{"vulnerability": "CVE-2022-2295", "sightings": [{"uuid": "4e7b4ce5-9554-4e6a-a581-ab6908fb265b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "13ff823a-8ec3-45a0-b21c-3cf2517d52be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "3182e6d5-8388-422f-8df8-d908f8e7a242", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "4c844bc0-dcb8-4bd6-8463-9dfea65fcf23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "15b83230-7111-4c10-9efc-3c8ac81cb384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-05)", "content": "", "creation_timestamp": "2026-02-05T00:00:00.000000Z"}, {"uuid": "23a6a18e-03e2-4c0f-bc55-010fb559a30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-04)", "content": "", "creation_timestamp": "2026-02-04T00:00:00.000000Z"}, {"uuid": "8a3d78fa-ed18-4218-b6ae-3086963e641d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22955", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=775", "content": "", "creation_timestamp": "2022-04-07T04:00:00.000000Z"}, {"uuid": "cfd50b55-7d5c-4c74-a23b-b6e21bf4ca3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=775", "content": "", "creation_timestamp": "2022-04-07T04:00:00.000000Z"}, {"uuid": "dc455819-d07d-49d7-9c5d-5b55fce29ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22958", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=775", "content": "", "creation_timestamp": "2022-04-07T04:00:00.000000Z"}, {"uuid": "67596e6c-e3fd-408c-a50c-79fd6f91710a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=775", "content": "", "creation_timestamp": "2022-04-07T04:00:00.000000Z"}, {"uuid": "c89cbf77-a941-4443-8c5d-2f6c70df81e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22957", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=775", "content": "", "creation_timestamp": "2022-04-07T04:00:00.000000Z"}, {"uuid": "47403780-1b03-4a57-ad99-175faea2d734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3817b7db-7439-479b-bffa-3efcedee90cd", "content": "", "creation_timestamp": "2026-02-02T12:27:51.065843Z"}, {"uuid": "1fb7ea98-9447-45b0-a193-c96e8cafac41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-09)", "content": "", "creation_timestamp": "2026-02-09T00:00:00.000000Z"}, {"uuid": "1806cec5-33f2-4674-bde4-07e2a26b14e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-28)", "content": "", "creation_timestamp": "2026-02-28T00:00:00.000000Z"}, {"uuid": "5877c114-137b-4998-94ef-e7d07304197a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-09)", "content": "", "creation_timestamp": "2026-04-09T00:00:00.000000Z"}, {"uuid": "20d5ad23-18a3-497b-b7e6-bc6c37c56494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1953", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a\u63d0\u4f9b\u5355\u4e2a\u6216\u6279\u91cfURL\u626b\u63cf\u662f\u5426\u5b58\u5728CVE-2022-22954\u529f\u80fd\nURL\uff1ahttps://github.com/axingde/CVE-2022-22954-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T09:48:29.000000Z"}, {"uuid": "42b236e3-0231-42ba-a815-147c1c8b9cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/cKure/9334", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 \u26a0\ufe0f CVE-2022-22954 is being exploited by a threat actor from China \ud83c\udde8\ud83c\uddf3 with the IP of 117.89.211.135 and 60.166.67.164.", "creation_timestamp": "2022-04-13T01:01:08.000000Z"}, {"uuid": "146478bc-d61a-46b5-b14c-7d5669158833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9333", "content": "PoC: VMware CVE-2022-22954 Workspace ONE Access Freemarker Server-side Template Injection.\n\nOriginally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability \n\nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954", "creation_timestamp": "2022-04-12T21:26:13.000000Z"}, {"uuid": "de45e7b8-7a44-4745-afcd-51b3d747969d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1948", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of Concept for exploiting VMware CVE-2022-22954\nURL\uff1ahttps://github.com/tyleraharrison/VMware-CVE-2022-22954-Command-Injector\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-14T23:50:15.000000Z"}, {"uuid": "f3eff1a9-71d3-4a1d-9cd4-62a2127fca62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1935", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22954 VMware Workspace ONE Access freemarker SSTI \u6f0f\u6d1e \u547d\u4ee4\u6267\u884c\u3001\u6279\u91cf\u68c0\u6d4b\u811a\u672c\nURL\uff1ahttps://github.com/bewhale/CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-13T16:28:56.000000Z"}, {"uuid": "baaa4f9e-ec9b-4bf5-bca8-de3ae12692f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22955", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "5b5c58a4-85f3-4377-a093-6b46ec7ba898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "4cc08293-e69d-4fc7-9703-f23e62b278eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1929", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-22954 - VMware Workspace ONE Access Freemarker Server-Side Template Injection\nURL\uff1ahttps://github.com/DrorDvash/CVE-2022-22954_VMware_PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-12T21:27:13.000000Z"}, {"uuid": "f40a11aa-5e6f-44c7-a57b-2db7a327c65b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1926", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22954 A\u00e7\u0131\u011f\u0131 test etme\nURL\uff1ahttps://github.com/MSeymenD/CVE-2022-22954-Testi\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-12T09:43:46.000000Z"}, {"uuid": "8e958ea8-5872-4075-840d-298f4a9912d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1924", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22954-VMware-RCE\u6279\u91cf\u68c0\u6d4bPOC\nURL\uff1ahttps://github.com/chaosec2021/CVE-2022-22954-VMware-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-12T05:54:58.000000Z"}, {"uuid": "08db5b6e-7e14-4737-868e-16b9d258ccda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/128", "content": "PoC: VMware CVE-2022-22954 Workspace ONE Access Freemarker Server-side Template Injection.\n\nOriginally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability \n\nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954", "creation_timestamp": "2022-04-12T21:26:02.000000Z"}, {"uuid": "1441e26a-15c1-40e6-86f0-2089f12a9447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/11810", "content": "Latest news and stories from BleepingComputer.com\nHackers exploit critical VMware CVE-2022-22954 bug, patch now\n\nSecurity researchers have published various proof of concepts (PoCs) scripts for exploiting CVE-2022-22954 on social media and other channels, essentially enabling malicious actors to attack unpatched systems. [...]", "creation_timestamp": "2022-04-13T20:25:43.000000Z"}, {"uuid": "dd8020bf-4403-4189-a6e5-0e19f14de350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/poxek/1341", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-22954 \u0432 VMware\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-17T15:00:55.000000Z"}, {"uuid": "e0480720-6bf5-4ccc-a8e7-62d34b1abdfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1284", "content": "VMware-CVE-2022-22954\nPOC for VMWARE CVE-2022-22954\nUse this one line GET request!! This will execute cat /etc/passwd\nShodan Query: http.favicon.hash:-1250474341\nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-11T16:59:02.000000Z"}, {"uuid": "0f4c86ae-ff53-4e4c-8297-b1a5953657f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1399", "content": "CVE-2022-22954 PoC - VMware Workspace ONE Access Freemarker Server-Side Template Injection\n\u0412 Vmware Workspace ONE Access and Identity Manager \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u0430\u043a \u043e\u0447\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 - Template Handler. \n\u0421\u0441\u044b\u043b\u043a\u0430\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435:\npython3 CVE-2022-22954.py example.com \"cat /etc/passwd\"\n\nhttps://github.com/DrorDvash/CVE-2022-22954_VMware_PoC\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-04-26T17:01:47.000000Z"}, {"uuid": "5fd4dbcc-d9fa-4a76-a410-07a36ae3f34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1382", "content": "CVE-2022-22954 \nVMware Workspace ONE Access Freemarker SSTI RCE\nhttps://github.com/NafisiAslH/KnowledgeSharing/tree/main/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-24T13:01:49.000000Z"}, {"uuid": "f9d8adde-7999-4813-b51c-9ee9bc6dac53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2266", "content": "CVE-2022-22954 VMware RCE\n\nPython script to exploit CVE-2022-22954 and then exploit CVE-2022-22960. \u0422\u0430\u043a\u0436\u0435 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435 \u0432\u044b \u043d\u0430\u0439\u0434\u0435\u0442\u0435 POC \u0438 Google Dork", "creation_timestamp": "2022-08-14T19:00:09.000000Z"}, {"uuid": "705347e6-7882-484e-8145-796c87aa20af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/poxek/2399", "content": "#\u041f\u041e #CVE #POC\n\nVMware Workspace ONE Access Freemarker Server-Side Template Injection\nCVE-2022-22954\n\n\u0412 Vmware Workspace ONE Access and Identity Manager \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u0430\u043a \u043e\u0447\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f Template Handler.", "creation_timestamp": "2022-08-29T17:00:05.000000Z"}, {"uuid": "49344f45-1453-4294-a40f-1a6e897ed94e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/ptswarm/119", "content": "\ud83d\udd25We have reproduced the fresh CVE-2022-22954 Server-Side Template Injection in VMware Workspace ONE Access.\n\nSuccessful exploitation could lead to RCE from an unauthenticated user.