{"vulnerability": "CVE-2024-2188", "sightings": [{"uuid": "01a1f5df-5863-4548-9364-0bcc38663c29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/thehackernews/4614", "content": "\ud83d\uded1 Attention APT hunters! Chinese hacker groups UNC5325 & UNC3886 are exploiting Ivanti flaws (CVE-2024-21893 & CVE-2024-21887) to deploy persistent malware (LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, PITHOOK). \n \nLearn more: https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html", "creation_timestamp": "2024-02-29T06:53:04.000000Z"}, {"uuid": "b8e28aa9-0bd6-453c-b6c8-f9fd1e3ea804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/thehackernews/4382", "content": "\u26a0\ufe0f Urgent Alert: Chinese hackers exploiting two NEW ZERO-DAY vulnerabilities (CVE-2023-46805 & CVE-2024-21887) in Ivanti Connect Secure and Policy Secure.  \n \nRead more: https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html \n \nPatches incoming, but immediate action (temporary workarounds) is needed.", "creation_timestamp": "2024-01-11T06:56:19.000000Z"}, {"uuid": "780eab10-f342-40df-b783-773c59e438ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "exploited", "source": "https://t.me/thehackernews/4485", "content": "\u26a1 ALERT: Two high-severity flaws found in Ivanti's Connect Secure, Policy Secure and Neurons for ZTA. \n \nCVE-2024-21893 is actively exploited, granting access to restricted resources. CVE-2024-21888 enables escalation to admin. \n \nDetails \u2192 https://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html", "creation_timestamp": "2024-01-31T16:20:45.000000Z"}, {"uuid": "23cc5d72-ebfb-4724-812f-6002df307359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9821", "content": "#tools\n#Blue_Team_Techniques\nTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805/CVE-2024-21887\nhttps://github.com/rxwx/pulse-meter\n]-> https://github.com/tucommenceapousser/CVE-2024-21887", "creation_timestamp": "2024-01-21T17:17:19.000000Z"}, {"uuid": "a7afff72-98ac-442c-89ec-e4f019438f9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9787", "content": "#tools\n#Red_Team_Tactics\n1. PoC Checker for Ivanti CVE-2024-21887 (Command injcetion)\nhttps://github.com/oways/ivanti-CVE-2024-21887\n2. All Tools For Hacking Activity: Exploiter, Checker, Webshell Finder, Grabber, Searching, Bruteforce, Random, and others tools\nhttps://github.com/DarkSkull777/DarkCool\n3. Syscalls via Vectored Exception Handling\nhttps://redops.at/en/blog/syscalls-via-vectored-exception-handling", "creation_timestamp": "2024-01-15T10:59:01.000000Z"}, {"uuid": "1f1ec579-90ef-4d6d-a9a1-8f041429901b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9791", "content": "#Threat_Research\n1. NextGen Mirth Connect Pre-Auth RCE (CVE-2023-43208)\nhttps://www.horizon3.ai/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce\n2. The SSLVPN Chaos Continues - Ivanti CVE-2023-46805, CVE-2024-21887\nhttps://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887", "creation_timestamp": "2024-01-15T18:04:14.000000Z"}, {"uuid": "57ce72ae-6b99-4f24-8ec3-4c6472e2cbb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "", "content": "", "creation_timestamp": "2024-10-18T12:26:14.155193Z"}, {"uuid": "9ec58319-879c-4d93-8f95-a24838b22999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-21)", "content": "", "creation_timestamp": "2025-01-21T00:00:00.000000Z"}, {"uuid": "0944ef85-0970-43cf-a15a-f748c19980ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-18)", "content": "", "creation_timestamp": "2025-01-18T00:00:00.000000Z"}, {"uuid": "f332b146-9dde-4265-a6a2-48589c308e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-17)", "content": "", "creation_timestamp": "2025-01-17T00:00:00.000000Z"}, {"uuid": "45d3b839-00c3-46ed-b4ca-0216121293b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-16)", "content": "", "creation_timestamp": "2025-01-16T00:00:00.000000Z"}, {"uuid": "b270c3d1-39d0-4971-8df9-5e95f8596eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-19)", "content": "", "creation_timestamp": "2025-01-19T00:00:00.000000Z"}, {"uuid": "66ac8a43-5ae9-4e8e-9fed-fe67302de1d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-22)", "content": "", "creation_timestamp": "2024-12-22T00:00:00.000000Z"}, {"uuid": "bf55e53a-e178-4084-b508-1754accd995c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-28)", "content": "", "creation_timestamp": "2024-12-28T00:00:00.000000Z"}, {"uuid": "f016fbc2-920d-4920-a760-27d05b497cb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-26)", "content": "", "creation_timestamp": "2024-10-26T00:00:00.