{"vulnerability": "CVE-2023-3567", "sightings": [{"uuid": "1ad5eb42-72c9-4d08-91dd-43b0a8f159c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9c66c1c7-ea90-437f-bd9a-10282031fb74", "content": "", "creation_timestamp": "2026-02-02T12:26:50.848572Z"}, {"uuid": "45b0948f-8b0a-4b81-bf31-3f27c39f5d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "exploited", "source": "https://t.me/cKure/11536", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2023-35674: September Android updates fix zero-day exploited in attacks.\n\nhttps://www.bleepingcomputer.com/news/security/september-android-updates-fix-zero-day-exploited-in-attacks/", "creation_timestamp": "2023-09-08T19:40:40.000000Z"}, {"uuid": "dbba16a2-00b6-444c-aec3-c511e0f408bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5116", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u0e08\u0e33\u0e25\u0e2d\u0e07 0DAY \u0e02\u0e2d\u0e07 CVE-2023-35674\nURL\uff1ahttps://github.com/Thampakon/CVE-2023-35674\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-11T05:45:38.000000Z"}, {"uuid": "a859ad52-c3ee-442c-8381-e8ff46ceaace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "seen", "source": "https://t.me/itsec_news/3219", "content": "\u200b\u26a1\ufe0f\u041d\u043e\u0432\u044b\u0439 \u0431\u0430\u0433 \u0432 Android \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u0432\u0430\u0448\u0438 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\ud83d\udcac \u0412 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Android \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c , \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u043b\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u043e\u0439 \u043a\u0430\u0440\u0442\u044b \u0447\u0435\u0440\u0435\u0437 \u043c\u043d\u043e\u0433\u043e\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 NFC, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Flipper Zero. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-35671 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 Android 5.0 \u0438 \u0432\u044b\u0448\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u00ab Screen Pinning \u00bb (\u00ab\u0417\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u044d\u043a\u0440\u0430\u043d\u0430\u00bb). \u041f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u0434\u0430\u043d\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043b\u044e\u0431\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u043f\u0446\u0438\u0439 \u00ab\u0417\u0430\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u0442\u044c PIN-\u043a\u043e\u0434 \u043f\u0435\u0440\u0435\u0434 \u043e\u0442\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435\u043c\u00bb \u0438 \u00ab\u0422\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043b\u044f NFC\u00bb, \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u043e\u0439 \u043a\u0430\u0440\u0442\u044b \u0436\u0435\u0440\u0442\u0432\u044b \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u0445\u0438\u0449\u0435\u043d\u044b.\n\n\u041e\u043f\u0446\u0438\u044f \u00ab\u0417\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u044d\u043a\u0440\u0430\u043d\u0430\u00bb \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0430 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0440\u0430\u043d \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u0430 \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438, \u0431\u0435\u0437 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0435\u0433\u043e. \u042d\u0442\u043e \u043d\u0443\u0436\u043d\u043e, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u0432\u0440\u0435\u043c\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0434\u0440\u0443\u0433\u043e\u043c\u0443 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0443 (\u0434\u0440\u0443\u0433\u0443, \u0440\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u0443) \u0438 \u0431\u044b\u0442\u044c \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442 \u043b\u044e\u0431\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438 \u043d\u0435 \u043d\u0430\u0440\u0443\u0448\u0438\u0442 \u0432\u0430\u0448\u0443 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0441\u0442\u044c.\n\n\u0422\u0430\u043a \u0432\u043e\u0442, \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u043b\u043e\u0432\u0435\u043a \u0441 \u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u043c \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u0435\u043c NFC \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u0440\u0435\u0434\u0438\u0442\u043d\u043e\u0439 \u0438\u043b\u0438 \u0434\u0435\u0431\u0435\u0442\u043e\u0432\u043e\u0439 \u043a\u0430\u0440\u0442\u044b, \u0435\u0441\u043b\u0438 \u043e\u043d\u0430 \u043f\u0440\u0438\u0432\u044f\u0437\u0430\u043d\u0430 \u0432 Google Wallet \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0430 \u0434\u043b\u044f \u0431\u0435\u0441\u043a\u043e\u043d\u0442\u0430\u043a\u0442\u043d\u043e\u0439 \u043e\u043f\u043b\u0430\u0442\u044b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0438\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0439 \u0433\u0430\u0434\u0436\u0435\u0442, \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0432\u043e\u0434\u0430 \u043f\u0430\u0440\u043e\u043b\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u044b\u0447\u043d\u043e \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445.