\n\nPatch ASAP!", "creation_timestamp": "2022-04-07T15:10:55.000000Z"}, {"uuid": "8434cb69-7e64-4ecd-be89-e657ef8e46ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/786", "content": "\u2705 \u0413\u043b\u0430\u0432\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \u043e\u0442\u0447\u0451\u0442 CISA \u0438 \u0438\u0445 \u0430\u043d\u0433\u043b\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0441\u043e\u044e\u0437\u043d\u0438\u043a\u043e\u0432\n\n\u0412 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0433\u043e\u0434\u0430 \u0432\u044b\u0445\u043e\u0434\u044f\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u043e\u0442\u0447\u0451\u0442\u043e\u0432, \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 2022 \u0433\u043e\u0434, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u2014 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 12 \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u043d\u043e \u0432 \u043b\u044e\u0431\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u043d\u0438 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043f\u043e\u0443\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b \u0438 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u043d\u044b. \u041d\u0430\u0447\u043d\u0451\u043c \u0441 \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u043e\u0442\u0447\u0451\u0442\u0430 \u00ab\u043f\u044f\u0442\u0438\u0433\u043b\u0430\u0437\u044b\u0445\u00bb, \u043f\u043e\u0441\u0432\u044f\u0449\u0451\u043d\u043d\u043e\u0433\u043e \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \n\n\u0413\u043b\u0430\u0432\u043d\u044b\u0439 \u0432\u044b\u0432\u043e\u0434 \u043d\u0435 \u043d\u043e\u0432 \u2014 \u0441\u0430\u043c\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f 0day \u0438\u043b\u0438 1day. \u042d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0433\u043e\u0434 \u0438\u043b\u0438 \u0434\u0432\u0430, \u0438\u043c\u0435\u044e\u0449\u0438\u0435 PoC \u043d\u0430 Github, \u0434\u0430\u0432\u043d\u043e \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u043f\u0430\u0442\u0447\u0430\u043c\u0438, \u043d\u043e \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u043d\u0435 \u043b\u0438\u043a\u0432\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0442\u044b\u0441\u044f\u0447\u0430\u043c\u0438 \u0441\u0438\u0441\u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.  \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0435 \u043d\u0440\u0430\u0432\u0438\u0442\u0441\u044f \u0442\u0440\u0443\u0434\u043d\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0438\u0442\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0438\u043c\u0435\u044e\u0449\u0438\u0445 \u0432\u0441\u0435\u043c\u0438\u0440\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u043e \u0432\u0441\u0435\u0445 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f\u0445.\n\n\u0422\u043e\u043f-12 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: CVE-2018-13379 \u0432 Fortinet SSL VPN, \u0442\u0440\u0438 CVE 2021 \u0433\u043e\u0434\u0430, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 ProxyShell, CVE-2021-40539 \u0432 Zoho ManageEngine, CVE-2021-26084 \u0438 -26134 \u0432 Confluence, CVE-2021-44228 Log4Shell, CVE-2022-22954 \u0438 -22960 \u0432 VMWare, CVE-2022-1388 \u0432 F5 BIG-IP,  CVE-2022-30190 \u0432 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u0442\u0435\u0445\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 Windows, MSDT.\n\n\u0415\u0449\u0451 \u0442\u0440\u0438 \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u2014 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u043c \u043e\u0442\u0447\u0451\u0442\u0435 (\u0430\u043d\u0433\u043b). \u0422\u0430\u043c \u0436\u0435 \u0434\u0430\u043d\u044b \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u043f\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u043e\u043d\u044f\u0442\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b:\n\n\ud83d\udd18\u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439\n\ud83d\udd18\u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439\n\ud83d\udd18\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u0430\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 \u0441\u0435\u0442\u0438\n\ud83d\udd18\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0441\u043e\u0432\u0435\u0442\u044b @\u041f2\u0422", "creation_timestamp": "2023-08-07T10:20:52.000000Z"}, {"uuid": "03df828c-253a-4503-831d-be89b87754ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/ctinow/50267", "content": "Critical VMware Workspace ONE Access CVE-2022-22954 flaw actively exploited\n\nhttps://ift.tt/DTjnByF", "creation_timestamp": "2022-04-14T12:46:38.000000Z"}, {"uuid": "1e81d984-2197-40c8-9472-0f7a729094aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/ctinow/50237", "content": "Hackers exploit critical VMware CVE-2022-22954 bug, patch now\n\nhttps://ift.tt/0jkUXZv", "creation_timestamp": "2022-04-13T21:31:41.000000Z"}, {"uuid": "1c792315-f974-4577-9f15-c1d788c1f661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/ctinow/50629", "content": "U.S. Dept Of Defense: \u2588\u2588\u2588 vulnerable to CVE-2022-22954\n\nhttps://ift.tt/5bgp4AU", "creation_timestamp": "2022-04-21T17:21:58.000000Z"}, {"uuid": "b0c40417-0af5-489e-a942-b0f293f5a13e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "Telegram/eXJ6uhsB4kT2KyMwIIgJLCK6BJUbaFQ2cqtfVl9phdXYTZg", "content": "", "creation_timestamp": "2023-03-06T19:04:24.000000Z"}, {"uuid": "5694f183-413c-4d25-8d6c-c2986453f2f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/arpsyndicate/610", "content": "#ExploitObserverAlert\n\nCVE-2022-22954\n\nDESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.\n\nFIRST-EPSS: 0.973610000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-27T23:35:20.000000Z"}, {"uuid": "094cbc0b-7c28-4a0c-9953-a97b417e4576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/ShizoPrivacy/409", "content": "|Hackers exploit critical VMware RCE|\n\n\ud83d\udd25\u0412 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u0430 \u043f\u0440\u043e CVE-2022-22954 \u0445\u043e\u0447\u0443 \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0435\u0449\u0451 \u043e\u0434\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u043e\u0439 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e \u043e\u0442 bleepingcomputer \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438 \u043e\u0442 \u0438\u0440\u0430\u043d\u0441\u043a\u043e\u0439 APT35(Rocket Kitten). \u041f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u044d\u0442\u043e\u0439 CVE \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0440\u0435\u0434\u0435, \u0434\u0430\u043b\u0435\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u044b PS \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u043c \u0441\u043b\u0443\u0436\u0431\u0435(Identity Manager), \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0438\u0435 stager. \u0414\u0430\u043b\u0435\u0435 PowerShell stager \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u043b\u043e\u0430\u0434\u0435\u0440 PowerTrash \u0441 C2 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432 \u0432\u044b\u0441\u043a\u043e\u043e\u0431\u0444\u0443\u0441\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0444\u043e\u0440\u043c\u0435 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 Core Impact \u0430\u0433\u0435\u043d\u0442 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c.\n\u041f\u0440\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0432 \u0442\u0430\u043a\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u0435\u043d \u0431\u0430\u0439\u043f\u0430\u0441\u0441 AV \u0438 EDR. \n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0432 \u0441\u0442\u0430\u0442\u044c\u0435.\n\n\ud83d\udca5\u0412\u043e\u0442 \u0435\u0449\u0451 \u0440\u0430\u0437\u0431\u043e\u0440(\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439).\n\ud83d\udca5\u0421\u0432\u0435\u0436\u0430\u044f \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u043e CVE-2022-22954\n\n\ud83d\udd25In continuation of the post about CVE-2022-22954 I want to share another link to an article from bleepingcomputer about attacks from the Iranian APT35(Rocket Kitten). Through this CVE, access to the environment occurs, then PS commands are executed on the attacked service (Identity Manager), launching the stager. Next, PowerShell stager extracts the PowerTrash\n loader from the C2 server in a highly-obfuscated form and loads the Core Impact agent into the system memory.\nWith privileged access, AV and EDR bypass is possible in such an attack.\nYou can read more in the article.\n\n\ud83d\udca5Here is another analysis (more detailed).\n\ud83d\udca5Recent article about CVE-2022-22954\n\n#cve #EDR #av #bypass #VMware", "creation_timestamp": "2022-05-03T10:55:18.000000Z"}, {"uuid": "5a404e48-fa7e-4211-b050-1906a663edb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/ZerodayExploitware/352", "content": "We've updated the vx-underground malware sample collection. New additions:\n\n- Nerbian RAT\n- KurayStealer\n- Chaos Ransomware\n- CVE-2022-22954\n- CrateDepression\n- XorDdos\n- Pymafka\n\nEnjoy the rest of your weekend.