{"vulnerability": "CVE-2024-1315", "sightings": [{"uuid": "d447e93e-d865-42af-b144-77a65898c38f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "https://t.me/thehackernews/6372", "content": "\ud83d\uded1 UPDATE: Researchers reveal tech details on credential coercion vulnerabilities (CVE-2024-13159-13161, 10811) in Ivanti EPM. Attackers could compromise servers via relay attacks.\n\n\u26a1 Patch urgently if you haven\u2019t done so already\u2014PoC exploit now in the wild.\n\nhttps://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html", "creation_timestamp": "2025-02-20T06:29:05.000000Z"}, {"uuid": "ef7031bd-bfc5-42f0-9076-cac544004b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/7080", "content": "Ivanti Endpoint Manager \u2013 Multiple Credential Coercion Vulnerabilities\n\nProof of concept exploits for Ivanti EPM CVE-2024-13159 and others which allows for unauthenticated coercion of the Ivanti EPM machine credential for use in relay attacks.\n\nPOC: https://github.com/horizon3ai/Ivanti-EPM-Coercion-Vulnerabilities", "creation_timestamp": "2025-03-30T22:19:46.000000Z"}, {"uuid": "b22d8083-a61c-4f84-96de-ceb89ea9dd51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13154", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfnnsyxpa42r", "content": "", "creation_timestamp": "2025-01-13T21:15:34.984045Z"}, {"uuid": "36e651ba-94a8-47db-adf2-5a2d30ac2a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13158", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuapcvce2r", "content": "", "creation_timestamp": "2025-01-14T18:15:56.928916Z"}, {"uuid": "7e13435b-ea9d-4b0d-a52c-40bd16ceb0ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuarlj5z2f", "content": "", "creation_timestamp": "2025-01-14T18:15:59.137524Z"}, {"uuid": "7ab14422-2b56-4ef3-917f-aa2047822bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lfvn4knnyk2v", "content": "", "creation_timestamp": "2025-01-17T01:24:20.937846Z"}, {"uuid": "abc632d1-f31a-4ded-bf7d-677b2b889e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13158", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-031/", "content": "", "creation_timestamp": "2025-01-19T05:00:00.000000Z"}, {"uuid": "bc3ee2f4-9512-410b-bd44-61eff5a96f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13157", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgznysr65x2h", "content": "", "creation_timestamp": "2025-01-31T09:15:58.579183Z"}, {"uuid": "71247e14-9e69-4723-8deb-8bb38856c876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lixa4236ft2u", "content": "", "creation_timestamp": "2025-02-24T20:52:18.961508Z"}, {"uuid": "7ef8798a-1570-4f59-8b5d-f223576ce680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lixancqmsv2f", "content": "", "creation_timestamp": "2025-02-24T21:01:58.009944Z"}, {"uuid": "49c8bbc8-0e3d-4cf5-91ef-4667173f6e23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lk4xnhhd5g25", "content": "", "creation_timestamp": "2025-03-11T21:02:09.267555Z"}, {"uuid": "3ddc1074-9295-42d6-9811-ad50566a4e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3liy4mahnjc2x", "content": "", "creation_timestamp": "2025-02-25T05:22:27.056587Z"}, {"uuid": "e9dc801b-2d4b-4456-a7f3-3aaafead4b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5bwxsby62p", "content": "", "creation_timestamp": "2025-02-14T13:16:02.219004Z"}, {"uuid": "11dfb370-9bd1-431f-9935-460148bcbb48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114002789781062858", "content": "", "creation_timestamp": "2025-02-14T14:48:43.892612Z"}, {"uuid": "f4510e9e-9a33-4bc8-9e02-0b555b7d8a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li5jp6b7t22a", "content": "", "creation_timestamp": "2025-02-14T15:34:51.197080Z"}, {"uuid": "1dd2417e-c731-42e2-8f71-5194aa17d418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3liexhpohgs2i", "content": "", "creation_timestamp": "2025-02-17T14:29:52.635388Z"}, {"uuid": "98cea611-7768-468b-9c91-eaf04ece11c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lijm7hp5d32c", "content": "", "creation_timestamp": "2025-02-19T10:51:42.411819Z"}, {"uuid": "4a476e76-61b0-4708-ac91-f18f24840c6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-925fae68-b6651114658b01d3", "content": "", "creation_timestamp": "2025-02-22T15:37:36.874728Z"}, {"uuid": "a9fd8bde-9d21-46bb-9b9a-aaddae6fd430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-03)", "content": "", "creation_timestamp": "2025-06-03T00:00:00.000000Z"}, {"uuid": "104fdd01-801b-4b95-914b-4f0a9a2442e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "8f090a40-6441-40a4-bea1-2a52b9551e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-06)", "content": "", "creation_timestamp": "2025-06-06T00:00:00.000000Z"}, {"uuid": "2f5999ca-df52-4f58-a136-5f946bf371e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-05)", "content": "", "creation_timestamp": "2025-09-05T00:00:00.000000Z"}, {"uuid": "f410d182-39dc-45fb-81cb-0414d37e1471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13151", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lz4hlgxqhk2f", "content": "", "creation_timestamp": "2025-09-18T13:32:35.716265Z"}, {"uuid": "9e40a3e5-baa0-421e-bd75-b28e91980e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13155", "type": "seen", "source": "Telegram/HsoU9F2ilqhIzwE4z7rDrGwjoK5XfqSjE0Wvp9333NDsh3eG", "content": "", "creation_timestamp": "2025-02-20T23:26:54.000000Z"}, {"uuid": "1589ef4f-5d97-4ccc-8462-c51a8b289148", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13158", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2869", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13158\n\ud83d\udd39 Description: An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.\n\ud83d\udccf Published: 2025-01-14T17:13:29.275Z\n\ud83d\udccf Modified: 2025-01-24T04:55:50.063Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6", "creation_timestamp": "2025-01-24T05:03:29.000000Z"}, {"uuid": "a392669d-58af-44c6-a2c8-138e04c2ffcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7022", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13159\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.\n\ud83d\udccf Published: 2025-01-14T17:12:57.652Z\n\ud83d\udccf Modified: 2025-03-10T17:19:20.017Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6", "creation_timestamp": "2025-03-10T17:38:19.000000Z"}, {"uuid": "540cd862-1adc-4959-adca-ec2f457a7616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/35", "content": "Ivanti Endpoint Manager \u2013 Multiple Credential Coercion Vulnerabilities\n\nProof of concept exploits for Ivanti EPM CVE-2024-13159 and others which allows for unauthenticated coercion of the Ivanti EPM machine credential for use in relay attacks.\n\nPOC: https://github.com/horizon3ai/Ivanti-EPM-Coercion-Vulnerabilities", "creation_timestamp": "2025-02-19T14:47:33.000000Z"}, {"uuid": "eb00de15-9f25-476b-b6f4-1d1f98240c35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13156", "type": "seen", "source": "https://t.me/cvedetector/15238", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13156 - WordPress HTML5 Video Player DOM-Based Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13156 \nPublished : Jan. 14, 2025, 9:15 a.m. | 17\u00a0minutes ago \nDescription : The HTML5 Video Player \u2013 mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the \u2018heading\u2019 parameter in all versions up to, and including, 2.5.35 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T10:38:38.000000Z"}, {"uuid": "7f486dfc-bfbb-4e27-a2d4-693f9069731e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "published-proof-of-concept", "source": "Telegram/d7gGT6P5w0167A29QfsK40zTkPYvAXOZDKJHbAQ3B_NYmJE", "content": "", "creation_timestamp": "2025-02-20T12:00:10.000000Z"}, {"uuid": "df761a6b-10e3-495c-82f6-b23f0ec7c8a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-13159", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3liy6dacgc22p", "content": "", "creation_timestamp": "2025-02-25T05:53:11.948335Z"}, {"uuid": "9bec66c7-2642-47fa-bb19-c69def086ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-11T05:26:42.000000Z"}, {"uuid": "7a5146cb-04ab-4ab6-9fa5-18f4aeb420c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3li6fwvr7tf2a", "content": "", "creation_timestamp": "2025-02-15T00:00:17.992621Z"}, {"uuid": "449f1f1c-6952-4056-9c42-feb02f454e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3li7o64vrlz2k", "content": "", "creation_timestamp": "2025-02-15T12:00:07.173459Z"}, {"uuid": "6509162e-908d-449f-a9ec-2fd7c364ae92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