000000Z"}, {"uuid": "0b0e34da-73fd-4899-8d87-3e09ad3e2ec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-29)", "content": "", "creation_timestamp": "2024-10-29T00:00:00.000000Z"}, {"uuid": "2a6c3bd5-2b0e-4d08-b505-ab58237b5c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "8ccdd879-946e-41fd-9fa9-3e752714da05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-30)", "content": "", "creation_timestamp": "2024-10-30T00:00:00.000000Z"}, {"uuid": "37c07b36-25ed-4b7e-8fba-d86e55352579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-31)", "content": "", "creation_timestamp": "2024-10-31T00:00:00.000000Z"}, {"uuid": "93791444-612f-4ab8-aa50-4adeb3dbcf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-23)", "content": "", "creation_timestamp": "2024-11-23T00:00:00.000000Z"}, {"uuid": "22930f58-2d24-4673-b911-b96d4a951855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-25)", "content": "", "creation_timestamp": "2024-11-25T00:00:00.000000Z"}, {"uuid": "de521a09-9d02-466b-b84d-b30e8450a95b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-27)", "content": "", "creation_timestamp": "2024-11-27T00:00:00.000000Z"}, {"uuid": "3f06bdcd-bb64-4113-942e-c3c609fde925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-18)", "content": "", "creation_timestamp": "2024-12-18T00:00:00.000000Z"}, {"uuid": "b2121564-2e6c-4e6a-94f1-9be62ef42663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "2666c6fd-4f84-4c91-8397-725f79829ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-07)", "content": "", "creation_timestamp": "2025-02-07T00:00:00.000000Z"}, {"uuid": "b51e601f-24f9-4ca6-b218-6392624f70d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:00.000000Z"}, {"uuid": "1374b0de-c821-4bf2-b603-221e70173e3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "bee0ba29-b0b1-4ba8-b10d-8e0b311a5307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:00.000000Z"}, {"uuid": "cfec87a9-a462-4136-b0f2-1219f05a9569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-11)", "content": "", "creation_timestamp": "2025-02-11T00:00:00.000000Z"}, {"uuid": "f276ae3d-bf2d-4ffa-a58d-4be9ede2df40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "a7a87652-dd32-4c6b-a89c-32a9e59898ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-24)", "content": "", "creation_timestamp": "2025-02-24T00:00:00.000000Z"}, {"uuid": "7add63c2-1432-4565-8a5d-eaed96c1c877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "09ec212b-29e3-4d80-b09a-3ef8f685bf7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-10)", "content": "", "creation_timestamp": "2025-03-10T00:00:00.000000Z"}, {"uuid": "4b097ac0-2f8e-4025-afbe-77bd1fd56118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-21)", "content": "", "creation_timestamp": "2025-02-21T00:00:00.000000Z"}, {"uuid": "60c8e91d-1e36-481d-adfe-5da8c1190861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-28)", "content": "", "creation_timestamp": "2025-03-28T00:00:00.000000Z"}, {"uuid": "1e4342c7-e659-48f8-bfcc-4a4ace4ba47a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-01)", "content": "", "creation_timestamp": "2025-04-01T00:00:00.000000Z"}, {"uuid": "4fd5773e-50cd-45eb-83f7-725f58006de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-14)", "content": "", "creation_timestamp": "2025-07-14T00:00:00.000000Z"}, {"uuid": "719a8de4-01ca-4887-bdb7-05f4dbf98c1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-04)", "content": "", "creation_timestamp": "2025-04-04T00:00:00.000000Z"}, {"uuid": "84a13c28-d99c-46c5-ad8d-0769ba09cb5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "19b3b072-d369-4782-b3d1-6b437548f9eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "3a087847-6a7d-4959-a442-4fce535a2b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/db5f885b-7a82-4952-b138-956e39033df0", "content": "", "creation_timestamp": "2025-04-15T14:26:29.000000Z"}, {"uuid": "6c1a6dd0-1dfd-448f-b053-42f3335bc990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "792fa819-31d3-440a-9b7a-f1f8eb876840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "b66a2f92-7dd1-4fe5-ac74-bc8c11173292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "773682ab-8093-4125-82a7-c962de33baea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e1523a5c-9dce464b104523e0", "content": "", "creation_timestamp": "2025-06-26T08:53:35.178080Z"}, {"uuid": "6191fc26-e6eb-478b-a7c3-2e84513cfdcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "40da89be-aad6-4af1-ad3c-4b159c14f31f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-03)", "content": "", "creation_timestamp": "2025-05-03T00:00:00.000000Z"}, {"uuid": "5d885e51-2b89-48e4-a350-4bb01f2dfca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "5990768f-c455-4525-ab0c-3c1e8ed07c58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "86e8427c-93b6-4c0a-85c9-aeddb1beddaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "1c1d5205-e2b0-46bd-9001-7c747bb2402f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-06)", "content": "", "creation_timestamp": "2025-07-06T00:00:00.000000Z"}, {"uuid": "6226481f-4f6e-4e28-a9a6-2e75db6e762b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-09)", "content": "", "creation_timestamp": "2025-05-09T00:00:00.000000Z"}, {"uuid": "07bf93fd-bc89-4caf-8a32-a4530e1b16a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-20)", "content": "", "creation_timestamp": "2025-05-20T00:00:00.000000Z"}, {"uuid": "309b2bfa-1b51-4b2a-b719-25b86600fc15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-20)", "content": "", "creation_timestamp": "2025-07-20T00:00:00.000000Z"}, {"uuid": "1d00c550-d69a-42d2-9b39-f1758beaab3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-05)", "content": "", "creation_timestamp": "2025-09-05T00:00:00.000000Z"}, {"uuid": "8cad991a-3875-4e6c-a5eb-d29fef27d9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-27)", "content": "", "creation_timestamp": "2025-10-27T00:00:00.000000Z"}, {"uuid": "a937d356-746d-4332-9de6-3d5debd724ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-26)", "content": "", "creation_timestamp": "2025-07-26T00:00:00.000000Z"}, {"uuid": "a5d1178f-bae9-4572-b68f-f9a0b0289ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-27)", "content": "", "creation_timestamp": "2025-07-27T00:00:00.000000Z"}, {"uuid": "218d144e-c5fc-4913-9323-66b5d2b3f7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-27)", "content": "", "creation_timestamp": "2025-09-27T00:00:00.000000Z"}, {"uuid": "cc1b899c-f29f-4f28-ab76-d27e6127cf28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-20)", "content": "", "creation_timestamp": "2025-09-20T00:00:00.000000Z"}, {"uuid": "d30d1ea8-868d-4c9b-a3ff-e578971e7453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-13)", "content": "", "creation_timestamp": "2025-09-13T00:00:00.000000Z"}, {"uuid": "42cbe4bf-6c50-41c4-a678-364028c992bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-06)", "content": "", "creation_timestamp": "2025-09-06T00:00:00.000000Z"}, {"uuid": "14d582d1-fc9c-4448-9d59-546a26281159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://gist.github.com/Hamid-K/f4288dae3a1f2dea8905b1cf16d59c1b", "content": "", "creation_timestamp": "2025-10-03T16:37:38.000000Z"}, {"uuid": "5186b087-f902-45cb-baa7-ee35b8aada1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-28)", "content": "", "creation_timestamp": "2025-09-28T00:00:00.000000Z"}, {"uuid": "ee069bdb-78f5-4da9-99ab-a805280158ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "fcfb6b9a-4982-409e-b884-1272113ff19e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-17)", "content": "", "creation_timestamp": "2025-08-17T00:00:00.000000Z"}, {"uuid": "ec3b26c2-205f-4744-aabe-fa08a5c00de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-19)", "content": "", "creation_timestamp": "2025-08-19T00:00:00.000000Z"}, {"uuid": "b00258d0-2729-41bc-bf41-f08487b4df50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/Russian_OSINT/4051", "content": "\u0413\u0435\u0440\u043e\u0435\u043c \u043d\u043e\u0432\u043e\u0439 \u0441\u0435\u0440\u0438\u0438 Ivanti Zero-Days \u0432\u0441\u043b\u0435\u0434 \u0437\u0430 CISA \u0441\u0442\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 - MITRE, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u0440\u0430\u043f\u043e\u0440\u0442\u043e\u0432\u0430\u0442\u044c \u043e \u043a\u0438\u0431\u0435\u0440\u0438\u043d\u0446\u0438\u0434\u043b\u0435\u043d\u0442\u0435.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0435\u0435 \u0441\u0435\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a NERVE \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044f\u043d\u0432\u0430\u0440\u044f \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u0430\u044f APT \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043d\u0443\u043b\u044f\u043c \u0432 Ivanti, \u043d\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0441\u0440\u0435\u0434\u0443 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 MITRE NERVE \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a \u0438 \u043f\u0440\u043e\u0442\u043e\u0442\u0438\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f MITRE \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure VPN \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0443\u043b\u044f\u043c\u0438 \u0432 Ivanti \u0438 \u043e\u0431\u043e\u0448\u043b\u0438 \u0435\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043c\u043d\u043e\u0433\u043e\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0441\u0435\u0430\u043d\u0441\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0433\u043b\u0443\u0431\u043e\u043a\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043b\u0438 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 VMware \u0441\u0435\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0410 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432.