\n\nDownload: https://samples.vx-underground.org/samples/Families/", "creation_timestamp": "2023-05-23T05:19:23.000000Z"}, {"uuid": "ab712e9d-964b-4653-8d20-e297b7367ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/109", "content": "CVE-2022-22954 : VMware Workspace ONE Access Freemarker Server-side Template Injection\nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954", "creation_timestamp": "2022-04-11T21:02:05.000000Z"}, {"uuid": "846a2640-19cd-4a88-8da3-fbfe58533e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2295", "type": "seen", "source": "https://t.me/true_secator/3130", "content": "Google \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u0439 \u0437\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u0433\u043e\u0434 0-day \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f 103.0.5060.114 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432 \u043a\u0430\u043d\u0430\u043b\u0435 Stable Desktop \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2022-2294, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043a\u0443\u0447\u0438\u00a0\u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebRTC, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 01 \u0438\u044e\u043b\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u042f\u043d \u0412\u043e\u0439\u0442\u0435\u0441\u0435\u043a \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Avast Threat Intelligence. \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0430\u0440\u044c\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 RCE \u0434\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a CVE-2022-2294 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Chrome \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b: CVE-2022-2295, \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0443 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8, \u0438 CVE-2022-2296, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 Chrome OS.\n\n\u0412 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 Chrome 103 (103.0.5060.71) \u0434\u043b\u044f Android \u0441\u043a\u043e\u0440\u043e \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0438 \u043d\u0430 Google Play.\n\n\u0414\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043e\u0440\u0433\u0430\u043d\u0438\u0447\u0435\u043d \u0434\u043e \u0442\u0435\u0445, \u043f\u043e\u0440 \u043f\u043e\u043a\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435 \u043d\u0430\u043a\u0430\u0442\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0441 \u0447\u0435\u043c \u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0437\u0430\u0442\u044f\u0433\u0438\u0432\u0430\u0442\u044c.", "creation_timestamp": "2022-07-05T11:15:46.000000Z"}, {"uuid": "3eeb0324-0467-4dbc-89f9-0c3697437974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/true_secator/2890", "content": "\u0410 \u043c\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438, \u0447\u0442\u043e VMware RCE \u043c\u043e\u0436\u0435\u0442 \u0438 \u0431\u0443\u0434\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f.\n\u00a0\n\u0422\u0430\u043a \u0438 \u0441\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c Morphisec Labs, \u043f\u0440\u043e\u0438\u0440\u0430\u043d\u0441\u043a\u0430\u044f \u0410\u0420\u0422 Rocket Kitten \u043d\u0430\u0446\u0435\u043b\u0438\u043b\u0441\u044f \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0435\u0449\u0435 6 \u0430\u043f\u0440\u0435\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VMware, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 Core Impact \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\u00a0\n\u041a\u0430\u043a \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438,\u00a0CVE-2022-22954\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE) \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e VMware Workspace ONE Access \u0438 Identity Manager.\n\u00a0\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043d\u0430\u0438\u0432\u044b\u0441\u0448\u0438\u0439 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u044e\u0431\u044b\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0445\u043e\u0441\u0442\u0430 \u0438 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u044b.\n\u00a0\n\u0417\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u0439\u0434\u0436\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PowerShell, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430 - PowerTrash Loader, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Core Impact \u0432 \u043f\u0430\u043c\u044f\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\u00a0\n\u0418 \u043f\u043e \u0444\u0430\u043a\u0442\u0443 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 VMWare \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0431\u0435\u0441\u043f\u0440\u0435\u043f\u044f\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u0447\u0442\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u043c \u043f\u043b\u0430\u0446\u0434\u0430\u0440\u043c\u043e\u043c \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0440\u0430\u0437\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0442\u0440\u0430\u0441\u043b\u044f\u0445.\n\u00a0\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u044b \u043f\u043e\u043d\u0438\u043c\u0430\u0435\u0442\u0435, \u0447\u0442\u043e \u043c\u044b \u0438\u043c\u0435\u043b\u0438 \u0432 \u0432\u0438\u0434\u0443, \u043a\u043e\u0433\u0434\u0430 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u0438 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0431 \u043e\u0442\u0432\u0435\u0442\u043d\u044b\u0445 \u043c\u0435\u0440\u0430\u0445 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0418\u0440\u0430\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438.", "creation_timestamp": "2022-04-26T19:53:17.000000Z"}, {"uuid": "281c0b5c-d1a0-4aca-bdd4-1088b6cc86f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22950", "type": "exploited", "source": "https://t.me/true_secator/2816", "content": "\u0415\u0441\u043b\u0438 \u043c\u044b \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0437\u043e\u043b\u043e\u0442\u044b\u0445 72 \u0447\u0430\u0441\u043e\u0432, \u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043e Spring4Shell \u043e\u0431 \u044d\u0442\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430\u0431\u044b\u0442\u044c.\n\u00a0\n\u041f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044b \u0432 \u043f\u0435\u0440\u0432\u044b\u0435 \u0436\u0435 \u0434\u043d\u0438 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-22965. \u0415\u0449\u0435 \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u00a0\u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\u00a0\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22963, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e Spring Cloud, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434.\u00a0\u0422\u0440\u0435\u0442\u044c\u0435\u0439 \u0434\u044b\u0440\u043e\u0439 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22950, DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\u00a0\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 Check Point, \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 37 000 \u0430\u0442\u0430\u043a Spring4Shell. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0448\u0435\u0441\u0442\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Spring4Shell, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u043f\u0435\u0440\u0432\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u043f\u043e \u0447\u0438\u0441\u043b\u0443 \u0436\u0435\u0440\u0442\u0432 - \u0415\u0432\u0440\u043e\u043f\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 20%. \n\u00a0\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430 \u0434\u043e\u043b\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 28% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\u00a0\n\u041f\u043e\u043a\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u043e \u0437\u0430\u043d\u044f\u0442\u044b \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell \u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 RCE \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0445\u043e\u0434\u043e\u043c. \u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u0430\u043a \u0434\u043b\u044f Spring4Shell, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f CVE-2022-22963.\n\u00a0\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 Spring Framework 5.3.18 \u0438 5.2.20, \u0430 \u0442\u0430\u043a\u0436\u0435 Spring Boot 2.5.12, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0448\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 RCE, \u0430\u00a0\u0442\u0430\u043a\u0436\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e.\u00a0\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e CVE-2022-22963 \u0438 CVE-2022-22947 \u0432 Spring Cloud Function \u0438 Spring Cloud Gateway.", "creation_timestamp": "2022-04-06T20:32:36.000000Z"}, {"uuid": "4aaff43c-a5d2-4e0b-b62c-e179f4f0cfc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/crackcodes/375", "content": "Shodan query for CVE-2022-22954.\n\nhttp.favicon.hash:-1250474341", "creation_timestamp": "2022-07-24T17:01:39.000000Z"}, {"uuid": "8ea48333-7e99-4a07-b890-04dd8743fc39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22953", "type": "seen", "source": "https://t.me/cibsecurity/44644", "content": "\u203c CVE-2022-22953 \u203c\n\nVMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:21:40.000000Z"}, {"uuid": "9c1a7dac-cf1f-47e0-b97f-33a7ae2eb888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22952", "type": "seen", "source": "https://t.me/cibsecurity/39445", "content": "\u203c CVE-2022-22952 \u203c\n\nVMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code on the Windows instance where AppC Server is installed by uploading a specially crafted file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-23T23:29:01.000000Z"}, {"uuid": "6925a9ab-6995-40e6-b3a7-eafa5e0963e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22951", "type": "seen", "source": "https://t.me/cibsecurity/39443", "content": "\u203c CVE-2022-22951 \u203c\n\nVMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-23T23:28:59.000000Z"}, {"uuid": "e1e73454-7fbb-4cca-a562-873ce6cd8b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/thehackernews/2081", "content": "A week after VMware released patches to fix 8 vulnerabilities in VMware Workspace ONE Access, threat actors have begun actively exploiting one of the critical vulnerabilities (CVE-2022-22954) in the wild.