3liyneq4oos2r", "content": "", "creation_timestamp": "2025-02-25T10:22:28.092211Z"}, {"uuid": "4e1794e4-4880-44b8-a099-bba9cb1f25db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13155", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lim3tnehwk2u", "content": "", "creation_timestamp": "2025-02-20T10:36:43.974485Z"}, {"uuid": "5223943f-d7d3-468f-b733-ca89c7c879f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3liwlpnxv5s24", "content": "", "creation_timestamp": "2025-02-24T14:47:30.796431Z"}, {"uuid": "586de21c-b5ea-467b-93c5-d5b9da79177c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-10T18:10:02.000000Z"}, {"uuid": "36c298ad-0ca0-42c5-93b9-517cf77c1781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lk2ayuynhs2g", "content": "", "creation_timestamp": "2025-03-10T19:11:43.809499Z"}, {"uuid": "73e5628b-830e-4b33-9ca3-12e3fdedccba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lk2ayuz6322g", "content": "", "creation_timestamp": "2025-03-10T19:11:45.069816Z"}, {"uuid": "437ea8de-1e3b-43c0-9472-53a2dcbcdec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lk2e6kjbxk24", "content": "", "creation_timestamp": "2025-03-10T20:08:30.066371Z"}, {"uuid": "21ea9ca1-9f29-441d-afec-74e9300d45f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3lk4qv52j5z2e", "content": "", "creation_timestamp": "2025-03-11T19:01:11.060667Z"}, {"uuid": "0f5a3dae-7d03-4102-a5d8-483b881b6307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "b41c90c1-20da-4f5b-875f-ee5af8208a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "bda9a07a-6e21-4d63-9a1a-2abeaf8fe83a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://www.bleepingcomputer.com/news/security/cisa-recently-patched-ivanti-epm-flaw-now-actively-exploited/", "content": "", "creation_timestamp": "2026-03-11T13:32:03.606019Z"}, {"uuid": "703c7e31-828b-4f90-ab9a-f93f8a7e0aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9526ad2f-417c-40a4-b280-e546d919a306", "content": "", "creation_timestamp": "2026-02-02T12:26:08.532166Z"}, {"uuid": "9bbcb159-e6fc-4ce7-83e1-dc7a78839d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "Telegram/my6vNqrX1solvn-XadjYtnwfPfz7Ao_efc-ZieGiAPjxDLsO", "content": "", "creation_timestamp": "2025-02-21T22:10:24.000000Z"}, {"uuid": "1f26bdef-c940-410a-b656-a8c4d59dc985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13155", "type": "seen", "source": "https://t.me/cvedetector/18519", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13155 - Elementor Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13155 \nPublished : Feb. 20, 2025, 8:15 a.m. | 53\u00a0minutes ago \nDescription : The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: Since the widget code isn't part of the code base, to apply the patch, the affected widget: Transparent Split Hero must be deleted and reinstalled manually. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T10:38:19.000000Z"}, {"uuid": "1c95eca9-dac7-4d8f-9081-69c4949c308e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13153", "type": "seen", "source": "https://t.me/cvedetector/14823", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13153 - Elementor for WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13153 \nPublished : Jan. 9, 2025, 9:15 a.m. | 41\u00a0minutes ago \nDescription : The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.135 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: Since the widget code isn't part of the code, to apply the patch, the affected widgets: Image Tooltip, Notification, Simple Popup, Video Play Button, and Card Carousel, must be deleted and reinstalled manually. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T11:04:22.000000Z"}, {"uuid": "cdd92dcb-cf4a-4ed4-95e8-a0002c006220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "published-proof-of-concept", "source": "Telegram/lVJgfs5XAHvajpl794U45S89a4qLDVmI9MW4eeqQE3QLlDc", "content": "", "creation_timestamp": "2025-02-19T16:00:09.000000Z"}, {"uuid": "d86115b2-7f81-44ee-a1bc-b6654469f178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13153", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcdpimdlt2x", "content": "", "creation_timestamp": "2025-01-09T09:15:22.590864Z"}, {"uuid": "17c4815b-c095-4918-ac9c-dc324e4eb7c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13156", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfow2tpur22f", "content": "", "creation_timestamp": "2025-01-14T09:15:47.464340Z"}, {"uuid": "ae29b05a-03c7-4bb6-9a48-52c544ca6913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13156", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfoxubwrlt2i", "content": "", "creation_timestamp": "2025-01-14T09:47:55.424645Z"}, {"uuid": "2cf7d8d6-d49d-44ee-b4b0-023bf27cdac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13158", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827859560170423", "content": "", "creation_timestamp": "2025-01-14T17:21:39.008280Z"}, {"uuid": "541c6ec9-abf9-40ac-be23-6a6a6157a538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827859575039311", "content": "", "creation_timestamp": "2025-01-14T17:21:39.336503Z"}, {"uuid": "72243031-210b-45a6-83fe-cef80b7efab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13156", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113825764267381499", "content": "", "creation_timestamp": "2025-01-14T08:28:47.359303Z"}, {"uuid": "460885d7-0c08-4fc5-b1ec-019a64c30fb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lftwfxd45224", "content": "", "creation_timestamp": "2025-01-16T09:05:19.299271Z"}, {"uuid": "e8cbbb12-d0e3-4f84-b3e7-234ede13677d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lftwjio2kc2n", "content": "", "creation_timestamp": "2025-01-16T09:07:19.173510Z"}, {"uuid": "d8b2db65-8cc0-45a6-bbfa-de8e03556960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3533543", "content": "", "creation_timestamp": "2025-03-10T20:37:16.530432Z"}, {"uuid": "a6a0f621-a156-417f-a02e-3d101807a241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lix6fvo42i2b", "content": "", "creation_timestamp": "2025-02-24T20:22:01.515295Z"}, {"uuid": "600f8db3-8a69-4378-a8b0-6c75a11287d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lk4uiidp622i", "content": "", "creation_timestamp": "2025-03-11T20:05:45.496005Z"}, {"uuid": "765789eb-4c25-4632-96fa-d88e8d0901c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lk4wpiagyk2x", "content": "", "creation_timestamp": "2025-03-11T20:45:32.908575Z"}, {"uuid": "ddb86fba-b57d-4b0b-b37c-2fe3e8a606b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lixyh46mq222", "content": "", "creation_timestamp": "2025-02-25T04:08:06.321234Z"}, {"uuid": "0d0c1f14-b8e9-4d30-b3d5-1f98d69d1155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "e5c4f176-6096-4c32-a24c-a4cdda40fa61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-12)", "content": "", "creation_timestamp": "2025-06-12T00:00:00.000000Z"}, {"uuid": "0cbcb094-9155-475f-a811-7c2c889569d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "cba8b5cb-f97c-48db-8b79-3bfea55c8e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:31:00.000000Z"}, {"uuid": "c7d66fbd-5d8f-4b6f-a612-d118c7782ca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9526ad2f-417c-40a4-b280-e546d919a306", "content": "", "creation_timestamp": "2026-02-02T12:26:08.532166Z"}, {"uuid": "2f97e1aa-af16-41b0-8e10-4015268456dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1461", "content": "", "creation_timestamp": "2025-01-17T04:00:00.000000Z"}, {"uuid": "1d810502-e938-4af8-8970-80cf2288098f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "c569b634-cafb-4392-8e99-edf294efcdf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "09f46b75-dc9c-4322-8ad1-2a8d150cf035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-18)", "content": "", "creation_timestamp": "2026-04-18T00:00:00.000000Z"}, {"uuid": "943bb7eb-0fce-4680-b783-6baeaead57e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13152", "type": "seen", "source": "Telegram/rZOB5HJh1Wg-Kt1Gw9ZIpiU3CB9mHY7rAyq1sKMHN2ncEvUc", "content": "", "creation_timestamp": "2025-02-14T21:08:29.000000Z"}, {"uuid": "dfaf841e-4107-4066-8f6f-658009e2eb9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13156", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1467", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13156\n\ud83d\udd39 Description: The HTML5 Video Player \u2013 mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the \u2018heading\u2019 parameter in all versions up to, and including, 2.5.35 