\n\n\u0421\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043f\u043b\u0430\u0442\u0435\u0436\u0438, \u043e\u0434\u043d\u0430\u043a\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u0438\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u043a\u0430\u0440\u0442\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0451 \u043d\u043e\u043c\u0435\u0440 \u0438 \u0441\u0440\u043e\u043a \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0447\u0442\u043e \u0442\u043e\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0447\u0435\u043d\u044c \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0440\u0438\u0441\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, Google \u0443\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a \u00ab\u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0443\u044e\u00bb \u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0430 \u043a \u0440\u0435\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u0432 \u043f\u0430\u0442\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430 , \u043e\u0434\u043d\u0430\u043a\u043e \u0435\u0433\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u0435\u0436\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 Android 11. \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432\u0441\u0435\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c Android-\u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043a\u0430\u0436\u0434\u044b\u0439 \u0432 \u0441\u0432\u043e\u0451\u043c \u0442\u0435\u043c\u043f\u0435, \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0410 \u0432\u043e\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u043d\u0430 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Android, \u0438\u043b\u0438 \u0442\u0435\u043c, \u0447\u044c\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c, \u2014 \u043d\u0435 \u0441\u0432\u0435\u0442\u0438\u0442 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0442\u0447\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u043b\u0438\u0448\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043e\u0442\u043a\u0430\u0437 \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00ab\u0417\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u044d\u043a\u0440\u0430\u043d\u0430\u00bb.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-09-16T07:57:28.000000Z"}, {"uuid": "03a72e18-074a-4a62-9eff-7911d78ebe9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35670", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14529", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-35670\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\ud83d\udccf Published: 2023-09-11T20:09:52.999Z\n\ud83d\udccf Modified: 2025-05-02T16:53:52.496Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe\n2. https://source.android.com/security/bulletin/2023-09-01", "creation_timestamp": "2025-05-02T17:16:30.000000Z"}, {"uuid": "680e8466-a4b7-4b83-b95a-7c4262ae8746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_Watch_insider/81", "content": "https://github.com/MrTiz/CVE-2023-35671", "creation_timestamp": "2023-09-13T07:18:21.000000Z"}, {"uuid": "4c6ae3c0-82b2-4eb3-88b5-e75c8fde1c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "Telegram/Y8qMv4Wn_sgg3grM37CcJD0A329WHwib3F8S0-DtJCmmoQ", "content": "", "creation_timestamp": "2023-09-13T07:43:39.000000Z"}, {"uuid": "73950463-1665-47ee-8547-ba61601c6b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "https://t.me/kasperskyb2b/866", "content": "\ud83c\udf4f\ud83d\udcf1  \u0420\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u0432  Android \u0438 iOS \u2014 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u0441\u044f\n\n\u0412\u044b\u0448\u0435\u0434\u0448\u0438\u0435 \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f Android \u0438 iOS \u0441\u0442\u043e\u044f\u0442 \u043f\u0440\u0438\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\nCVE-2023-41064 \u0438 CVE-2023-41061 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 iOS \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u0441\u0432\u0435\u0436\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 16.6 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 NSO Group.  \u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 PassKit  \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b. \u041d\u0430\u0448\u0435\u0434\u0448\u0438\u0435 \u043e\u0434\u043d\u0443 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b CitizenLab \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 BLASTPASS \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c lockdown mode. \u041d\u0443 \u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430-\u043c\u0438\u043d\u0438\u043c\u0443\u043c \u2014 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 16.6.1. \u0422\u0430\u043a\u0436\u0435 \u044d\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 watchOS \u0438 macOS Ventura.