\n\nDetails: https://thehackernews.com/2022/04/vmware-releases-patches-for-critical.html", "creation_timestamp": "2022-09-05T20:57:45.000000Z"}, {"uuid": "18f0884a-d1ab-4e8c-9c89-a803a21e0151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1921", "content": "#CVE-2022\n\n\nCVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager\n\nhttps://github.com/Vulnmachines/VMWare_CVE-2022-22954\n\n@BlueRedTeam", "creation_timestamp": "2022-04-12T09:00:11.000000Z"}, {"uuid": "9589098f-1399-4169-adb5-06acfd3adbe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1924", "content": "#exploit\nCVE-2022-22954:\nVMware Workspace ONE Access Freemarker Server-side Template Injection\nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954\n\n@BlueRedTeam", "creation_timestamp": "2022-04-12T10:47:01.000000Z"}, {"uuid": "3daa036b-bfff-42c7-99b5-4aed483ce9da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1926", "content": "#CVE-2022\nPoC for CVE-2022-22954 - VMware Workspace ONE Access Freemarker Server-Side Template Injection\n\nhttps://github.com/DrorDvash/CVE-2022-22954_VMware_PoC\n\n@BlueRedTeam", "creation_timestamp": "2022-04-12T23:27:35.000000Z"}, {"uuid": "bb2c1086-bf21-4f83-ba73-3519ecd3e7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1929", "content": "#CVE-2022\n\nCVE-2022-22954 VMware Workspace ONE Access freemarker SSTI \u6f0f\u6d1e \u547d\u4ee4\u6267\u884c\u3001\u6279\u91cf\u68c0\u6d4b\u811a\u672c\n\nhttps://github.com/bewhale/CVE-2022-22954\n\n@BlueRedTeam", "creation_timestamp": "2022-04-13T21:42:34.000000Z"}, {"uuid": "8ae68c9b-3a13-490c-92fa-a7d826e2f7bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1934", "content": "#CVE-2022\n\nProof of Concept for exploiting VMware CVE-2022-22954\n\nhttps://github.com/tyleraharrison/VMware-CVE-2022-22954-Command-Injector\n\n@BlueRedTeam", "creation_timestamp": "2022-04-15T08:21:30.000000Z"}, {"uuid": "9db73934-84c4-4b8d-9c53-86551f232148", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/107", "content": "https://github.com/badboy-sft/CVE-2022-22954", "creation_timestamp": "2022-06-03T12:58:54.000000Z"}, {"uuid": "52256c1d-056a-4a94-b307-6e948dc1e8e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5791", "content": "#exploit\nCVE-2022-22954:\nVMware Workspace ONE Access Freemarker Server-side Template Injection\nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954", "creation_timestamp": "2022-04-12T11:01:01.000000Z"}, {"uuid": "c20cefe4-afa6-4dfa-b881-ff369ccaf17d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8149", "content": "#exploit\n1. CVE-2022-22956, CVE-2022-22957:\nVMware Workspace ONE RCE\nhttps://packetstormsecurity.com/files/171918\n\n2. CVE-2023-25136:\nOpenSSH Pre-Auth Double Free\nhttps://github.com/adhikara13/CVE-2023-25136\n\n3. CVE-2023-21931:\nWebLogic After-Deserialization\nhttps://github.com/gobysec/Weblogic/blob/main/Research%20on%20WebLogic%20After-Deserialization.md", "creation_timestamp": "2023-04-21T02:07:48.000000Z"}, {"uuid": "ccbb7fa5-4b0f-4262-8d67-fd032a277a26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8149", "content": "#exploit\n1. CVE-2022-22956, CVE-2022-22957:\nVMware Workspace ONE RCE\nhttps://packetstormsecurity.com/files/171918\n\n2. CVE-2023-25136:\nOpenSSH Pre-Auth Double Free\nhttps://github.com/adhikara13/CVE-2023-25136\n\n3. CVE-2023-21931:\nWebLogic After-Deserialization\nhttps://github.com/gobysec/Weblogic/blob/main/Research%20on%20WebLogic%20After-Deserialization.md", "creation_timestamp": "2023-04-21T02:07:48.000000Z"}, {"uuid": "ba911ff9-7291-4388-88a1-85119b816d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4952", "content": "CVE-2022-22956 - CVE-2022-22957 ( VMware Workspace ONE RCE )\n\nLink\n\n#Exploit #CVE #RCE \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:19.000000Z"}, {"uuid": "6d640064-582d-4a4f-94a7-05c8e30f7e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4952", "content": "CVE-2022-22956 - CVE-2022-22957 ( VMware Workspace ONE RCE )\n\nLink\n\n#Exploit #CVE #RCE \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:19.000000Z"}, {"uuid": "21849730-c48c-4320-8939-89d2b7fec880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/3530", "content": "VMware Workspace ONE Access and Identity Manager RCE via SSTI.\n\nCVE-2022-22954 - PoC SSTI\n\n*\n\nexploit + payload + shodan \n\n#vmware \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2022-06-03T10:48:25.000000Z"}, {"uuid": "c9307700-7be9-40e5-80f1-4aca44f57e5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/true_secator/2848", "content": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VMware \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u0437\u0434\u0440\u043e\u0433\u043d\u0443\u0442\u044c, \u0438\u0431\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u043e \u0432\u0441\u044e \u043e\u0440\u0443\u0434\u0443\u044e\u0442 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-22954.\n\n\u041f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u043d\u0442\u0443\u0437\u0438\u0430\u0441\u0442\u044b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0431\u044b\u043b \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d \u0432\u0441\u043f\u043b\u0435\u0441\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0437\u0430\u0440\u0430\u0436\u0430\u044e\u0449\u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u044b VMware \u043c\u0430\u0439\u043d\u0435\u0440\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f (\u0440\u0435\u0439\u0442\u0438\u043d\u0433  9.8 \u043f\u043e CVSS) \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0435 \u043d\u0430 \u0434\u0432\u0430 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 VMware Workspace ONE Access \u0438 VMware Identity Manager.\n\n6 \u0430\u043f\u0440\u0435\u043b\u044f 2022 \u0433. \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a RCE. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u043c \u043f\u0443\u0442\u044f\u043c, \u0434\u0430\u0431\u044b \u043f\u043e\u043c\u043e\u0447\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0435\u0441\u043b\u0438 \u0432\u0434\u0440\u0443\u0433 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u041f\u041e.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u0442\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0438\u043b\u0438 \u0443\u043c\u0435\u043d\u044c\u0448\u0435\u043d\u0430 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f\u043c\u0438 \u0432 VMSA-2021-0011, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b.\n\n\u041a\u0430\u043a \u043c\u044b \u0443\u0436\u0435 \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f CVE-2022-22954, \u043f\u0440\u0438\u0447\u0435\u043c \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043e\u0434\u0438\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0432 Twitter.\n\n\u0421\u0430\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0441\u043e\u0437\u043d\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u043a \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0440\u0438\u0441\u043a \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u043e \u043e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u044b \u0438 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041c\u0435\u0434\u0432\u0435\u0436\u044c\u044f \u043b\u0438 \u0443\u0441\u043b\u0443\u0433\u0430 \u0434\u043b\u044f \u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u0441\u0443\u0434\u0438\u0442\u0435 \u0441\u0430\u043c\u0438, \u043d\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0431\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0441\u043a\u043e\u0440\u0435 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u044f\u0445.\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0435\u0441\u043b\u0438 \u0432\u044b \u0435\u0449\u0435 \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u0442\u043e \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u044d\u0442\u043e \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. \n\n\u0422\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 VMware \u0441\u0442\u043e\u0438\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043c\u0438\u043c\u043e \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u043e\u0433\u043e RCE \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u043a\u0440\u043e\u043c\u0435 Workspace One Access \u0438 Identity Manager.", "creation_timestamp": "2022-04-14T13:11:36.000000Z"}, {"uuid": "58c73c4b-e772-406e-b570-776833c80b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/aeee5c2a-79b3-4319-b954-93581651c784", "content": "", "creation_timestamp": "2022-07-08T06:53:36.000000Z"}, {"uuid": "32bef046-38ab-4ea4-af21-8d5b6a48d389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/8bf50bb8-94dd-4004-a646-5f78db6f0b6a", "content": "", "creation_timestamp": "2022-07-13T13:02:16.000000Z"}, {"uuid": "52733630-172c-486f-a7d2-58bf4ccfc9be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22952", "type": "seen", "source": "MISP/30839540-715f-46fa-9fe3-a3b0b441d01e", "content": "", "creation_timestamp": "2022-03-25T12:32:59.000000Z"}, {"uuid": "7b05a88f-6533-4990-8abf-d25735ff51bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22951", "type": "seen", "source": "MISP/30839540-715f-46fa-9fe3-a3b0b441d01e", "content": "", "creation_timestamp": "2022-03-25T12:32:59.000000Z"}, {"uuid": "818312bb-ad59-4822-bf69-5c0104dea350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://bsky.app/profile/bushidotoken.net/post/3lr5xve2oj22n", "content": "", "creation_timestamp": "2025-06-09T08:35:38.137978Z"}, {"uuid": "104624fe-ab72-47ab-9732-1e2b573627aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:26.000000Z"}, {"uuid": "56569cf6-5922-4c3a-a4cd-f3250d334ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-12)", "content": "", "creation_timestamp": "2025-09-12T00:00:00.000000Z"}, {"uuid": "aedc31dc-914f-4674-a9a1-3a8be5aca9f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-06)", "content": "", "creation_timestamp": "2025-10-06T00:00:00.000000Z"}, {"uuid": "1dbe6d18-1d3e-497e-82ef-9fbc7a43b4c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-11)", "content": "", "creation_timestamp": "2025-08-11T00:00:00.000000Z"}, {"uuid": "9d075591-9571-4773-8494-135427393b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/4590857b-1a98-4628-8be7-f79476bcbcef", "content": "", "creation_timestamp": "2026-04-19T02:11:05.000000Z"}, {"uuid": "4d5ff88f-4abe-4c20-913a-b46bc80234a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3817b7db-7439-479b-bffa-3efcedee90cd", "content": "", "creation_timestamp": "2026-02-02T12:27:51.065843Z"}, {"uuid": "78a1e7b3-f043-4d93-8292-2206a519e8fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/VIEHGroup/68", "content": "CVE-2022-22954 Utilized by a state-sponsored group in the wild To infiltrate virtualization systems with Server Template Injection (SSTI)\n\npoc: \nhttps://github.com/sherlocksecurity/VMware-CVE-2022-22954\n\nShodan query for CVE-2022-22954\n\nhttp.favicon.hash:-1250474341\n\n\nPlease scan logs and stay safe\n\ngrep one liner.