u043c\u0435\u0440 \u043c\u0430\u0441\u0441\u0438\u0432\u0430. \n\n\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u044d\u0442\u043e\u0433\u043e \u043c\u0430\u0441\u0441\u0438\u0432\u0430 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432\u044b \u043d\u0430 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u0447\u0442\u0435\u043d\u0438\u0435. \u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0437\u0430\u043d\u044f\u043b\u043e \u0431\u044b \u043d\u0435\u043f\u0440\u0438\u043b\u0438\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u043c\u0435\u0441\u0442\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0441\u0442\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 stay tunned \u0438 happy hunting \ud83d\ude42\n\nYARA-\u043f\u0440\u0430\u0432\u0438\u043b\u043e (\u043d\u0430 \u0444\u0430\u0439\u043b):\n\n\nrule exploit_CVE_2024_38178 {\n      strings:\n          $a = { 6E6577204F626A656374287B0D0A20 }\n          $b = { 206E657720496E7433324172726179 } \n     condition:\n           all of them\n}\n\n\nIoCs:\n\n\nSHA256: 736092B71A9686FDE43D3C4ABD941A6774721B90B17D946C9D05AF19C84DF0A4\n\n\n\nhttp://img[.]mobonad[.]com/images/20230912/43\n\n\n#escvr #itw #jscript9 #reverse\n@ptescalator", "creation_timestamp": "2024-09-09T12:43:50.000000Z"}, {"uuid": "d5e02d4d-dd49-4c86-9269-1cab9fd86cd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "https://t.me/xakep_ru/11564", "content": "\u0414\u043b\u044f 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0430\u0442\u0447\n\n\u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 CVE-2021-34484, \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u044b\u0448\u0435\u043b \u0435\u0449\u0435 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430, \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043d\u0435 \u0434\u043e \u043a\u043e\u043d\u0446\u0430. \u041f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows User Profile Service \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0443\u0440\u043e\u0432\u043d\u044f SYSTEM.\n\nhttps://xakep.ru/2021/11/12/cve-2021-34484/", "creation_timestamp": "2021-11-12T20:04:07.000000Z"}, {"uuid": "b740c94c-80f0-4ee6-b98b-1c97c329f583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1180", "content": "#exploit\nCVE-2021-34484:\nWindows User Profile Service 0day LPE\nhttps://github.com/klinix5/ProfSvcLPE/blob/main/write-up.docx\n]-&gt; PoC:\nhttps://github.com/klinix5/ProfSvcLPE/tree/main/DoubleJunctionEoP\n\n@BlueRedTeam", "creation_timestamp": "2021-11-15T06:54:58.000000Z"}, {"uuid": "ed3f3478-1aa3-4529-bd1d-055bce4458d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "14c7d8a1-a13a-4c62-8e31-587da4266c0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "e21b1b18-cfdc-47ba-b901-0eb10a5ee393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "ceb91fb6-019a-42bf-978f-e1f13a8898e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:38.000000Z"}, {"uuid": "ad16e327-e531-4bcc-9f21-cd019d131604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:30.000000Z"}, {"uuid": "b8898e5f-8f15-4ad4-a6de-6b2b7ec53a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34484", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:30.000000Z"}, {"uuid": "4fe8a62b-c569-4885-96e7-cc7cedae6d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "seen", "source": "Telegram/bVYj6lfAOHbULrxDvll7Gtzf8qfA5tHx_uN7vfs6iQqBP70Y", "content": "", "creation_timestamp": "2025-02-06T02:41:37.000000Z"}, {"uuid": "d2f5775d-8700-4cbf-9ab8-0470ebf61558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34486", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/1605", "content": "CVE-2021-34486: Event Tracing for Windows (ETW) TimerCallbackContext Object Use-After-Free Vulnerability\nhttps://www.pixiepointsecurity.com/blog/cve-2021-34486.html", "creation_timestamp": "2021-09-28T07:51:42.000000Z"}, {"uuid": "1ce2e4ca-d663-4bad-90b0-f63ef8e9f9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34481", "type": "seen", "source": "https://t.me/BleepingComputer/10148", "content": "Microsoft shares guidance on new Windows Print Spooler vulnerability\n\nMicrosoft is sharing mitigation guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed tonight. [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/", "creation_timestamp": "2021-07-16T00:55:47.000000Z"}]}