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0432 Google \u0437\u0430\u043a\u0440\u044b\u043b\u0438 CVE-2023-35674, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Android Framework, \u043a\u043e\u0442\u043e\u0440\u0430\u044f  \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. Google \u0441\u043a\u0440\u043e\u043c\u043d\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u0432 \u0441\u043d\u043e\u0441\u043a\u0435, \u0447\u0442\u043e \u00ab\u0435\u0441\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439, \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb, \u043d\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439. \n\u0422\u043e \u0436\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0435\u0449\u0451 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 4 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u2014 3 RCE \u0432 System \u0438 \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0443\u044e CVE-2023-28581 \u0432 WLAN-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Qualcomm, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0438\u043c\u0435\u044e\u0449\u0443\u044e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u0439 CVSS 9.8. \n\u0412\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 AOSP \u0438\u043b\u0438 \u0447\u0438\u0441\u0442\u043e\u0433\u043e Google Android \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 11 \u043f\u043e 13 \u0440\u0430\u0434\u043e\u0441\u0442\u043d\u043e \u0431\u0435\u0433\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f, \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0432\u0441\u0435\u0433\u043e \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043c\u0438\u0440\u0435\u043d\u043d\u043e \u0436\u0434\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 \u0441\u0432\u043e\u0435\u0433\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u044e\u0442 \u0438\u0445 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u0447\u0430\u0449\u0435. \ud83d\udd34\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-09-08T09:35:22.000000Z"}, {"uuid": "e09634ff-15b2-4054-838c-8015896c3a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35673", "type": "seen", "source": "https://t.me/malwaresupport/40", "content": "Android fixes 0-day vulnerability exploited by hackers\n\nSeptember updates for Android fixed 33 vulnerabilities in Google's operating system, including a zero-day issue that is currently being exploited by attackers.\n\nThe 0-day vulnerability is identified as CVE-2023-35674 and is a flaw in the Android Framework that allows attackers to escalate privileges. Exploiting the bug does not require user interaction or any additional privileges.\n\nThe company\u00a0says that the vulnerability has already been subject to \u201climited, targeted exploitation,\u201d but details about these attacks are not yet known.\n\nThree other privilege escalation issues have also been fixed as part of the Android Framework. The most severe of these \"can result in local escalation of privilege and do not require additional privileges to execute\" or any user interaction.\n\nAdditionally, the September updates fix three critical flaws in the Android System component (CVE-2023-35658, CVE-2023-35673, CVE-2023-35681) and one in closed-source Qualcomm components (CVE-2023-28581).\n\nVulnerabilities in the Android System can lead to remote code execution (RCE) and also do not require additional privileges or user interaction.\n\nIn turn, a bug in Qualcomm components is described as a violation of the integrity of information in the WLAN firmware memory. This vulnerability could allow remote attackers to execute arbitrary code, read sensitive information, or cause system crashes.\n\nAs usual, Google has divided the fixes into two levels: \u00a02023-09-01 and 2023-09-05. Level 2023-09-05 contains all the security fixes from the first set, as well as additional fixes for closed source and third-party kernel components that may not be relevant to all Android devices.\n\nThis month's updates cover versions of Android 11, 12, and 13, and may also affect older, unsupported versions of the OS.\n\nProject: @Redscriptandroidbotnet\n\nPrivate: @vpn809", "creation_timestamp": "2023-09-24T15:30:19.000000Z"}, {"uuid": "d5f954a1-5510-4064-9628-2a2447f39f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "https://t.me/malwaresupport/40", "content": "Android fixes 0-day vulnerability exploited by hackers\n\nSeptember updates for Android fixed 33 vulnerabilities in Google's operating system, including a zero-day issue that is currently being exploited by attackers.\n\nThe 0-day vulnerability is identified as CVE-2023-35674 and is a flaw in the Android Framework that allows attackers to escalate privileges. Exploiting the bug does not require user interaction or any additional privileges.\n\nThe company\u00a0says that the vulnerability has already been subject to \u201climited, targeted exploitation,\u201d but details about these attacks are not yet known.\n\nThree other privilege escalation issues have also been fixed as part of the Android Framework. The most severe of these \"can result in local escalation of privilege and do not require additional privileges to execute\" or any user interaction.\n\nAdditionally, the September updates fix three critical flaws in the Android System component (CVE-2023-35658, CVE-2023-35673, CVE-2023-35681) and one in closed-source Qualcomm components (CVE-2023-28581).