\n\ngrep -e \"/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%\" /opt/vmware/horizon/workspace/logs/*\n\n\nPlease add these IP addresses that scan the Internet space to a blacklist in the firewall\n\nis being exploited by a threat actor from China \ud83c\udde8\ud83c\uddf3 \nwith the IP of 117.89.211.135 and 60.166.67.164.", "creation_timestamp": "2022-04-13T15:42:56.000000Z"}, {"uuid": "68a5e187-eeae-4971-b6c9-8c16516631fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2395", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aVMware Workspace ONE Access and Identity Manager RCE via SSTI. CVE-2022-22954 - PoC SSTI * exploit+payload+shodan (\u043d\u0443 \u043d\u0430\u0431\u043e\u0440\u043e\u043c)\nURL\uff1ahttps://github.com/badboy-sft/CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-03T09:26:51.000000Z"}, {"uuid": "b0712daf-ffab-49c3-8ffb-24393202e10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "b84b80d1-69a5-4098-ab67-5f0d1145fa67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/BleepingComputer/11899", "content": "Latest news and stories from BleepingComputer.com\nHackers exploit critical VMware RCE flaw to install backdoors\n\nAdvanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability,\u00a0CVE-2022-22954, that affects in VMware Workspace ONE Access (formerly called VMware Identity Manager). [...]", "creation_timestamp": "2022-04-26T13:24:02.000000Z"}, {"uuid": "5c0f4bdb-3a4e-43f2-8e41-7c9a96f29e8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9324", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2022-22954 Server-Side Template Injection in VMware Workspace ONE Access.\n\nSuccessful exploitation could lead to RCE from an unauthenticated user via HTTP-POST request by chaining 2 exploits.\n\nPatch ASAP!\n\nWe had reported earlier about the Zero-Day here: https://t.me/cKure/11024\n\nhttps://twitter.com/ptswarm/status/1512083327884271619", "creation_timestamp": "2022-04-11T10:48:25.000000Z"}, {"uuid": "437a77f1-692d-46c4-8cad-336bcfb0dbee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9335", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 vwmware one workspace /VMware Identity Manager - CVE-2022-22954 IOC detection grep one liner.\n\nThis is based on the exploit code released earlier.\n\ngrep -e \"/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%\" /opt/vmware/horizon/workspace/logs/*", "creation_timestamp": "2022-04-12T23:42:20.000000Z"}, {"uuid": "3d0d8a89-3c91-41cc-86ee-dbbdba60bd98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/cKure/9336", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Shodan query for CVE-2022-22954.\n\nhttp.favicon.hash:-1250474341", "creation_timestamp": "2022-04-12T23:44:01.000000Z"}, {"uuid": "d3dfe027-7019-4f5f-90c0-ba2c0e3b5376", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/cKure/9348", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Zero-Day: Critical VMware Workspace ONE Access CVE-2022-22954 flaw actively exploited. There are around 800 public instances of the vulnerable software.\n\nhttps://securityaffairs.co/wordpress/130188/hacking/vmware-workspace-one-access-flaw-attacks.html", "creation_timestamp": "2022-04-14T11:11:37.000000Z"}, {"uuid": "73dd3213-2b6a-4103-afc6-7a9fbb1ccc37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22959", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "08dbb34f-d3d5-48b5-91a3-07d814c49e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22958", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "e67eb034-aff7-464e-9fe9-303fe0e8925e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1918", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager\nURL\uff1ahttps://github.com/Vulnmachines/VMWare_CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-11T19:51:24.000000Z"}, {"uuid": "9a8970df-c0ca-404f-93f2-62447c5108d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1916", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for VMWARE CVE-2022-22954\nURL\uff1ahttps://github.com/sherlocksecurity/VMware-CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-11T14:07:44.000000Z"}, {"uuid": "3a5e6c35-d391-4597-9c91-66f76e03252b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "c36ce014-48d7-416d-9f8c-83df8fdf5bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1959", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22954 VMware Workspace ONE Access free marker SSTI\nURL\uff1ahttps://github.com/MLX15/CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T19:40:41.000000Z"}, {"uuid": "376c1ae0-78cf-45c0-8296-0dcc880b5cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "712f2a4b-4a7b-4a67-bb00-f5e97d84a07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2356", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPython script to exploit CVE-2022-22954 and then exploit CVE-2022-22960\nURL\uff1ahttps://github.com/Chocapikk/CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-01T19:38:01.000000Z"}, {"uuid": "cb53ceec-63b7-4bd6-81a8-47423e229393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5282", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1awebshell\n\u63cf\u8ff0\uff1a\u4e00\u6b3e\u9488\u5bf9Vcenter\u7684\u7efc\u5408\u5229\u7528\u5de5\u5177\uff0c\u5305\u542b\u76ee\u524d\u6700\u4e3b\u6d41\u7684CVE-2021-21972\u3001CVE-2021-21985\u4ee5\u53caCVE-2021-22005\u3001One Access\u7684CVE-2022-22954\u3001CVE-2022-22972/31656\u4ee5\u53calog4j\uff0c\u63d0\u4f9b\u4e00\u952e\u4e0a\u4f20webshell\uff0c\u547d\u4ee4\u6267\u884c\u6216\u8005\u4e0a\u4f20\u516c\u94a5\u4f7f\u7528SSH\u514d\u5bc6\u8fde\u63a5\nURL\uff1ahttps://github.com/Schira4396/VcenterKiller\n\n\u6807\u7b7e\uff1a#webshell", "creation_timestamp": "2023-10-05T03:18:09.000000Z"}, {"uuid": "21ce0d7e-9d8f-44a9-a58a-e18680b020a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6596", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aVMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script for shodan, file or manual. \nURL\uff1ahttps://github.com/tunelko/CVE-2022-22954-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-13T13:47:11.000000Z"}, {"uuid": "4959f9f5-53b7-4d0c-9548-6d41792e939c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/ctinow/51050", "content": "U.S. Dept Of Defense: \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 vulnerable to CVE-2022-22954\n\nhttps://ift.tt/FnDU1b8", "creation_timestamp": "2022-04-29T18:47:09.000000Z"}, {"uuid": "795b4715-3c31-4913-820c-a4a18eb484a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/286", "content": "|CVE-2022-22954 PoC| \n\n\ud83d\udee1\u0422\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445!\n\u0410 \u0432\u043e\u0442 \u0438 \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b PoC \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-22954, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0449\u0435\u0435 rce \u043f\u0440\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0432\u043b\u0438\u044f\u044e\u0449\u0430\u044f \u043d\u0430 VMware Workspace ONE Access \u0438 Identity Manager.\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u0445\u043e\u0434\u0438\u043b \u043f\u0430\u0442\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 VMware.\n\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u0442\u043e, \u0447\u0442\u043e \u043f\u0440\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435, rce \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u043e\u0439\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\nPoC\nCVE-2022-22954\n\n\ud83d\udee1For educational purposes only!\nAnd here comes the PoC for the vulnerability CVE-2022-22954, suggesting rce when implementing server-side  templates, affecting VMware Workspace ONE Access and Identity Manager.\nA security patch from VMware was recently released.\nInterestingly, with a successful attack, rce can occur for an unauthenticated user.\nPoC\nCVE-2022-22954\n\n#cve  #poc #rce #VMware", "creation_timestamp": "2022-04-26T17:39:01.000000Z"}, {"uuid": "fcabd432-f910-44a8-b6eb-2fcc66503bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22950", "type": "seen", "source": "https://t.me/cibsecurity/40032", "content": "\u203c CVE-2022-22950 \u203c\n\nn Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:20:09.000000Z"}, {"uuid": "94a6dc93-15c8-46b7-9ebc-215f71f9216f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2295", "type": "exploited", "source": "https://t.me/androidMalware/1587", "content": "Google patched security issues in Chrome for Android, one of the exploit exists in the wild (CVE-2022-2294, CVE-2022-2295)\nhttps://chromereleases.googleblog.com/2022/07/chrome-for-android-update.html", "creation_timestamp": "2022-07-05T06:27:47.000000Z"}, {"uuid": "958058fd-3c27-49da-b218-8b82a11208e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22951", "type": "seen", "source": "https://t.me/thehackernews/2006", "content": "VMware releases patches for critical vulnerabilities in Carbon Black App Control, including a command injection (CVE-2022-22951) and a file upload vulnerability (CVE-2022-22952).