{"vulnerability": "CVE-2023-2176", "sightings": [{"uuid": "c8e31f60-5e12-48da-85a9-680b9e0c0e24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/road_to_oscp/193", "content": "CVE-2023-21768: Windows 11 LPE\n\nhttps://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768", "creation_timestamp": "2023-03-08T21:59:31.000000Z"}, {"uuid": "28e1beee-2344-4202-aa87-0b94b03aa53a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "https://t.me/kasperskyb2b/534", "content": "\ud83d\udc68\u200d\ud83d\udcbb \u0412\u0430\u0436\u043d\u044b\u0435 APT-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u0434\u0435\u043b\u0438\n\n\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f APT \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u0438 \u0441\u0435\u043b\u044c\u0441\u043a\u043e\u0445\u043e\u0437\u044f\u0439\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u041a\u0440\u044b\u043c\u0443, \u041b\u0443\u0433\u0430\u043d\u0441\u043a\u0435 \u0438 \u0414\u043e\u043d\u0435\u0446\u043a\u0435. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u0430 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u043e\u0432: PowerMagic, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 Powershell \u0438 \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a CommonMagic, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u0432 \u0447\u0438\u0441\u043b\u0435 \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u0434\u0435\u043b\u0430\u0442\u044c \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b \u0438 \u0432\u043e\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441\u043e \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u0435\u0439. \u0418\u0437 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 \u2013 \u0434\u043b\u044f C2 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f Dropbox \u0438 OneDrive. IOC \u0438 \u0434\u0435\u0442\u0430\u043b\u0438 \u043d\u0430 Securelist.\n\nAPT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 APT41/Gallium \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.  \u0412\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u043e\u0431\u044b\u0447\u043d\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 MS Exchange, \u043e\u043d \u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0435\u0440\u0435\u0432\u0430\u043b\u043e\u0447\u043d\u043e\u0433\u043e \u043f\u0443\u043d\u043a\u0442\u0430 \u043f\u0440\u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445. \u0414\u0430\u043b\u0435\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u0441\u0432\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041e\u043d \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u0438\u043b\u044c\u043d\u043e \u0434\u043e\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u043c mimikatz, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u0438\u043a \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u044f\u043c\u043e \u0432 LSASS.\n\n\u041d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e \u0440\u0430\u0431\u043e\u0442\u0435 \u04212 \u0438 TTP APT37/Scarcruft/Reaper \u2013 \u0440\u0430\u0437, \u0434\u0432\u0430 \u2013 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u044b \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0433\u0440\u0443\u043f\u043f\u0430 \u043d\u0435\u0447\u0430\u044f\u043d\u043d\u043e \u0441\u043b\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 Github-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439\ud83e\udd26\u200d\u2642\ufe0f. \u0421\u0440\u0435\u0434\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u043d\u0430\u0445\u043e\u0434\u043e\u043a \u2013 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 CHM, HTA, HWP (Hancom office), XLL (MS Excel Add-in).\n\n\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u044f \u043e\u0442 \u0448\u043f\u0438\u043e\u043d\u043e\u0432 \u043a \u043a\u043e\u043c\u043c\u0435\u0440\u0441\u0430\u043d\u0442\u0430\u043c, \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u043e Magecart \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u043e\u0441\u044c \u043d\u043e\u0432\u044b\u043c \u0432\u0435\u0431-\u0441\u043a\u0438\u043c\u043c\u0435\u0440\u043e\u043c Kritec, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 Websockets \u0438 \u043f\u0440\u0438\u043a\u0438\u0434\u044b\u0432\u0430\u0435\u0442\u0441\u044f Google Tag Manager.  \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e Mage\u0441art \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0442\u043e\u0440\u043e\u043c Hunter, \u043f\u043e\u0438\u0441\u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 \u0441\u0442\u0430\u043d\u0435\u0442 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0441\u043b\u043e\u0436\u043d\u0435\u0435. \n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411:\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0433\u0438\u0434 \u043f\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2023-23397 \u0432 Outlook.  \u041a\u0440\u043e\u043c\u0435 \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438, \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u044e\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u0442-\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 TTP \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u043d\u0430 Pwn2Own \u0432 \u0412\u0430\u043d\u043a\u0443\u0432\u0435\u0440\u0435 \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0447\u0443\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0435 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u0438 \u043e\u0434\u043d\u0443 \u00ab\u0422\u0435\u0441\u043b\u0443\u00bb. \u041b\u0438\u0434\u0435\u0440\u043e\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0433\u043e \u0437\u0430\u0447\u0451\u0442\u0430 \u0441\u0442\u0430\u043b\u0438 \u0440\u0435\u0441\u0451\u0440\u0447\u0435\u0440\u044b Synacktiv, \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u0432\u0448\u0438\u0435 \u043e\u043a\u043e\u043b\u043e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u044b \u043e\u0431\u0449\u0435\u0439 \u0441\u0443\u043c\u043c\u044b \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 27 \u0431\u0430\u0433\u043e\u0432,  \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0432 Tesla \u0438 Windows 11.\n\n\u0422\u0440\u0438\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c CloudPanel \u0434\u0435\u043b\u0430\u0435\u0442 \u043b\u044e\u0431\u044b\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u044b \u043f\u043e\u0434 \u0435\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043a \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0443 \u043f\u0430\u0440\u043e\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u2013 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u043e\u0431\u0449\u0435\u0433\u043e \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0433\u043e SSL-\u043a\u043b\u044e\u0447\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0439 CloudPanel \u0438 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u043f\u0440\u0438 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438 CloudPanel, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0440\u0430\u043d\u044c\u0448\u0435 \u0444\u0430\u0439\u0440\u0432\u043e\u043b \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \u041f\u043e\u043b\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043e\u0442 \u0432\u0435\u043d\u0434\u043e\u0440\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 CloudPanel \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0437\u0430\u043c\u0435\u043d\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432, \u043f\u0435\u0440\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430 \u0438 \u0437\u0430\u043c\u0435\u043d\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0430\u0440\u043e\u043b\u0435\u0439. \n\n\u0415\u0449\u0451 \u0440\u0430\u0437 \u0438\u043b\u043b\u044e\u0441\u0442\u0440\u0438\u0440\u0443\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u043a\u0443 \u00ab\u0437\u0430 \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u043e\u043c \u043f\u0430\u0442\u0447\u0435\u0439 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u0441\u0440\u0435\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432\u00bb, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 IBM \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0437\u0430 \u0441\u0443\u0442\u043a\u0438 \u0440\u0435\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2023-21768 \u0432 Winsock, \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 Microsoft \u0432 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0418, \u043d\u0435 \u043e\u0442\u043f\u0443\u0441\u043a\u0430\u044f \u0442\u0435\u043c\u0443 Microsoft, \u0434\u043b\u044f Windows 11 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0441\u0440\u043e\u0447\u043d\u044b\u0439 \u043f\u0430\u0442\u0447, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0439 aCropalypse (CVE-2023-28303), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0447\u0430\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u044b\u0445 (cropped) \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u0445 PNG, \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0445 \u00ab\u043d\u043e\u0436\u043d\u0438\u0446\u0430\u043c\u0438\u00bb Windows. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u0431\u0430\u0433 \u0432 Google Pixel \u0437\u0430\u043a\u0440\u044b\u0442 \u043c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0438\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Google.\n\n@\u041f2\u0422 #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442", "creation_timestamp": "2023-03-27T10:59:28.000000Z"}, {"uuid": "a5512af2-4b20-4cb4-ae58-189affa2a0ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1943", "content": "CVE-2023-21768(Windows Ancillary Function Driver for WinSock EoP) PoC exploit.\nComplete exploit works on vulnerable Windows 11 22H2 systems. Write primitive works on all vulnerable systems.\n\nUsage:\nWindows_AFD_LPE_CVE-2023-21768.exe ", "creation_timestamp": "2023-04-01T10:49:26.000000Z"}, {"uuid": "08bc71d1-49c0-43d5-b879-18a6440d81e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/-Cafirqz-p7NdQcLIwGXViHBuMY-qjUV70cOU-b_tSFeBMs", "content": "", "creation_timestamp": "2023-04-11T22:28:05.000000Z"}, {"uuid": "5d376298-6974-448a-a21c-c4df5b3e248c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1314", "content": "CVE-2023-21768: Windows 11 LPE\n\nhttps://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768\n\n#exploit #lpe #redteam #pentest #git", "creation_timestamp": "2023-03-08T22:54:10.000000Z"}, {"uuid": "1da3d60e-5e12-4050-be7a-15811f2b7f7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/578", "content": "https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768\nwin\u5185\u6838\u63d0\u6743\u6f0f\u6d1e", "creation_timestamp": "2023-05-18T16:28:36.000000Z"}, {"uuid": "81d4af59-f6fe-4cb3-8165-b7e75bfba2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5065", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c SafeBreach \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u00a0Windows Downdate, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows 10, Windows 11 \u0438 Windows Server.