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-14T08:23:14.833Z\n\ud83d\udccf Modified: 2025-01-14T08:23:14.833Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e0b26af2-d559-49bf-841a-1974360b3ad6?source=cve\n2. https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/dist/frontend.js\n3. https://wordpress.org/plugins/html5-video-player/#developers\n4. https://plugins.trac.wordpress.org/changeset/3221089/", "creation_timestamp": "2025-01-14T09:10:39.000000Z"}, {"uuid": "255592f7-606c-4a0f-bfe4-ed796aa6e249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "Telegram/A7tiL6-4Pub_cvqsl3mn41d6s3nW-fl5MNfqhYq0_o4sF65-", "content": "", "creation_timestamp": "2025-03-11T04:41:14.000000Z"}, {"uuid": "7679dafd-dd0c-4362-b8f0-40cd3688879e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://t.me/CyberSecurityIL/67448", "content": "\u05d4\u05e1\u05d5\u05db\u05e0\u05d5\u05ea \u05dc\u05d4\u05d2\u05e0\u05ea \u05e1\u05d9\u05d9\u05d1\u05e8 \u05d5\u05ea\u05e9\u05ea\u05d9\u05d5\u05ea \u05d1\u05d0\u05e8\u05d4\"\u05d1 (CISA) \u05de\u05d5\u05e1\u05d9\u05e4\u05d4 \u05e9\u05dc\u05d5\u05e9 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05dc\u05de\u05d0\u05d2\u05e8 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 Ivanti Endpoint Manager (EPM) \ud83e\udee5\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d4\u05df:\n- CVE-2024-13159\n- CVE-2024-13160 \n- CVE-2024-13161\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d3\u05d5\u05d5\u05d7\u05d5 \u05db\u05d1\u05e8 \u05d1\u05d0\u05d5\u05e7\u05d8\u05d5\u05d1\u05e8 24 \u05d5\u05d9\u05e6\u05d0 \u05dc\u05d4\u05dd \u05ea\u05d9\u05e7\u05d5\u05df \u05d1\u05d9\u05e0\u05d5\u05d0\u05e8 25.\n\nhttps://t.me/CyberSecurityIL/6781\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2025-03-11T14:36:14.000000Z"}, {"uuid": "068fcfc9-b3aa-4b2b-aabe-757cf94477b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "seen", "source": "https://t.me/true_secator/6633", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Avalanche, Application Control Engine \u0438 EPM.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0447\u0435\u0442\u044b\u0440\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 Ivanti EPM, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nCVE-2024-10811, CVE-2024-13159 - CVE-2024-13161 \u0438\u043c\u0435\u044e\u0442 9,8 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 EMP 2024 \u0438 2022 SU6 \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u043d\u043e\u044f\u0431\u0440\u044c 2024.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 12 \u0432\u044b\u0441\u043e\u043a\u043e\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE, DoS \u0438 EoP \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u0430 Avalanche 6.4.7 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 CVE-2024-13179 - CVE-2024-13181 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u043c\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u0415\u0449\u0435 \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e Ivanti \u0433\u043e\u0442\u043e\u0432\u0438\u0442 \u0434\u043b\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u043a\u0441\u0435\u0441\u0441\u0443\u0430\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u0442\u044c\u0441\u044f \u0432\u043c\u0435\u0441\u0442\u0435 \u0441\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c (\u0444\u043e\u0442\u043e \u043f\u0440\u0438\u043b\u0430\u0433\u0430\u0435\u043c).", "creation_timestamp": "2025-01-17T18:40:05.000000Z"}, {"uuid": "0940bb26-788b-4449-aa5a-6db62df6b7e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13159", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6764", "content": "\u0418 \u0432\u043d\u043e\u0432\u044c \u0447\u0435\u0440\u043d\u0430\u044f (\u043a\u043e\u0440\u0438\u0447\u043d\u0435\u0432\u0430\u044f) \u043f\u043e\u043b\u043e\u0441\u0430 \u0432 \u0436\u0438\u0437\u043d\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Palo Alto Networks \u0438 Ivanti.