\n\nRead details: https://thehackernews.com/2022/03/vmware-issues-patches-for-critical.html", "creation_timestamp": "2022-03-24T04:43:48.000000Z"}, {"uuid": "5704c454-cf85-462a-9001-83ec9e0bec72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22952", "type": "seen", "source": "https://t.me/thehackernews/2006", "content": "VMware releases patches for critical vulnerabilities in Carbon Black App Control, including a command injection (CVE-2022-22951) and a file upload vulnerability (CVE-2022-22952).\n\nRead details: https://thehackernews.com/2022/03/vmware-issues-patches-for-critical.html", "creation_timestamp": "2022-03-24T04:43:48.000000Z"}, {"uuid": "be728b54-7c5a-4f6b-afec-84d36efb7d31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/thehackernews/2058", "content": "VMware releases critical patches for several products affected by a new set of vulnerabilities (CVE-2022-22954 to CVE-2022-22961), some of which could be exploited for RCE attacks.\n\nRead details: https://thehackernews.com/2022/04/vmware-releases-critical-patches-for.html", "creation_timestamp": "2022-04-07T07:51:03.000000Z"}, {"uuid": "11edc373-c884-425e-9d8c-b94f0d4e3e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1941", "content": "#CVE-2022\nCVE-2022-22954 VMware Workspace ONE Access free marker SSTI\n\nhttps://github.com/MLX15/CVE-2022-22954\n\n@BlueRedTeam", "creation_timestamp": "2022-04-15T22:54:00.000000Z"}, {"uuid": "0e35bd06-823e-4a0b-9a03-590511973df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/vxunderground/817", "content": "We've updated the vx-underground malware sample collection. New additions:\n\n- Nerbian RAT\n- KurayStealer\n- Chaos Ransomware\n- CVE-2022-22954\n- CrateDepression\n- XorDdos\n- Pymafka\n\nEnjoy the rest of your weekend.\n\nDownload: https://samples.vx-underground.org/samples/Families/", "creation_timestamp": "2022-05-22T07:58:03.000000Z"}, {"uuid": "741d9541-299f-433a-9710-398d5e86d9d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/true_secator/2957", "content": "VMware \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Workspace ONE Access, VMware Identity Manager (vIDM) \u0438 vRealize Automation.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-22972 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0411\u0440\u0443\u043d\u043e \u041b\u043e\u043f\u0435\u0441 \u0438\u0437 Innotec Security. \u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-22973 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u00abroot\u00bb. \u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 VMware Workspace ONE, VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), \u041e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u0444\u043e\u043d\u0434 VMware, vRealize Suite.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0431\u0430\u0433, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f\u043c\u0438 \u0432 VMSA-2021-0014\n\u00a0\nVMware \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u042d\u0442\u0438 \u043c\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u0440\u043e\u043c\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0432\u0445\u043e\u0434\u043e\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0447\u0435\u0440\u0435\u0437 SSH \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u043b\u0443\u0436\u0431\u044b Horizon-Workspace.\n\n\u0412 \u0442\u043e\u0436\u0435 \u0432\u0440\u0435\u043c\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c, \u0441\u043a\u043b\u043e\u043d\u044f\u044f\u0441\u044c \u043a \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u043c\u0443 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 - \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432.\n\nVMware \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043e\u0434\u043d\u0430\u043a\u043e \u0435\u0441\u043b\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0432\u044b\u0448\u0435\u0434\u0448\u0443\u044e \u0432\u0447\u0435\u0440\u0430 \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0443 22-03 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2022-22972 \u0438 CVE-2022-22973 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 5 \u0434\u043d\u0435\u0439, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0440\u0438\u0441\u043a \u0430\u0442\u0430\u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435\u0438\u0437\u0431\u0435\u0436\u0435\u043d. \n\n\u0412 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0440\u0430\u0437 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u043b\u043e\u0441\u044c 48 \u0447\u0430\u0441\u043e\u0432 \u043d\u0430 \u0440\u0435\u0432\u0435\u0440\u0441-\u0438\u043d\u0436\u0438\u043d\u0435\u0440\u0438\u043d\u0433 \u043f\u0430\u0442\u0447\u0435\u0439 (\u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2022-229600 \u0438 CVE-2022-22954) \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2022-05-19T12:12:49.000000Z"}, {"uuid": "a29c6d3e-a8ee-45e6-8a37-f1de2899c160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "56a7dc6f-3f15-438c-a69a-d915e3be1cd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2295", "type": "seen", "source": "MISP/bd1c3290-9486-4bf9-ae59-fe17c0948133", "content": "", "creation_timestamp": "2023-09-06T13:45:08.000000Z"}, {"uuid": "5b2d75d1-304c-4372-8b40-cb50ae08d817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971519", "content": "", "creation_timestamp": "2024-12-24T20:30:33.107993Z"}, {"uuid": "032ced4d-375f-4fbe-91f1-e9fe14a2e199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "18a533d6-b6d9-4a8c-9d37-877915af586b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "e4a328b2-c7cf-4166-b502-4caf5c6870a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "28f25a7b-12f5-460e-b0ab-6efcdbffa04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "7f277ba1-abc8-487b-a984-fa0c83404b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "f52029b2-299c-4a5d-b720-ccf85ae8b1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "2894de2c-1438-4c53-b960-ffaef6324e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lstbajpkc42i", "content": "", "creation_timestamp": "2025-06-30T13:13:59.636718Z"}, {"uuid": "8d0d4887-78d5-4c72-91fd-c02429641aef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-07)", "content": "", "creation_timestamp": "2025-04-07T00:00:00.000000Z"}, {"uuid": "d9c21ed1-6ff1-4743-996f-e88f30118a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "94546afc-4708-437f-9fa6-def97605ed7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-30)", "content": "", "creation_timestamp": "2025-06-30T00:00:00.000000Z"}, {"uuid": "3cf7776d-61d1-4f5a-9151-cc70914d11cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-13)", "content": "", "creation_timestamp": "2025-10-13T00:00:00.000000Z"}, {"uuid": "ee038a0a-722f-44a4-b63d-33a1de81dadb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22953", "type": "seen", "source": "https://gist.github.com/Th3redTea/d4ad7778a978d13241b07d4f5567dde2", "content": "", "creation_timestamp": "2025-08-04T09:04:42.000000Z"}, {"uuid": "95384819-2de0-4b57-bf6f-e2206ce50ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-09)", "content": "", "creation_timestamp": "2025-09-09T00:00:00.000000Z"}, {"uuid": "2de28673-86c8-41f1-832e-8a453bd90410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "89574549-393f-472e-8bba-ae0058d84160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "af7e8b25-ca40-4326-b27b-55f97667a00a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-07)", "content": "", "creation_timestamp": "2025-09-07T00:00:00.000000Z"}, {"uuid": "fef75ced-c815-41e5-ade3-8f4b9801f8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-13)", "content": "", "creation_timestamp": "2025-08-13T00:00:00.000000Z"}, {"uuid": "205c1d3c-8620-4c61-9d73-80fa34abc9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-14)", "content": "", "creation_timestamp": "2025-09-14T00:00:00.000000Z"}, {"uuid": "cc1c33cc-6185-429f-b5de-e13940bd297f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "fa89d8db-1612-459d-ae72-c2f879d27320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-15)", "content": "", "creation_timestamp": "2025-08-15T00:00:00.000000Z"}, {"uuid": "17b42bab-3cb8-4d9a-a6cc-793e3a0614ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-09)", "content": "", "creation_timestamp": "2025-10-09T00:00:00.000000Z"}, {"uuid": "d81e3294-d55a-47d7-a952-da7bbc5e25ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "d4b7a77d-bbd9-4588-8469-9086f4693591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-06)", "content": "", "creation_timestamp": "2025-09-06T00:00:00.000000Z"}, {"uuid": "84410ec4-8c0e-43a2-a6e0-c928072179c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-13)", "content": "", "creation_timestamp": "2025-09-13T00:00:00.000000Z"}, {"uuid": "80cd3d77-e5ea-4284-ac9c-95b771d29af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-08)", "content": "", "creation_timestamp": "2025-08-08T00:00:00.000000Z"}, {"uuid": "b36e75e1-e203-437f-b63d-47d4b25f72a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-09)", "content": "", "creation_timestamp": "2025-08-09T00:00:00.000000Z"}, {"uuid": "3e68eedd-055d-403d-988f-e58c1cb4f961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-08)", "content": "", "creation_timestamp": "2025-10-08T00:00:00.000000Z"}, {"uuid": "fb27aaaa-6f94-402b-b48b-5b0e3d85bea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "dc70df3e-6ae3-452f-95a5-bd2d329910b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-12)", "content": "", "creation_timestamp": "2025-08-12T00:00:00.000000Z"}, {"uuid": "f99fbefa-13ff-4cd4-b94a-d36d861515b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "246f52e7-fc87