{"vulnerability": "CVE-2023-2607", "sightings": [{"uuid": "8c25ab78-0a8e-4282-ad66-07fbfff462e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26076", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2794", "content": "\ud83d\udca5Shannon Baseband: Intra-object overflow in NrSmPcoCodec when decoding reserved options(CVE-2023-26076).\nThere is an intra-object overflow in Shannon Baseband, inside the 5G SM protocol implementation (NrSmMsgCodec as it\u2019s called in Shannon according to debug strings), when decoding the \u201cExtended protocol configuration options\u201d message (IEI = 0x7B).\n\nThe problem is that the size of the content isn\u2019t checked before copying it. As the length of content can be up to 255 bytes, copying the content to one of the 6 reservedPco buffers can result in an OOB write.\nThe array that holds the \u201cReserved\u201d option data isn\u2019t in a standalone allocation, rather this array is a part of a larger structure. Thus, an OOB write as described above overwrites other data within the same structure. It is currently unclear what kind of data lies after the 6 reservedPco buffers within reach of the overwrite.\n\n\ud83d\udd16An \u201cExtended protocol configuration options\u201d message that triggers the overflow is provided in epco-reserved-poc.dat.", "creation_timestamp": "2023-03-20T14:22:52.000000Z"}, {"uuid": "2df59d62-b27f-4d9a-acfd-589bf170fec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26078", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/2939", "content": "\u200b\u26a1\ufe0fAtera \u043f\u043e\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432: \u0432 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udcac \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Windows-\u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Atera, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0441\u043b\u0443\u0436\u0438\u0442\u044c \u0442\u043e\u0447\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u0430 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\nAtera \u2014 \u044d\u0442\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 IT-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u043c\u0438 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u0440\u0430\u0441\u0441\u0442\u043e\u044f\u043d\u0438\u0438. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0430 \u043a\u0430\u0436\u0434\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u0433\u0435\u043d\u0442 Atera, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u044f\u0437\u044c \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Mandiant \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440 \u0430\u0433\u0435\u043d\u0442\u0430 Atera \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u041f\u041e \u043f\u0435\u0440\u0432\u044b\u043c\u0438 \u0443\u0437\u043d\u0430\u043b\u0438 \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0431\u0440\u0435\u0448\u0435\u0439 \u0432 \u0441\u0432\u043e\u0451\u043c \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0435 \u0438 \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u00ab\u043f\u0438\u043b\u0438\u0442\u044c \u0444\u0438\u043a\u0441\u044b\u00bb. \u0412 \u0430\u043f\u0440\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 Atera 1.8.3.7 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0435\u0440\u0432\u043e\u0439 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0432 \u0438\u044e\u043d\u0435 \u0441\u0432\u0435\u0442 \u0443\u0432\u0438\u0434\u0435\u043b\u0430 Atera \u0432\u0435\u0440\u0441\u0438\u0438 1.8.4.9, \u0433\u0434\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0432\u0442\u043e\u0440\u0443\u044e.\n\n\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u043a\u043e\u0433\u0434\u0430 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u0440\u043e\u0448\u043b\u043e \u043a\u0430\u043a\u043e\u0435-\u0442\u043e \u0432\u0440\u0435\u043c\u044f, Mandiant \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 , \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u0441\u0443\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2023-26077 ) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440 \u0430\u0433\u0435\u043d\u0442\u0430 Atera \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a. \u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 DLL Hijacking \u0438 \u043f\u043e\u0434\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0434\u043d\u0443 \u0438\u0437 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440, \u0441\u0432\u043e\u0435\u0439 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0442\u0430\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f NT AUTHORITYSYSTEM, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u043c\u0435\u0435\u0442 \u0441\u0430\u043c\u044b\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 Windows.