\n\n\u0423 \u043f\u0435\u0440\u0432\u044b\u0445 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 PAN-OS\u2019\u043e\u043c, \u0442\u0435\u043f\u0435\u0440\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2025-0111) \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0430\u0442\u0430\u043a \u0441 \u0434\u0432\u0443\u043c\u044f \u0434\u0440\u0443\u0433\u0438\u043c\u0438 CVE-2025-0108 \u0438 CVE-2024-9474 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 \u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2025-0108 12 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Assetnote\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 PoC,\u00a0\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439, \u043a\u0430\u043a CVE-2025-0108 \u0438 CVE-2024-9474 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 root \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 PAN-OS.\n\nCVE-2024-9474 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 PAN-OS, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2024 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 PAN-OS \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root. \u0423\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f.\n\n\u0414\u043d\u0435\u043c \u043f\u043e\u0437\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f GreyNoise \u043d\u0430\u0447\u0430\u043b\u0430 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438\u00a0\u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u0441 \u0434\u0432\u0443\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432.\n\n\u0417\u0430\u0442\u0435\u043c \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0441\u044f, \u043d\u043e \u0438, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c GreyNoise, \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u0440\u043e\u0441\u043b\u0430.\n\nGreyNoise \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 25 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 CVE-2025-0108, \u0442\u043e\u0433\u0434\u0430 \u043a\u0430\u043a \u0432 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u0442 13 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0431\u044b\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u0432\u0430. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430\u043c\u0438 \u0430\u0442\u0430\u043a \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0421\u0428\u0410, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044f \u0438 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u044b.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Macnica \u042e\u0442\u0430\u043a\u0430 \u0421\u044d\u0434\u0437\u0438\u044f\u043c\u0430 \u0432\u044b\u044f\u0432\u0438\u043b \u0442\u044b\u0441\u044f\u0447\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 PAN-OS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0441\u0432\u043e\u0439 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVE-2025-0108 \u0438 CVE-2025-0111, \u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0441\u0432\u043e\u0439 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u0418\u0437 3490 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0435\u0441\u044f\u0442\u043a\u043e\u0432 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044c.\n\n\u0418\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 1168 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 CVE-2025-0108 \u0438 CVE-2025-0111, \u043d\u043e \u0438\u043c\u0435\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2024-9474.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441\u043e\u043e\u0431\u0449\u0438\u043b, \u0447\u0442\u043e \u043f\u0440\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0435 \u0432 \u043f\u0440\u0438\u0437\u043c\u0435 \u0432\u0441\u0435\u0445 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, 65% (2262 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430) \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0438\u0437 \u043d\u0438\u0445.\n\n\u041f\u043e Ivanti \u0432\u0441\u0435 \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 \u0438 CVE-2024-13159 (CVSS 9,8) \u0432 Ivanti Endpoint Manager (EPM) \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Horizon3.ai \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0438\u0441\u044c PoC.\n\n\u042d\u0442\u043e \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043c\u0430\u0448\u0438\u043d\u044b Ivanti EPM \u0432 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0437\u0430\u0442\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 EPM.", "creation_timestamp": "2025-02-20T18:30:05.000000Z"}]}