{"vulnerability": "CVE-2023-4177", "sightings": [{"uuid": "2d74be5e-09c9-4745-9de5-f058f2b1dbf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-41772", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mhgtck554s23", "content": "", "creation_timestamp": "2026-03-19T20:21:42.485641Z"}, {"uuid": "9c45704f-140b-4765-bc0e-f7b2fa56de1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "seen", "source": "https://projectzero.google/2026/02/gphfh-deep-dive.html", "content": "", "creation_timestamp": "2026-02-26T07:00:00.000000Z"}, {"uuid": "12a97607-66d6-4b7d-8fc3-686aa4c5676b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41775", "type": "seen", "source": "https://t.me/cibsecurity/70141", "content": "\u203c CVE-2023-41775 \u203c\n\nImproper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user's consent.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-08T12:19:27.000000Z"}, {"uuid": "bb3ad82e-d8a8-4c26-8653-34efb0ebdcdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9620", "content": "#exploit\n1. CVE-2023-50917:\nMajorDoMo Unauthenticated RCE\nhttps://github.com/Chocapikk/CVE-2023-50917\n\n2. CVE-2023-41772:\nUIFuckUp exploit to gain system privileges as user on Windows 10 (>=1809) and 11\nhttps://github.com/R41N3RZUF477/CVE-2023-41772\n\n3. CVE-2023-49786:\nAsterisk 20.1.0 - DoS via DTLS\nhttps://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html", "creation_timestamp": "2023-12-20T11:00:39.000000Z"}, {"uuid": "80a742a1-3135-46af-af25-5d39ae017fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "exploited", "source": "https://t.me/LearnExploit/5792", "content": "CVE-2023-41772 - UIFuckUp exploit to gain system privileges as user on Windows 10 (1809 and up) and 11\n\nGithub\n\n#CVE #Exploit #Windows \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-12-21T13:21:00.000000Z"}, {"uuid": "55ae467d-2639-4cd7-9779-732d24ecaf75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41776", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-41776\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges.\n\n\n\n\ud83d\udccf Published: 2024-01-03T01:56:48.148Z\n\ud83d\udccf Modified: 2025-06-16T18:15:21.364Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404", "creation_timestamp": "2025-06-16T18:38:49.000000Z"}, {"uuid": "2e1f1a01-d854-406a-9ba8-ec87ff920f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "seen", "source": "https://t.me/arpsyndicate/2057", "content": "#ExploitObserverAlert\n\nCVE-2023-41772\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41772. Win32k Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.000480000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-21T18:05:03.000000Z"}, {"uuid": "354ce6ac-e57c-4c23-b1d4-1fe78e17b249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41779", "type": "seen", "source": "https://t.me/ctinow/162159", "content": "https://ift.tt/cn3yTWZ\nCVE-2023-41779", "creation_timestamp": "2024-01-03T03:26:27.000000Z"}, {"uuid": "39addc06-cefc-4d59-b3bf-9962b2d3ce0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41776", "type": "seen", "source": "https://t.me/ctinow/162158", "content": "https://ift.tt/vAl04ri\nCVE-2023-41776", "creation_timestamp": "2024-01-03T03:26:26.000000Z"}, {"uuid": "cf1be69e-c2cc-4ebb-aa96-bdfdff6657aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41771", "type": "seen", "source": "https://t.me/cibsecurity/72039", "content": "\u203c CVE-2023-41771 \u203c\n\nLayer 2 Tunneling Protocol Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:29:53.000000Z"}, {"uuid": "46a53d47-82ec-4bc1-ab36-aa60ceab6c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4177", "type": "seen", "source": "https://t.me/cibsecurity/67831", "content": "\u203c CVE-2023-4177 \u203c\n\nA vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This issue affects some unknown processing of the component Multi-Factor Authentication Code Handler. The manipulation leads to information disclosure. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 7.205.0.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-236213 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-06T12:12:21.000000Z"}, {"uuid": "111d0e98-788a-4869-a302-d02250c9036c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1733", "content": "https://github.com/R41N3RZUF477/CVE-2023-41772\nUIFuckUp exploit to gain system privileges as user on Windows 10 (1809 and up) and 11.\n\n#\u63d0\u6743  #tools  #github", "creation_timestamp": "2023-12-21T07:50:20.000000Z"}, {"uuid": "75aaf0e0-aef0-462a-b9ab-83fd9b7fa092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41779", "type": "seen", "source": "https://t.me/cibsecurity/74259", "content": "\u203c\ufe0fCVE-2023-41779\u203c\ufe0f\n\nThere is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed.   \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:30:50.000000Z"}, {"uuid": "7050d39e-1165-4e7d-acc2-923969e37243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41776", "type": "seen", "source": "https://t.me/cibsecurity/74258", "content": "\u203c\ufe0fCVE-2023-41776\u203c\ufe0f\n\nThere is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges.   \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:30:45.000000Z"}, {"uuid": "55983a3f-bcc3-4394-aec6-c843fdee4452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "seen", "source": "https://t.me/arpsyndicate/2064", "content": "#ExploitObserverAlert\n\nCVE-2023-41772\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-41772. Win32k Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.000480000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-22T19:27:16.000000Z"}, {"uuid": "6a45f5d3-3eee-4f1f-b5a3-5162b5b567e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41779", "type": "seen", "source": "https://t.me/ctinow/171842", "content": "https://ift.tt/goWnwMj\nCVE-2023-41779 | ZTE ZXCLOUD iRAI up to 7.23.21 memory corruption", "creation_timestamp": "2024-01-23T10:56:15.000000Z"}, {"uuid": "48a4bb55-ce55-4a69-8871-54174266c28e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41776", "type": "seen", "source": "https://t.me/ctinow/171943", "content": "https://ift.tt/u1F7sRf\nCVE-2023-41776 | ZTE ZXCLOUD iRAI up to 7.23.31 permission assignment", "creation_timestamp": "2024-01-23T13:31:51.000000Z"}, {"uuid": "12834257-11e4-41f2-8716-dbcbf01550f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41773", "type": "seen", "source": "https://t.me/cibsecurity/72023", "content": "\u203c CVE-2023-41773 \u203c\n\nLayer 2 Tunneling Protocol Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:23:07.000000Z"}, {"uuid": "360d07d2-0fe0-41bf-b027-be905737e107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41772", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2301", "content": "#exploit\n1. CVE-2023-50917:\nMajorDoMo Unauthenticated RCE\nhttps://github.com/Chocapikk/CVE-2023-50917\n\n2. CVE-2023-41772:\nUIFuckUp exploit to gain system privileges as user on Windows 10 (>=1809) and 11\nhttps://github.com/R41N3RZUF477/CVE-2023-41772\n\n3. CVE-2023-49786:\nAsterisk 20.1.0 - DoS via DTLS\nhttps://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html", "creation_timestamp": "2024-08-16T08:57:35.000000Z"}]}