\n\nVulnerabilities in the Android System can lead to remote code execution (RCE) and also do not require additional privileges or user interaction.\n\nIn turn, a bug in Qualcomm components is described as a violation of the integrity of information in the WLAN firmware memory. This vulnerability could allow remote attackers to execute arbitrary code, read sensitive information, or cause system crashes.\n\nAs usual, Google has divided the fixes into two levels: \u00a02023-09-01 and 2023-09-05. Level 2023-09-05 contains all the security fixes from the first set, as well as additional fixes for closed source and third-party kernel components that may not be relevant to all Android devices.\n\nThis month's updates cover versions of Android 11, 12, and 13, and may also affect older, unsupported versions of the OS.\n\nProject: @Redscriptandroidbotnet\n\nPrivate: @vpn809", "creation_timestamp": "2023-09-24T15:30:19.000000Z"}, {"uuid": "6e6a1373-a85e-4a07-96b0-16ae17a20b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "exploited", "source": "Telegram/daQ_JYr3RogsYvRmRWGgLG4vbG88oBR78PKQhViI9Rm1PrWT", "content": "", "creation_timestamp": "2023-09-07T23:32:11.000000Z"}, {"uuid": "cefc1e00-bf41-4f2f-89ef-c9bd09720b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "Telegram/__i5VdHkKbTbGwQpkw_9Vuk49wIwkpXqs_Khi500y2pakqj1", "content": "", "creation_timestamp": "2023-09-07T22:12:26.000000Z"}, {"uuid": "882b6b0b-f787-4772-ab48-821011111300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "Telegram/n-aokkpTjIC6zAtkfPW9GY5V9js3SrO6J1R2qFs6sc5964a7", "content": "", "creation_timestamp": "2023-09-07T21:59:14.000000Z"}, {"uuid": "e93f91fb-6008-4c3c-bdbd-46867f79bce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "Telegram/P4uCvb2d2Y-EwM149a0M5Eu7_buTNjZ3s16I1GblbTXRmngt", "content": "", "creation_timestamp": "2023-09-07T21:50:25.000000Z"}, {"uuid": "b7209d50-6265-4dc8-bfdb-9503da513b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3199", "content": "Hackers Factory \n\nNext Generation DorX. Built by Dorks, for Dorks.\u00a0\n\nhttps://github.com/ResearchandDestroy/DorXNGy\n\nA framework for assessing the security of L2s\n\nhttps://github.com/quantstamp/l2-security-framework\n\nMultiPlatform HTTP Reverse Shell\n\nhttps://github.com/JoelGMSec/HTTP-Shell\n\nBypassing UAC with SSPI Datagram Contexts\n\nhttps://github.com/antonioCoco/SspiUacBypass\n\nA comprehensive Python-based security tool for file scanning, malware detection, and analysis in an ever-evolving cyber landscape\n\nhttps://github.com/samhaxr/VTScanner\n\nAnother tool to perform minidump of LSASS process using few technics to avoid detection.\n\nhttps://github.com/YOLOP0wn/POSTDump\n\nExploitation of echo_driver.sys\n\nhttps://github.com/YOLOP0wn/EchoDrv\n\nEncrypted shellcode Injection to avoid Kernel triggered memory scans\n\nhttps://github.com/S3cur3Th1sSh1t/Caro-Kann\n\nProof-of-Concept for CVE-2023-38146 (\"ThemeBleed\")\n\nhttps://github.com/gabe-k/themebleed\n\nAndroid App Pin Security Issue Allowing Unauthorized Payments via Google Wallet\n\nhttps://github.com/MrTiz/CVE-2023-35671\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-02-21T13:45:38.000000Z"}, {"uuid": "9e5884c2-d5cc-4477-a216-055dc3bd1a46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/ICyberDefence/243", "content": "https://github.com/MrTiz/CVE-2023-35671", "creation_timestamp": "2023-09-14T20:32:15.000000Z"}, {"uuid": "cda928fd-3fa4-4f0d-8b4f-0a22cae6141a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3567", "type": "seen", "source": "https://t.me/cibsecurity/67159", "content": "\u203c CVE-2023-3567 \u203c\n\nA use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This flaw allows an attacker with local user access to cause a system crash or leak internal kernel information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-24T20:26:14.000000Z"}, {"uuid": "9beb28f2-87d7-49f9-aaee-8c029d83c290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/2012", "content": "Android App Pin Security Issue Allows Unauthorized Payments via Google Wallet even with enabled \"Require device unlock for NFC\" option (CVE-2023-35671)\nWhile in pinned mode, all other apps become temporarily inaccessible, except Google Wallet.\nPoC: https://github.com/MrTiz/CVE-2023-35671", "creation_timestamp": "2023-11-03T10:24:50.000000Z"}, {"uuid": "bcd3e7d5-cf56-4cca-ad97-4e7200c3573c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "exploited", "source": "https://t.me/thehackernews/3835", "content": "\ud83d\udea8 Urgent update! \n \nGoogle's latest patch addresses a high-severity vulnerability in the Android Framework (CVE-2023-35674) that is currently being actively exploited in the wild. \n \nLearn more: https://thehackernews.com/2023/09/zero-day-alert-latest-android-patch.html", "creation_timestamp": "2023-09-06T16:05:21.000000Z"}, {"uuid": "7729f390-4405-4604-85ab-d2a22f2a4465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971881", "content": "", "creation_timestamp": "2024-12-24T20:35:11.620726Z"}, {"uuid": "a8682c32-2e70-49d3-843c-c6c899b6273a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3567", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "47bb9a1b-ebcd-4da6-b9e8-e4400749a516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35673", "type": "seen", "source": "https://t.me/true_secator/4818", "content": "\u0421\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Google \u0434\u043b\u044f Android \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0434\u043d\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\nAndroid Zero-Day, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-35674, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Android Framework.