\n\n\u041a\u0430\u043a \u043c\u044b \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, \u0432 \u0445\u043e\u0434\u0435 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442\u043a\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u0441\u0442\u0430\u0440\u044b\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0432\u043d\u043e\u0432\u044c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nWindows Downdate \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0432\u0438\u0434\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Python \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Windows.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u0430\u043c\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 Hyper-V (\u0434\u043e \u0434\u0432\u0443\u0445\u043b\u0435\u0442\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438), \u044f\u0434\u0440\u0430 Windows, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NTFS \u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Filter Manager (\u0434\u043e \u0438\u0445 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u043d\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0439, Windows Downdate \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043e\u0442\u043a\u0430\u0442\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2021-27090, CVE-2022-34709, CVE-2023-21768 \u0438 PPLFault, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430, \u044f\u0434\u0440\u0430 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a UEFI VBS.\n\n\u0420\u0430\u043d\u0435\u0435 \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u043e\u0432\u0430\u043b \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 Windows Downdate \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-21302 \u0438 CVE-2024-38202 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat 2024.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0435\u0433\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e EDR, \u0430 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c, \u0447\u0442\u043e \u0446\u0435\u043b\u0435\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0430 (\u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e 7 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 (KB5041773) \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 Windows Secure Kernel Mode CVE-2024-21302, \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-38202 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows.\n\n\u0414\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 Windows.", "creation_timestamp": "2024-08-29T19:16:11.000000Z"}, {"uuid": "10120aea-48a0-423f-b2b9-c5296de446aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:50.000000Z"}, {"uuid": "62849df9-fb6d-40fd-aacf-304bfab48e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3893", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLPE exploit for CVE-2023-21768\nURL\uff1ahttps://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-08T16:03:26.000000Z"}, {"uuid": "6551c81c-562a-408f-9490-08f09b4653a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3916", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aUsing CVE-2023-21768 to manual map kernel mode driver \nURL\uff1ahttps://github.com/b11y/CVE-2023-21823\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-10T23:09:00.000000Z"}, {"uuid": "df96f061-4883-489d-bfb5-d785ff4e1996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3938", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aWindows_AFD_LPE_CVE-2023-21768\nURL\uff1ahttps://github.com/Malwareman007/CVE-2023-21768\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-13T20:37:19.000000Z"}, {"uuid": "66a5d520-f55c-44fd-b856-89f297241f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/1235", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25CVE-2023-21768(Windows Ancillary Function Driver for WinSock EoP) PoC exploit.\nComplete exploit works on vulnerable Windows 11 22H2 systems. Write primitive works on all vulnerable systems.\n\nUsage:\nWindows_AFD_LPE_CVE-2023-21768.exe ", "creation_timestamp": "2023-03-11T07:49:52.000000Z"}, {"uuid": "57718e14-6f35-42b9-bff7-4db7fb53dc95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "Telegram/u8qFNnGbmdhDbRieM14DKohWAZiXdZjBzXfZcPy9kpGgbAw", "content": "", "creation_timestamp": "2023-03-09T09:30:40.000000Z"}, {"uuid": "37d50fce-5fef-4216-879d-4c664ef45998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/6TzNeNsBA7NzqsLL4aY7PNfu8Lpw9GaJ5C32jG5_P4CQkqc", "content": "", "creation_timestamp": "2023-03-09T21:17:19.000000Z"}, {"uuid": "4e999f01-8f76-43eb-9d8a-96108f82e3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2176", "type": "seen", "source": "https://t.me/arpsyndicate/771", "content": "#ExploitObserverAlert\n\nCVE-2023-2176\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2176. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-29T16:50:04.000000Z"}, {"uuid": "2bf69b9a-a1df-449e-92b7-ce48ef1a6931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/Qj-A_JpjeTESR9XnHsIATmuynJb6gimku9PdFzo94mm1U94", "content": "", "creation_timestamp": "2023-03-08T21:11:41.000000Z"}, {"uuid": "56575ce6-fc16-4255-9fdd-79771b768c1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6144", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c SafeBreach \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u00a0Windows Downdate, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows 10, Windows 11 \u0438 Windows Server.\n\n\u041a\u0430\u043a \u043c\u044b \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, \u0432 \u0445\u043e\u0434\u0435 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442\u043a\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u0441\u0442\u0430\u0440\u044b\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0432\u043d\u043e\u0432\u044c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nWindows Downdate \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0432\u0438\u0434\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Python \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Windows.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u0430\u043c\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 Hyper-V (\u0434\u043e \u0434\u0432\u0443\u0445\u043b\u0435\u0442\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438), \u044f\u0434\u0440\u0430 Windows, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NTFS \u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Filter Manager (\u0434\u043e \u0438\u0445 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u043d\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0439, Windows Downdate \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043e\u0442\u043a\u0430\u0442\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2021-27090, CVE-2022-34709, CVE-2023-21768 \u0438 PPLFault, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430, \u044f\u0434\u0440\u0430 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a UEFI VBS.\n\n\u0420\u0430\u043d\u0435\u0435 \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u043e\u0432\u0430\u043b \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 Windows Downdate \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-21302 \u0438 CVE-2024-38202 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat 2024.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0435\u0433\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e EDR, \u0430 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c, \u0447\u0442\u043e \u0446\u0435\u043b\u0435\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0430 (\u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e 7 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 (KB5041773) \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 Windows Secure Kernel Mode CVE-2024-21302, \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-38202 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows.\n\n\u0414\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 Windows.", "creation_timestamp": "2024-08-28T19:30:05.000000Z"}, {"uuid": "39018485-5fdd-49b3-b6d3-668ded75f597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2176", "type": "seen", "source": "https://t.me/cibsecurity/62561", "content": "\u203c CVE-2023-2176 \u203c\n\nA vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-21T00:31:06.000000Z"}, {"uuid": "2f157f01-888a-456d-9d3e-d6ce62a283c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "https://t.me/cibsecurity/56273", "content": "\u203c CVE-2023-21768 \u203c\n\nWindows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:34:47.000000Z"}, {"uuid": "0b353824-873d-4d28-8001-50070b40f7f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21766", "type": "seen", "source": "https://t.me/cibsecurity/56272", "content": "\u203c CVE-2023-21766 \u203c\n\nWindows Overlay Filter Information Disclosure Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:34:46.000000Z"}, {"uuid": "ebadb6b7-10fe-4c89-8704-526ee514d6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21760", "type": "seen", "source": "https://t.me/cibsecurity/56290", "content": "\u203c CVE-2023-21678 \u203c\n\nWindows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21760, CVE-2023-21765.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:35:10.000000Z"}, {"uuid": "da01777f-4e37-4dd5-85a1-05ceca361a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21765", "type": "seen", "source": "https://t.me/cibsecurity/56290", "content": "\u203c CVE-2023-21678 \u203c\n\nWindows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21760, CVE-2023-21765.