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2023-26078 ) \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440 \u0430\u0433\u0435\u043d\u0442\u0430 Atera \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u043a\u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 Windows (conhost.exe). \u042d\u0442\u043e \u043e\u043a\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f NT AUTHORITYSYSTEM, \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c \u0444\u0430\u043a\u0442\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u00ab\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 NT AUTHORITYSYSTEM \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c\u00bb, \u2014 \u0437\u0430\u044f\u0432\u0438\u043b \u043e\u0434\u0438\u043d \u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Mandiant. \u00ab\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u0441\u043e\u0431\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f , \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0435\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 NT AUTHORITYSYSTEM, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439\u00bb.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Atera \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0451 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b\u0438.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0430\u0445 Windows. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Kaspersky \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0430 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows (CVE-2023-23397), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u0434\u0430\u043d\u0438\u044f, \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0432 Outlook, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u00ab\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u0441\u043e\u0431\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043a\u0440\u0430\u0439\u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u044b \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439\u00bb, \u2014 \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u043b\u0438 \u0432 Mandiant. \u00ab\u0412\u0430\u0436\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u043b\u0438 \u0441\u0432\u043e\u0438 \u043e\u0441\u043e\u0431\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0437\u0430\u0445\u0432\u0430\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 NT AUTHORITYSYSTEM, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c\u044b\u0445 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c MSI\u00bb.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-07-25T10:43:00.000000Z"}, {"uuid": "f9b1d888-1e94-49db-bd61-3c0f4356c889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26074", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6265", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26074\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AC:L/AV:N/A:H/C:L/I:L/PR:L/S:U/UI:N)\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.\n\ud83d\udccf Published: 2023-03-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T19:11:30.839Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/processor/modem/\n2. https://semiconductor.samsung.com/processor/mobile-processor/\n3. https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n4. https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html\n5. https://bugs.chromium.org/p/project-zero/issues/detail?id=2397\n6. http://packetstormsecurity.com/files/171383/Shannon-Baseband-NrmmMsgCodec-Access-Category-Definitions-Heap-Buffer-Overflow.html", "creation_timestamp": "2025-03-03T19:31:03.000000Z"}, {"uuid": "c73c7bff-e311-474c-aa52-f0c31b406cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26072", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6256", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26072\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AC:L/AV:N/A:H/C:L/I:L/PR:L/S:U/UI:N)\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.\n\ud83d\udccf Published: 2023-03-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T19:21:07.889Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/processor/modem/\n2. https://semiconductor.samsung.com/processor/mobile-processor/\n3. https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n4. https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html\n5. https://bugs.chromium.org/p/project-zero/issues/detail?id=2395\n6. http://packetstormsecurity.com/files/171378/Shannon-Baseband-NrmmMsgCodec-Emergency-Number-List-Heap-Buffer-Overflow.html", "creation_timestamp": "2025-03-03T19:30:48.000000Z"}, {"uuid": "e3426c21-da5b-45d0-a492-f6e5372ff726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26073", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6260", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26073\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AC:L/AV:N/A:H/C:L/I:L/PR:L/S:U/UI:N)\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.