-46d9-8f07-73b569a847d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "d181adc5-7a60-49ef-b7f0-e1625d355068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-22956.yaml", "content": "", "creation_timestamp": "2025-10-14T12:06:27.000000Z"}, {"uuid": "fca5283d-6372-4e33-9334-88751e5dcd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "44d95569-6ec3-47a1-ad22-88baed93c0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "cb597958-0f12-4844-a226-9fae162759f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-11)", "content": "", "creation_timestamp": "2025-10-11T00:00:00.000000Z"}, {"uuid": "e18d7bcf-7db6-4d51-b4a3-437b677c152c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "694c7088-ef8d-4825-9627-f64dd5cbeb5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-10)", "content": "", "creation_timestamp": "2025-10-10T00:00:00.000000Z"}, {"uuid": "1289504a-c24a-48ba-a387-b63793c9e601", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "6a1c4b42-a31c-4433-b452-6050dde76146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_workspace_one_access_cve_2022_22954.rb", "content": "", "creation_timestamp": "2022-05-03T14:41:50.000000Z"}, {"uuid": "af6d1efa-b800-4c2b-86f4-d39e98d23c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.rb", "content": "", "creation_timestamp": "2023-04-18T15:17:44.000000Z"}, {"uuid": "ade659d8-ef37-47e1-a69b-e97e8b642f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "7b5858b8-6c01-42e7-bb47-425d4147666e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:03.000000Z"}, {"uuid": "5d6f0267-55d3-448c-86e8-63cf7626cd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain.rb", "content": "", "creation_timestamp": "2023-04-18T15:17:44.000000Z"}, {"uuid": "06c954d6-0356-4fd3-873d-48e21cbeff98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:56.000000Z"}, {"uuid": "7a9681e2-4510-4aae-82db-a92feca54b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-03)", "content": "", "creation_timestamp": "2025-09-03T00:00:00.000000Z"}, {"uuid": "9ded9d71-9f3b-4d86-b849-daccbad9ab81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-04)", "content": "", "creation_timestamp": "2025-09-04T00:00:00.000000Z"}, {"uuid": "923e377e-132b-44cd-b7bd-6edc87806f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1723", "content": "CVE-2022-22954 PoC\nVMware Workspace ONE Access and Identity Manager RCE via SSTI. CVE-2022-22954 - PoC SSTI\nhttps://github.com/tunelko/CVE-2022-22954-PoC\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-06-09T11:00:35.000000Z"}, {"uuid": "56055cc9-bcdc-49c2-9463-d23c75bdab9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1882", "content": "CVE-2022-22954 PoC\nVMware Workspace ONE Access and Identity Manager RCE via SSTI. CVE-2022-22954 - PoC SSTI\nhttps://github.com/tunelko/CVE-2022-22954-PoC\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-01T19:00:45.000000Z"}, {"uuid": "9dca4f9a-321c-4ac3-b43f-b52aa5fc28f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/arpsyndicate/1973", "content": "#ExploitObserverAlert\n\nCVE-2022-22954\n\nDESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.\n\nFIRST-EPSS: 0.974020000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T11:32:14.000000Z"}, {"uuid": "87f5fd02-78a3-4d1c-a858-ca54df5dff84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "https://t.me/arpsyndicate/1360", "content": "#ExploitObserverAlert\n\nCVE-2022-22954\n\nDESCRIPTION: Exploit Observer has 103 entries related to CVE-2022-22954. VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.\n\nFIRST-EPSS: 0.973610000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T01:49:38.000000Z"}, {"uuid": "a5d3eb9b-e709-4653-8c53-12767d978b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "Telegram/rjIWv9GJ8NnLrd4DPlv1UrnCMY1rK1H_OkcIGCZcJyfiXA", "content": "", "creation_timestamp": "2022-04-13T09:33:07.000000Z"}, {"uuid": "24524463-ae14-4c2c-8cdf-eadaace09989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3129", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory\n\n\"EPI: Process injection through entry points hijacking.\"\n\ngithub.com/Kudaes/EPI\n\n#infosec #pentest #redteam \n\n\"pypykatz: Mimikatz implementation in pure Python\"\n\nhttps://github.com/skelsec/pypykatz\n\n#infosec #pentest #redteam \n\n\"Add VMware Workspace ONE Access CVE-2022-22954\"\n\nhttps://github.com/rapid7/metasploit-framework/pull/16512\n\n#infosec #pentest #redteam\n\n\"smbeagle: SMBeagle - Fileshare auditing tool.\"\n\nhttps://github.com/punk-security/SMBeagle\n\n#infosec #pentest #redteam\n\n\"KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).\"\n\nhttps://github.com/ShorSec/KrbRelayUp\n\n#infosec #pentest #redteam\n\n\"Exploits/Chains/Hydseven at main\"\n\nhttps://github.com/forrest-orr/Exploits/tree/main/Chains/Hydseven\n\n#infosec #pentest #redteam\n\n\"ZeroMemoryEx/Blackout: kill anti-malware protected processes (BYOVD)\"\n\nhttps://github.com/ZeroMemoryEx/Blackout\n\n#infosec #pentest #redteam\n\n\"asyauth\"\n\ngithub.com/skelsec/asyauth\n\n#infosec #pentest #redteam \n\n\"Ruy-Lopez\"\n\nEndpoint Detection and Response systems (EDRs) are like the white player in a Chess game:\n\nThey do the first move with hooks loaded directly via the kernel\nThe EDR DLL is typically loaded directly after ntdll.dll\n\nhttps://github.com/S3cur3Th1sSh1t/Ruy-Lopez\n\n#infosec #pentest #redteam \n\n\"srdi-rs: Rusty Shellcode Reflective DLL Injection (sRDI) - A small reflective loader in Rust 4KB in size for generating position-independent code (PIC) in Rust.\"\n\ngithub.com/memN0ps/srdi-rs\n\n#infosec #pentest #redteam \n \nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-28T06:23:25.000000Z"}, {"uuid": "d5d43ee3-dcbb-4897-be69-de65b11e748f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/856", "content": "VMware Workspace ONE Access and Identity Manager RCE via SSTI.\nCVE-2022-22954 - PoC SSTI\n*\nexploit+payload+shodan (\u043d\u0443 \u043d\u0430\u0431\u043e\u0440\u043e\u043c)", "creation_timestamp": "2022-06-02T00:07:47.000000Z"}, {"uuid": "0aa44fef-c108-48ce-be03-b1243677bc00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "Telegram/7BcSlLsuj3GNkmpCCr6YPiVZqin2DP8KOXb2hvmMh3ElfA", "content": "", "creation_timestamp": "2022-06-01T22:36:29.000000Z"}, {"uuid": "d0982197-edfe-4486-a460-107862a72b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "Telegram/eV3y_Way84-k57rBYVglWT1AViPu4YW8v7vNJXj4evAaZXA", "content": "", "creation_timestamp": "2022-04-13T13:52:20.000000Z"}, {"uuid": "fe2a5f3f-be90-4ddf-8df1-54ff5aea1ef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22950", "type": "exploited", "source": "https://t.me/true_secator/2793", "content": "\u200b\u200b\u0412\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435, Spring4Shell. \u041f\u0440\u0430\u0432\u0434\u0430, \u0435\u0441\u043b\u0438 \u0441\u0440\u0430\u0432\u043d\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e RCE \u0432 Java Spring Framework \u0441 Log4Shell, \u044d\u0444\u0444\u0435\u043a\u0442 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u0442\u044c \u0431\u043e\u043c\u0431\u043e\u0439, \u0442\u043e \u043d\u043e\u0432\u0430\u044f 0-Day \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u0444\u043e\u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u043a\u0430\u043a \u0441\u0432\u044f\u0437\u043a\u0430 \u043f\u0435\u0442\u0430\u0440\u0434.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u0440\u0435\u0434\u0435 Spring \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u0435\u043a\u0438\u0439 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u0430 GitHub\u00a0\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0438\u043b \u0432\u043c\u0435\u0441\u0442\u0435 \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u043c\u0438.\n\nSpring - \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Java EE (Enterprise Edition), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u044b\u0441\u0442\u0440\u043e \u0438 \u043b\u0435\u0433\u043a\u043e \u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438  \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Apache Tomcat, \u0432 \u0432\u0438\u0434\u0435 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Praetorian, \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Spring Core \u0432 Java Development Kit (JDK) \u0432\u0435\u0440\u0441\u0438\u0438 9 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a\u00a0CVE-2010-1622, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0435 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Spring.io, \u0434\u043e\u0447\u0435\u0440\u043d\u044f\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f VMware, \u0432\u043e\u0432\u0441\u044e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\u00a0\n\n\u041d\u043e\u0432\u0430\u044f \u0431\u0430\u0433\u0430 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0432 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 Spring Framework (CVE-2022-22950) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 Spring Cloud (CVE-2022-22963). Spring RCE \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\nPraetorian \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0442\u043e\u0447\u043a\u0430 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c DataBinder (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0437\u0430\u043f\u0440\u043e\u0441 POST, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0442\u0435\u043b\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430) \u0438 \u0441\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 \u0434\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \n\n\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u043e\u0433\u0434\u0430 Spring \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u043d\u0430 Apache Tomcat, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d WebAppClassLoader, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u0433\u0435\u0442\u0442\u0435\u0440\u044b \u0438 \u0441\u0435\u0442\u0442\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JSP-\u0444\u0430\u0439\u043b \u043d\u0430 \u0434\u0438\u0441\u043a. \u041e\u0434\u043d\u0430\u043a\u043e, \u0435\u0441\u043b\u0438 Spring \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 Tomcat, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u2014 \u044d\u0442\u043e LaunchedURLClassLoader, \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0440\u043e\u0441\u0442\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u043b \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 POST \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\u00a0\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 Flashpoint, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Spring Core \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0435\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c.