\n\nCVE-2023-46805 \u0438 CVE-2024-21887 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u043b\u0438\u0441\u044c \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 0-day \u0438 10 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f Volexity \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0438\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0422\u043e\u0433\u0434\u0430 Ivanti \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0431\u0435\u0441\u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043b\u0438\u0448\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u0442\u0440\u0438 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0437\u0430\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0439 Ivanti \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043b\u0430\u0433 \u0431\u044b\u043b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u043b\u0435\u0439. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438 MITRE \u043f\u043e\u043f\u0430\u043b\u0430 \u043f\u043e\u0434 \u0440\u0430\u0437\u0434\u0430\u0447\u0443.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 MITRE \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432, \u0447\u0442\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-04-23T15:58:25.000000Z"}, {"uuid": "aa5cdb12-81db-4a0e-8ecb-f3070253eedb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1850", "content": "https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/\nCVE-2023-46805 & CVE-2024-21887\n#poc", "creation_timestamp": "2024-01-16T05:57:56.000000Z"}, {"uuid": "ff76c639-7ac7-4166-b653-a192081b285e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1866", "content": "cve-2024-21887\n\nGET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20url HTTP/1.1", "creation_timestamp": "2024-01-18T05:58:27.000000Z"}, {"uuid": "fb7a6eab-15b1-46b8-82ed-657aaa966408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2535", "content": "#tools\n#Blue_Team_Techniques\nTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805/CVE-2024-21887\nhttps://github.com/rxwx/pulse-meter", "creation_timestamp": "2024-08-16T09:02:38.000000Z"}, {"uuid": "cfe4a130-5661-4e3e-9144-0ca40aea6851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-01-11T00:10:03.000000Z"}, {"uuid": "9cdff1bb-aa47-49ca-8080-1563c7f47090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/a9da4722-3b2c-42b6-9bb8-82f2162a171e", "content": "", "creation_timestamp": "2024-01-14T19:37:50.000000Z"}, {"uuid": "8ddd9f77-6501-4a86-821a-4ab9181169db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/0ace66e0-53b1-4429-a74a-81f419c1981e", "content": "", "creation_timestamp": "2024-01-29T15:39:35.000000Z"}, {"uuid": "1c152947-263f-4b9b-a81e-a978883d3506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/e13bf263-b5e8-4905-85b8-77c2c1d152c7", "content": "", "creation_timestamp": "2024-01-12T14:52:14.000000Z"}, {"uuid": "9b217477-9ca3-4f78-b0f0-41706a3a883a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/17a29b8e-11ca-42f7-9adf-886a25412b77", "content": "", "creation_timestamp": "2024-03-13T08:35:43.000000Z"}, {"uuid": "003eacd5-2520-4d5a-ab62-e97a559714b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/f2304431-4307-4143-ab94-0bce10c0d5f6", "content": "", "creation_timestamp": "2024-03-18T13:31:19.000000Z"}, {"uuid": "c51aec1e-d6df-49f2-a242-f200a7441357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/5c86e98c-f3a4-4a57-afb0-1ca99d24ad9b", "content": "", "creation_timestamp": "2024-03-01T14:20:52.000000Z"}, {"uuid": "90a40482-38a9-47e3-9891-6ecd9f435c84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "MISP/b832113b-e603-406a-ba62-aae9ba13b1b4", "content": "", "creation_timestamp": "2024-03-18T15:58:00.000000Z"}, {"uuid": "0c2219fe-6de0-4962-9aa5-dd98192d71db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/b832113b-e603-406a-ba62-aae9ba13b1b4", "content": "", "creation_timestamp": "2024-03-18T15:57:10.000000Z"}, {"uuid": "7da69f7f-2091-4868-b714-9c3688bc538b