\n\ud83d\udccf Published: 2023-03-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T19:17:40.134Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/processor/modem/\n2. https://semiconductor.samsung.com/processor/mobile-processor/\n3. https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n4. https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html\n5. https://bugs.chromium.org/p/project-zero/issues/detail?id=2396\n6. http://packetstormsecurity.com/files/171380/Shannon-Baseband-NrmmMsgCodec-Extended-Emergency-Number-List-Heap-Buffer-Overflow.html", "creation_timestamp": "2025-03-03T19:30:55.000000Z"}, {"uuid": "304f2ed3-a864-4971-b225-e3c24887a014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26075", "type": "seen", "source": "Telegram/vyQpOIgsHay5XvHOFhhxaJPfY4gIYu2p1rhGZhdn8Xgw_ClL", "content": "", "creation_timestamp": "2025-03-02T11:44:19.000000Z"}, {"uuid": "abbfa976-0710-4331-8c52-bd7a791c9c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26076", "type": "published-proof-of-concept", "source": "Telegram/1BTDp_msRSVS1ZU79Xfuh9vg1NXx4coPKTqsslbGhQHdgWY", "content": "", "creation_timestamp": "2023-03-23T18:46:31.000000Z"}, {"uuid": "a58d6b9e-f6af-40c8-abfa-63a07b679860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2607", "type": "published-proof-of-concept", "source": "Telegram/UpvmjRjDEsIPvQFlMqpzSlqie__kHik00sWMZqJ_hT9B9K4", "content": "", "creation_timestamp": "2023-03-16T22:39:30.000000Z"}, {"uuid": "3a5d85c5-8559-48ba-8efb-45d33cff7411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26074", "type": "published-proof-of-concept", "source": "Telegram/hg7bt0Cqf9NwQSkSyK8pIfXhEtYGgameG0T13iOovc5GvUA", "content": "", "creation_timestamp": "2023-03-16T22:39:30.000000Z"}, {"uuid": "12a9c161-4929-4494-89f2-d14b4078830a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26073", "type": "published-proof-of-concept", "source": "Telegram/TuQ3en8jiKkfEX06_d0RA9JdaDSyYhfxT9HUHYpoOqQ_g6s", "content": "", "creation_timestamp": "2023-03-16T22:39:30.000000Z"}, {"uuid": "888e359b-eda2-4ee4-b72d-6b09f8ba9154", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26072", "type": "published-proof-of-concept", "source": "Telegram/Z842L4Ck5hQO6yVI07qHqt0XJljee0aGcmI5vgjGTcGDToE", "content": "", "creation_timestamp": "2023-03-16T22:39:30.000000Z"}, {"uuid": "c04003b6-de72-4944-a11f-d778b46d9343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26078", "type": "seen", "source": "https://t.me/KomunitiSiber/535", "content": "Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks\nhttps://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html\n\nZero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks.\nThe flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers\u00a0CVE-2023-26077\u00a0and\u00a0CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and", "creation_timestamp": "2023-07-24T15:39:33.000000Z"}, {"uuid": "15bb25c2-e6dc-4f45-a5ed-0b6cd5972f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26077", "type": "seen", "source": "https://t.me/KomunitiSiber/535", "content": "Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks\nhttps://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html\n\nZero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks.\nThe flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers\u00a0CVE-2023-26077\u00a0and\u00a0CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and", "creation_timestamp": "2023-07-24T15:39:33.000000Z"}, {"uuid": "ed422aad-bd51-4f8c-bded-0ae24ff0c827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26078", "type": "seen", "source": "https://t.me/AnonCyberWarrior/1960", "content": "Zero-day vulnerabilities (CVE-2023-26077 and CVE-2023-26078) found in Atera remote monitoring software's Windows Installers can lead to privilege escalation attacks.\u00a0 \n\nRead details: https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html", "creation_timestamp": "2023-07-25T16:01:36.000000Z"}, {"uuid": "431791b6-492b-4559-ae30-6abe6e5f3eb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26077", "type": "seen", "source": "https://t.me/AnonCyberWarrior/1960", "content": "Zero-day vulnerabilities (CVE-2023-26077 and CVE-2023-26078) found in Atera remote monitoring software's Windows Installers can lead to privilege escalation attacks.\u00a0 \n\nRead details: https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html", "creation_timestamp": "2023-07-25T16:01:36.000000Z"}, {"uuid": "9a9db816-9938-4c5f-82ce-e408aa047214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26070", "type": "seen", "source": "https://t.me/cibsecurity/61797", "content": "\u203c CVE-2023-26070 \u203c\n\nCertain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T00:22:45.000000Z"}, {"uuid": "83bbb424-c238-4c1f-87d9-eada36a5ae41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26076", "type": "seen", "source": "https://t.me/cibsecurity/59905", "content": "\u203c CVE-2023-26076 \u203c\n\nAn issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T17:23:33.000000Z"}, {"uuid": "b7fb0982-41fa-4433-baab-e8259b895077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26073", "type": "seen", "source": "https://t.me/cibsecurity/59896", "content": "\u203c CVE-2023-26073 \u203c\n\nAn issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T17:23:23.000000Z"}, {"uuid": "fe39683f-bc28-41ea-b4af-34f15a674dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26072", "type": "seen", "source": "https://t.me/cibsecurity/59886", "content": "\u203c CVE-2023-26072 \u203c\n\nAn issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T15:53:20.000000Z"}, {"uuid": "92bbab3d-0c8b-4981-9b6d-72966c6efbe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26078", "type": "seen", "source": "https://t.me/cibsecurity/67165", "content": "\u203c CVE-2023-26078 \u203c\n\nPrivilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-24T20:26:21.000000Z"}, {"uuid": "0db12441-8222-4315-a1e0-d13821002f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26077", "type": "seen", "source": "https://t.me/cibsecurity/67177", "content": "\u203c CVE-2023-26077 \u203c\n\nAtera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-24T22:26:12.000000Z"}, {"uuid": "2136f737-ef6d-46c2-b6e2-5903510513bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26075", "type": "seen", "source": "https://t.me/cibsecurity/59806", "content": "\u203c CVE-2023-26075 \u203c\n\nAn issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T20:21:13.000000Z"}, {"uuid": "5f1f87d1-ee77-4fab-8fda-d1e66b117d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26074", "type": "seen", "source": "https://t.me/cibsecurity/59883", "content": "\u203c CVE-2023-26074 \u203c\n\nAn issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T15:53:17.000000Z"}, {"uuid": "1b593611-97e6-442f-98de-3bf6688e4932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26078", "type": "seen", "source": "https://t.me/thehackernews/3638", "content": "Zero-day vulnerabilities (CVE-2023-26077 and CVE-2023-26078) found in Atera remote monitoring software's Windows Installers can lead to privilege escalation attacks.  \n \nRead details: https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html", "creation_timestamp": "2023-07-24T15:03:22.000000Z"}, {"uuid": "051f2a89-5358-49f3-813c-37d4a0bdaf63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26077", "type": "seen", "source": "https://t.me/thehackernews/3638", "content": "Zero-day vulnerabilities (CVE-2023-26077 and CVE-2023-26078) found in Atera remote monitoring software's Windows Installers can lead to privilege escalation attacks.  \n \nRead details: https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html", "creation_timestamp": "2023-07-24T15:03:22.000000Z"}, {"uuid": "c21a6562-0632-4326-8075-d5cf087e4ee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26072", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html", "content": "", "creation_timestamp": "2023-03-16T18:07:00.000000Z"}, {"uuid": "f4a47e42-5809-4a44-b355-c50bf77d4e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26073", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html", "content": "", "creation_timestamp": "2023-03-16T18:07:00.000000Z"}, {"uuid": "aa1d1f69-0138-4652-b92a-45c37716a759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26074", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html", "content": "", "creation_timestamp": "2023-03-16T18:07:00.000000Z"}, {"uuid": "6c696f97-f94a-467b-8294-be3f39d69098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26075", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html", "content": "", "creation_timestamp": "2023-03-16T18:07:00.000000Z"}, {"uuid": "bdcd3d3b-f4cd-4274-b18c-49f3e5bdf1c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26076", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html", "content": "", "creation_timestamp": "2023-03-16T18:07:00.000000Z"}, {"uuid": "90b54fee-6ae5-4bdd-9718-55cb6ab77a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26077", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/2939", "content": "\u200b\u26a1\ufe0fAtera \u043f\u043e\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432: \u0432 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udcac \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Windows-\u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Atera, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0441\u043b\u0443\u0436\u0438\u0442\u044c \u0442\u043e\u0447\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u0430 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\nAtera \u2014 \u044d\u0442\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 IT-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u043c\u0438 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u0440\u0430\u0441\u0441\u0442\u043e\u044f\u043d\u0438\u0438. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0430 \u043a\u0430\u0436\u0434\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u0433\u0435\u043d\u0442 Atera, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u044f\u0437\u044c \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Mandiant \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440 \u0430\u0433\u0435\u043d\u0442\u0430 Atera \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u041f\u041e \u043f\u0435\u0440\u0432\u044b\u043c\u0438 \u0443\u0437\u043d\u0430\u043b\u0438 \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0431\u0440\u0435\u0448\u0435\u0439 \u0432 \u0441\u0432\u043e\u0451\u043c \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0435 \u0438 \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u00ab\u043f\u0438\u043b\u0438\u0442\u044c \u0444\u0438\u043a\u0441\u044b\u00bb. \u0412 \u0430\u043f\u0440\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 Atera 1.8.3.7 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0435\u0440\u0432\u043e\u0439 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0432 \u0438\u044e\u043d\u0435 \u0441\u0432\u0435\u0442 \u0443\u0432\u0438\u0434\u0435\u043b\u0430 Atera \u0432\u0435\u0440\u0441\u0438\u0438 1.8.4.9, \u0433\u0434\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0432\u0442\u043e\u0440\u0443\u044e.