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Google, \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0430\u0432 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e CVE-2023-35674 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0442\u044c\u0441\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e, \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0440\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c spyware, \u043a\u0430\u043a \u044d\u0442\u043e \u0443\u0436\u0435 \u0431\u044b\u043b\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 0-day Android.\n\n\u0412 Framework \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0435\u0449\u0435 5 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: 3 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0430 2 \u2014 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0412\u0441\u0435 6 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u044b\u043b\u0438 \u0440\u0435\u0448\u0435\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Android \u043e\u0442 2023-09-01, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 14 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445.\n\n\u0418\u0437 \u043d\u0438\u0445 \u0442\u0440\u0438 (CVE-2023-35658, CVE-2023-35673, CVE-2023-35681) \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: 6 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 4 \u2014 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 1 \u2014 \u043a DoS.\n\nGoogle \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Project Mainline \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u0447\u0435\u0440\u0435\u0437 Google Play.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f Android, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0432 \u0432\u0438\u0434\u0435\u00a0\u043f\u0430\u0442\u0447\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 05 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2023,\u00a0\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b 12 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Qualcomm.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0432\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u044f\u0434\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043d\u0435 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u044c\u0441\u044f \u043a\u043e \u0432\u0441\u0435\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c Android.", "creation_timestamp": "2023-09-07T09:36:42.000000Z"}, {"uuid": "2467ae45-f90b-4df5-ac08-ea55f5233748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "https://t.me/true_secator/4818", "content": "\u0421\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Google \u0434\u043b\u044f Android \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0434\u043d\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\nAndroid Zero-Day, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-35674, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Android Framework.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Google, \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0430\u0432 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e CVE-2023-35674 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0442\u044c\u0441\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e, \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0440\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c spyware, \u043a\u0430\u043a \u044d\u0442\u043e \u0443\u0436\u0435 \u0431\u044b\u043b\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 0-day Android.\n\n\u0412 Framework \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0435\u0449\u0435 5 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: 3 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0430 2 \u2014 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0412\u0441\u0435 6 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u044b\u043b\u0438 \u0440\u0435\u0448\u0435\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Android \u043e\u0442 2023-09-01, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 14 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445.\n\n\u0418\u0437 \u043d\u0438\u0445 \u0442\u0440\u0438 (CVE-2023-35658, CVE-2023-35673, CVE-2023-35681) \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: 6 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 4 \u2014 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 1 \u2014 \u043a DoS.\n\nGoogle \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Project Mainline \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u0447\u0435\u0440\u0435\u0437 Google Play.