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:35:10.000000Z"}, {"uuid": "81197d4a-bbad-4a4d-bff3-f4f7296a35f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21767", "type": "seen", "source": "https://t.me/cibsecurity/56302", "content": "\u203c CVE-2023-21767 \u203c\n\nWindows Overlay Filter Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:41:52.000000Z"}, {"uuid": "deb2dd6b-6232-4501-9871-6fd45797a75c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7892", "content": "#exploit\n1. CVE-2023-25355/25356:\nVulnerabilities in CoreDial sipXcom sipXopenfire\nhttps://seclists.org/fulldisclosure/2023/Mar/5\n\n2. CVE-2023-21768:\nWindows 11 22H2 LPE\nhttps://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768\nhttps://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768", "creation_timestamp": "2023-03-09T11:05:16.000000Z"}, {"uuid": "d71203e8-ae1a-408f-9a9d-3d3184dbd3dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "e6304785-eb2b-44ed-b020-19837fa48768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb", "content": "", "creation_timestamp": "2023-03-30T16:58:43.000000Z"}, {"uuid": "64e58588-8d41-4b7b-8a96-771cf9bfd0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4004", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21768 Windows 11 22H2 \u7cfb\u7edf\u672c\u5730\u63d0\u6743 POC\nURL\uff1ahttps://github.com/CKevens/CVE-2023-21768-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-10T07:38:39.000000Z"}, {"uuid": "2c110201-8b8a-4b8c-982f-3c868437d5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3915", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aUsing CVE-2023-21768 to manual map kernel mode driver \nURL\uff1ahttps://github.com/SamuelTulach/nullmap\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-10T20:25:46.000000Z"}, {"uuid": "00fd0f5c-b0ac-4c57-9593-6f03475cfd2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21762", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5998", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21762\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Exchange Server Spoofing Vulnerability\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:14:23.383Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21762", "creation_timestamp": "2025-02-28T21:37:24.000000Z"}, {"uuid": "9f574fea-8363-4425-990e-e55573a1b4d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/37", "content": "https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768", "creation_timestamp": "2023-03-12T22:59:23.000000Z"}, {"uuid": "80e9d6ed-267d-4ec7-9c2b-878b265821dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/h-IewMpqXJNVydldZ_FfbpMCKXSvbFJ0vXG9PT0omE5Wbl8", "content": "", "creation_timestamp": "2023-03-09T06:57:20.000000Z"}, {"uuid": "12e7bb4e-ec6d-4936-bbd9-3c21ef2c9e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "https://t.me/arpsyndicate/2008", "content": "#ExploitObserverAlert\n\nCVE-2023-21768\n\nDESCRIPTION: Exploit Observer has 30 entries related to CVE-2023-21768. Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.016680000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-18T15:07:00.000000Z"}, {"uuid": "80576fd5-4c97-473d-a55b-585250a099f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2404", "content": "LPE exploit for CVE-2023-21768\n\nWindows Ancillary Function Driver for WinSock Elevation of Privilege\n\nhttps://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768", "creation_timestamp": "2023-03-09T10:12:44.000000Z"}, {"uuid": "cef3bdbe-bd68-4c9b-8800-f56463f7a39e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "Telegram/G9x3P-SMV0k8GNsiXWJursBq0vZk7QlvoiyZ9kYn8mw6hR4", "content": "", "creation_timestamp": "2023-04-15T16:53:41.000000Z"}, {"uuid": "3d6ed7e2-9a20-45f2-b5b0-7d1b054d5ed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/9ZqSlYWgpWYjGSCECsQ28TgVDX17APwQcLiOnmoAofcpXBc", "content": "", "creation_timestamp": "2023-04-15T16:48:06.000000Z"}, {"uuid": "1f9a2eef-da88-4a40-8390-c383a8179a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/SIWyXKvT0Q6Uz-bsgnRMW2gKDzRQC0pWbNkqsYd4SsYotfc", "content": "", "creation_timestamp": "2023-04-11T09:30:01.000000Z"}, {"uuid": "aa4a1139-6249-43f1-a6bd-b260acf56596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/3AWN1C7WszyJvwER210s3dqhKR1Naub4BBQREkbiaZTgqNo", "content": "", "creation_timestamp": "2023-03-29T11:37:31.000000Z"}, {"uuid": "6009b09b-541a-4320-bd8d-f94aadbe60ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/2986", "content": "https://windows-internals.com/i-o-rings-when-one-i-o-operation-is-not-enough\n\nhttps://windows-internals.com/one-i-o-ring-to-rule-them-all-a-full-read-write-exploit-primitive-on-windows-11/\n\nhttps://windows-internals.com/one-year-to-i-o-ring-what-changed\n\nhttps://github.com/h1bAna/CVE-2023-21768\n\nhttps://securityintelligence.com/posts/patch-tuesday-exploit-wednesday-pwning-windows-ancillary-function-driver-winsock/", "creation_timestamp": "2023-04-06T01:32:35.000000Z"}, {"uuid": "b7338c2d-d71d-46ed-801e-cb791eb63a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4799", "content": "CVE-2023-21768\n\nLPE exploit for CVE-2023-21768\n\nGithub\n\n#CVE #Exploit #lpe\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:09.000000Z"}, {"uuid": "9280656d-f1f7-4b68-bace-e18d12fb4629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "Telegram/sTV3Qh1CaZPI1NLF_PgpTwtNz6qewWgLjuQsfZKPTYimZ-o", "content": "", "creation_timestamp": "2023-03-09T20:55:04.000000Z"}, {"uuid": "8d1c86b3-d0e1-4bc9-b916-8f3cfb312c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1540", "content": "https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768", "creation_timestamp": "2024-11-11T00:20:33.000000Z"}, {"uuid": "16d11d1c-dcfd-4e76-927c-831c42b5bcf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21768", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}]}