\n\n\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u043a\u043e\u0433\u0434\u0430 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u0440\u043e\u0448\u043b\u043e \u043a\u0430\u043a\u043e\u0435-\u0442\u043e \u0432\u0440\u0435\u043c\u044f, Mandiant \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 , \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u0441\u0443\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2023-26077 ) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440 \u0430\u0433\u0435\u043d\u0442\u0430 Atera \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a. \u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 DLL Hijacking \u0438 \u043f\u043e\u0434\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0434\u043d\u0443 \u0438\u0437 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440, \u0441\u0432\u043e\u0435\u0439 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0442\u0430\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f NT AUTHORITYSYSTEM, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u043c\u0435\u0435\u0442 \u0441\u0430\u043c\u044b\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 Windows.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2023-26078 ) \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440 \u0430\u0433\u0435\u043d\u0442\u0430 Atera \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u043a\u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 Windows (conhost.exe). \u042d\u0442\u043e \u043e\u043a\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f NT AUTHORITYSYSTEM, \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c \u0444\u0430\u043a\u0442\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u00ab\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 NT AUTHORITYSYSTEM \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c\u00bb, \u2014 \u0437\u0430\u044f\u0432\u0438\u043b \u043e\u0434\u0438\u043d \u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Mandiant. \u00ab\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u0441\u043e\u0431\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f , \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0435\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 NT AUTHORITYSYSTEM, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439\u00bb.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Atera \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0451 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b\u0438.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0430\u0445 Windows. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Kaspersky \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0430 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows (CVE-2023-23397), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u0434\u0430\u043d\u0438\u044f, \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0432 Outlook, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u00ab\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u0441\u043e\u0431\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043a\u0440\u0430\u0439\u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u044b \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439\u00bb, \u2014 \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u043b\u0438 \u0432 Mandiant. \u00ab\u0412\u0430\u0436\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u043b\u0438 \u0441\u0432\u043e\u0438 \u043e\u0441\u043e\u0431\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0437\u0430\u0445\u0432\u0430\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 NT AUTHORITYSYSTEM, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c\u044b\u0445 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c MSI\u00bb.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-07-25T10:43:00.000000Z"}, {"uuid": "25865f71-fc67-4b5c-88cc-f88cb56a3a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26071", "type": "seen", "source": "Telegram/ptlGRyvTMqTgdL-Rr59nCy6BNwa7QMAn7eiYXasJ8njI5alV", "content": "", "creation_timestamp": "2025-02-19T19:13:54.000000Z"}, {"uuid": "1c633e28-7197-4002-b230-9ff3689ab243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26078", "type": "seen", "source": "Telegram/nzqazI8-kualjvJFrdWZIIOGbqrwgHhSvvDpGa8OJfCDaw", "content": "", "creation_timestamp": "2023-07-24T17:18:00.000000Z"}, {"uuid": "0cfba024-ab41-422f-a6dd-9c337d996244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26077", "type": "seen", "source": "Telegram/nzqazI8-kualjvJFrdWZIIOGbqrwgHhSvvDpGa8OJfCDaw", "content": "", "creation_timestamp": "2023-07-24T17:18:00.000000Z"}]}