\u00a0\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0431\u0443\u0434\u0435\u0442 \u043d\u0430\u0439\u0442\u0438 \u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 DeserializationUtils.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, Rapid7 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0430\u043a\u0438\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c. ISAC \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0435\u0449\u0435 \u043d\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0442\u0435\u0441\u0442\u044b \u0438 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c PoC \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 RCE.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430 \u0423\u0438\u043b\u043b\u0430 \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u0430 \u0438\u0437 CERT/CC, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Spring4Shell \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u0441\u0435 \u0436\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u0435\u0442 \u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0412\u043e\u043e\u0431\u0449\u0435, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 BleepingComputer, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u0430\u0442\u0430\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430 Spring Core DataBinder.", "creation_timestamp": "2022-03-31T16:01:37.000000Z"}, {"uuid": "8bab87f5-19b8-49b3-97a8-51a1d6433e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22951", "type": "seen", "source": "https://t.me/true_secator/2768", "content": "VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Carbon Black App Control, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows.\n\nVMware Carbon Black App Control \u2014 \u044d\u0442\u043e\u00a0\u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u043f\u0438\u0441\u043a\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u043e\u0440\u043c\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-22951 \u0438 CVE-2022-22952 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u042f\u0440\u0438 \u042f\u0430\u0441\u043a\u0435\u043b\u044f \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 9,1 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 CVSS.\u00a0\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0436\u0435 \u0432\u043e\u0448\u0435\u043b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043a\u0430\u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0438\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\nCVE-2022-22951 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f VMware App Control, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\nCVE-2022-22952 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 VMware App Control \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0435 Windows.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Carbon Black App Control 8.5.x, 8.6.x, 8.7.x \u0438 8.8.x \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 8.5.14, 8.6.6, 8.7.4 \u0438 8.8.2.\u00a0\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 VMware \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e.", "creation_timestamp": "2022-03-24T13:28:00.000000Z"}, {"uuid": "826a8248-5f26-4fcf-9a10-a908e8d8e7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22952", "type": "seen", "source": "https://t.me/true_secator/2768", "content": "VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Carbon Black App Control, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows.\n\nVMware Carbon Black App Control \u2014 \u044d\u0442\u043e\u00a0\u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u043f\u0438\u0441\u043a\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u043e\u0440\u043c\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-22951 \u0438 CVE-2022-22952 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u042f\u0440\u0438 \u042f\u0430\u0441\u043a\u0435\u043b\u044f \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 9,1 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 CVSS.\u00a0\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0436\u0435 \u0432\u043e\u0448\u0435\u043b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043a\u0430\u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0438\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\nCVE-2022-22951 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f VMware App Control, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\nCVE-2022-22952 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 VMware App Control \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0435 Windows.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Carbon Black App Control 8.5.x, 8.6.x, 8.7.x \u0438 8.8.x \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 8.5.14, 8.6.6, 8.7.4 \u0438 8.8.2.\u00a0\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 VMware \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e.", "creation_timestamp": "2022-03-24T13:28:00.000000Z"}, {"uuid": "b8939d51-447c-4941-872f-d2a56361be03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2295", "type": "seen", "source": "https://t.me/cibsecurity/47180", "content": "\u203c CVE-2022-2295 \u203c\n\nType confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T07:18:02.000000Z"}, {"uuid": "286e2732-a1da-4b0a-abaf-c2c0280ed138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "https://t.me/xakep_ru/13103", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 VMware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VMware Workspace ONE Access (CVE-2022-22954), \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044f \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u044b \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442.\n\nhttps://xakep.ru/2022/10/24/cve-2022-22954-under-attacks/", "creation_timestamp": "2022-10-24T17:05:03.000000Z"}, {"uuid": "59f0892b-b2c1-4ce6-a97e-9364df1ccaa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6118", "content": "#Offensive_security\n1. Python script to exploit CVE-2022-22954 and CVE-2022-22960\nhttps://github.com/Chocapikk/CVE-2022-22954\n2. A webshell plugin and interactive shell for pentesting a LimeSurvey application\nhttps://github.com/p0dalirius/LimeSurvey-webshell-plugin", "creation_timestamp": "2022-06-02T11:01:01.000000Z"}, {"uuid": "bd351ad2-6835-47ea-b244-4f43457fb6a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "4988d893-b300-4766-9b1e-9e07b3d13728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "af87784b-cd89-498c-a61f-68c9fc9e4d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "f8eed85d-2224-4eab-80ff-30953680001e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-19)", "content": "", "creation_timestamp": "2025-02-19T00:00:00.000000Z"}, {"uuid": "4ca41500-515e-434f-8870-d72dd16f8d50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "fd415658-9ce1-4539-a09d-460057df0e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "0805b4dd-031f-41e1-b983-b99e416014cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "a2612a3f-fa0f-4a20-b644-85c20332ad97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "f62c8f58-2d4d-4269-808f-f9807a40ec19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "68d26115-d8a7-4371-bb04-c9d38db9e60c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "ce46356a-5960-4165-8373-cc78a7ac6cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/f5bea0e7ad800547c3e9b5e241e2d65c", "content": "", "creation_timestamp": "2025-10-20T04:01:23.000000Z"}, {"uuid": "827525d1-9661-4afd-8bbd-0d8f2ce2432b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/937b4359948bbce2e6e7cefbf97e8766", "content": "", "creation_timestamp": "2025-10-20T05:01:51.000000Z"}, {"uuid": "ebc79e88-d6fe-4fbd-805e-149b5b5c9b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-08)", "content": "", "creation_timestamp": "2025-09-08T00:00:00.000000Z"}, {"uuid": "2191e8a0-622d-45fe-a807-dcef36208b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22954", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-15)", "content": "", "creation_timestamp": "2025-09-15T00:00:00.000000Z"}, {"uuid": "4353f2bc-77af-495f-9663-406d23c2fbb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2295", "type": "seen", "source": "MISP/ac16c3df-55f1-43fe-b851-39d8040af0e4", "content": "", "creation_timestamp": "2025-09-01T17:27:45.000000Z"}, {"uuid": "f1199e52-f1aa-425a-b141-1eaeae331986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22956", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ly226qoxrx2w", "content": "", "creation_timestamp": "2025-09-04T21:02:22.780482Z"}, {"uuid": "f38e9666-3b09-4a18-986c-fee178db60d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22957", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ly226qrgq72e", "content": "", "creation_timestamp": "2025-09-04T21:02:23.365208Z"}]}