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f Android, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0432 \u0432\u0438\u0434\u0435\u00a0\u043f\u0430\u0442\u0447\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 05 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2023,\u00a0\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b 12 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Qualcomm.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0432\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u044f\u0434\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043d\u0435 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u044c\u0441\u044f \u043a\u043e \u0432\u0441\u0435\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c Android.", "creation_timestamp": "2023-09-07T09:36:42.000000Z"}, {"uuid": "56cac913-9a59-4e66-8c33-8e0afae5d454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9019", "content": "#exploit \n1. CVE-2023-3244:\nWordPress Missing Authorization\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\n2. CVE-2023-35671:\nAndroid App Pin Security Issue\nhttps://github.com/MrTiz/CVE-2023-35671", "creation_timestamp": "2023-09-14T11:00:52.000000Z"}, {"uuid": "ec6f4572-8cdc-464f-8c4c-82de2c19b146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/968", "content": "#exploit \n1. CVE-2023-3244:\nWordPress Missing Authorization\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\n2. CVE-2023-35671:\nAndroid App Pin Security Issue\nhttps://github.com/MrTiz/CVE-2023-35671", "creation_timestamp": "2024-08-16T08:24:34.000000Z"}, {"uuid": "582007dc-1f0f-4b9f-bf04-7e876d71cc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-09-13T18:10:02.000000Z"}, {"uuid": "16c4c635-2146-4040-b0a6-66691dc4f707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:46.000000Z"}, {"uuid": "84efe22c-3b99-485f-baf1-afce2e43ed6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9c66c1c7-ea90-437f-bd9a-10282031fb74", "content": "", "creation_timestamp": "2026-02-02T12:26:50.848572Z"}, {"uuid": "9aa9e9d2-f473-49f7-8ceb-ac55eaf2f49f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "https://t.me/cyberbannews_ir/8989", "content": "\ud83d\udcf1\u0647\u0634\u062f\u0627\u0631 \u0646\u0642\u0636 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0627\u064e\u067e\u0644 \u0648 \u0627\u0646\u062f\u0631\u0648\u06cc\u062f \u062f\u0631 \u0627\u0645\u0627\u0631\u0627\u062a\n\n\u25fe\ufe0f \u0634\u0648\u0631\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0627\u0645\u0627\u0631\u0627\u062a \u062f\u0631 \u062a\u0648\u06cc\u06cc\u062a\u06cc \u062e\u0627\u0637\u0631\u0646\u0634\u0627\u0646 \u06a9\u0631\u062f \u06a9\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0627\u0636\u0637\u0631\u0627\u0631\u06cc \u0627\u064e\u067e\u0644 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc \u0631\u0627 \u0628\u0627 \u00abCVE-2023-41064\u00bb\u060c \u00abCVE-2023-41061\u00bb \u0648 \u00abCVE-2023-35674\u00bb \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0627\u0646\u062f\u0631\u0648\u06cc\u062f\u06cc \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n|\u0627\u062f\u0627\u0645\u0647 \u0627\u06cc\u0646 \u062e\u0628\u0631 \u0631\u0627 \u062f\u0631 \u0633\u0627\u06cc\u062a \u0628\u062e\u0648\u0627\u0646\u06cc\u062f|\n\n#\u0627\u0645\u0627\u0631\u0627\u062a #\u0627\u067e\u0644 #\u0627\u0646\u062f\u0631\u0648\u06cc\u062f #\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc #\u0627\u0645\u0646\u06cc\u062a #\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0633\u0627\u06cc\u0628\u0631\u0628\u0627\u0646\n\u2796\u2796\u2796\u2796\u2796\n\u26ab\ufe0f\u0645\u0640\u0640\u0648\u0633\u0640\u0633\u0640\u0647 \u0627\u0637\u0640\u0644\u0627\u0639 \u0631\u0633\u0640\u0640\u0627\u0646\u06cc \u0633\u0640\u0640\u0627\u06cc\u0628\u0631\u0628\u0627\u0646\ud83d\udc47\n\ud83d\udce1@cyberbannews_ir", "creation_timestamp": "2023-09-09T05:44:40.000000Z"}, {"uuid": "6f997d68-44c7-4dd6-8f43-b72d8890709e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "Telegram/63J2pVQJBaIknmjZGA_IHn5x98Q9jXCZX7v9RgXfkNAcIQ", "content": "", "creation_timestamp": "2023-09-06T17:11:46.000000Z"}, {"uuid": "17165050-b5a7-4532-b5f2-d2915b4b1096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35674", "type": "seen", "source": "https://t.me/KomunitiSiber/752", "content": "Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw\nhttps://thehackernews.com/2023/09/zero-day-alert-latest-android-patch.html\n\nGoogle has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild.\nTracked as\u00a0CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the\u00a0Android Framework.\n\u201cThere are indications that CVE-2023-35674 may be under limited, targeted exploitation,\u201d the", "creation_timestamp": "2023-09-06T18:31:04.000000Z"}, {"uuid": "fe8f60dc-58b5-4b72-9dc1-8d7c33290454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "Telegram/P5tOqaNYpa4mksBCVgBvbZ9Y5JDv_efKf8Rw00ByTByiMmk", "content": "", "creation_timestamp": "2023-09-17T15:10:55.000000Z"}, {"uuid": "9495c425-4b7d-4f48-a6e1-31b8a3414b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35671", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1113", "content": "https://github.com/MrTiz/CVE-2023-35671\nAndroid\u5e94\u7528\u7a0b\u5e8fPin\u5b89\u5168\u95ee\u9898\u5141\u8bb8\u901a\u8fc7\u8c37\u6b4c\u94b1\u5305\u8fdb\u884c\u672a\u7ecf\u6388\u6743\u7684\u652f\u4ed8\n#github #poc", "creation_timestamp": "2023-10-09T18:27:39.000000Z"}]}