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/7847cc65-14c2-4577-97d5-819931319c46", "content": "", "creation_timestamp": "2024-04-09T08:08:15.000000Z"}, {"uuid": "b6c76bac-6f33-4ba9-9e2c-3876cbef861c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "327ec1df-b0ac-4249-a69a-7788c0f1b8a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-30)", "content": "", "creation_timestamp": "2025-01-30T00:00:00.000000Z"}, {"uuid": "f97ec613-2db3-4db5-987a-fb9cee6605b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "6dee1d9a-6b7f-45ef-a41e-92001d4b1fc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-24)", "content": "", "creation_timestamp": "2025-01-24T00:00:00.000000Z"}, {"uuid": "f25deda2-e510-4081-9dc3-8f8c1ad0b385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-20)", "content": "", "creation_timestamp": "2025-01-20T00:00:00.000000Z"}, {"uuid": "a4fa3655-ffbc-417f-9924-ccd95a00423e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-23)", "content": "", "creation_timestamp": "2025-01-23T00:00:00.000000Z"}, {"uuid": "9c555e4d-7e1c-414a-b0c2-454a3e0c4205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-05)", "content": "", "creation_timestamp": "2025-01-05T00:00:00.000000Z"}, {"uuid": "93300692-c123-4905-a9a7-512eac3cd203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-10)", "content": "", "creation_timestamp": "2025-01-10T00:00:00.000000Z"}, {"uuid": "903fa286-e5e2-4cae-9384-c5e89a2f3e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-09)", "content": "", "creation_timestamp": "2025-01-09T00:00:00.000000Z"}, {"uuid": "35949e31-a496-4420-a0e6-71dbc1fadae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-11)", "content": "", "creation_timestamp": "2025-01-11T00:00:00.000000Z"}, {"uuid": "869c657f-f9ec-4d31-b20f-07b1e04b7037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "ab957268-bb47-427c-a382-d9494f3fe004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-06)", "content": "", "creation_timestamp": "2024-11-06T00:00:00.000000Z"}, {"uuid": "b077ffa1-ccd2-4168-9a23-cbd82843a027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-04)", "content": "", "creation_timestamp": "2024-11-04T00:00:00.000000Z"}, {"uuid": "08905279-eb25-4b12-b2cb-8e4ee94cc1c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-15)", "content": "", "creation_timestamp": "2024-11-15T00:00:00.000000Z"}, {"uuid": "7b81f060-551f-4178-b4df-2cb63e008358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-17)", "content": "", "creation_timestamp": "2024-11-17T00:00:00.000000Z"}, {"uuid": "7d9b166f-8126-48fe-93bb-0b5ac1dec19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-25)", "content": "", "creation_timestamp": "2025-01-25T00:00:00.000000Z"}, {"uuid": "ef2fea1f-0968-45c2-ba24-4e94203cfae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-19)", "content": "", "creation_timestamp": "2024-11-19T00:00:00.000000Z"}, {"uuid": "605d3dd8-bf13-4024-a0d8-23983871e3ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-26)", "content": "", "creation_timestamp": "2024-11-26T00:00:00.000000Z"}, {"uuid": "0bb7b498-29a0-49f2-89ea-a3fd856ffdd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-11)", "content": "", "creation_timestamp": "2024-12-11T00:00:00.000000Z"}, {"uuid": "7a3c576d-9179-4d0b-b3a3-36d441ba8c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-06)", "content": "", "creation_timestamp": "2025-02-06T00:00:00.000000Z"}, {"uuid": "25372fb4-2bd3-4a5b-b031-7aa556531942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "b67ef1b8-fb4d-4ce5-90cd-24cd0dfdc4a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-03)", "content": "", "creation_timestamp": "2025-02-03T00:00:00.000000Z"}, {"uuid": "60f607f9-4857-419c-9615-124c212ba216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "96166e87-e8e6-495c-8dbc-24db8ae3fbd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "3bd3ab37-d335-44b9-bfd7-9a0576aa2f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-03)", "content": "", "creation_timestamp": "2025-03-03T00:00:00.000000Z"}, {"uuid": "10164894-b2a4-442c-800b-6c3366edeee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-24)", "content": "", "creation_timestamp": "2025-02-24T00:00:00.000000Z"}, {"uuid": "d53ecc28-1c42-480c-b715-c10521c8b11f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "349ed3f6-7b78-470d-ac6d-84f89766c30d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-16)", "content": "", "creation_timestamp": "2025-02-16T00:00:00.000000Z"}, {"uuid": "5721e0ae-a0e6-44d8-b714-4d2a7bdc81db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-16)", "content": "", "creation_timestamp": "2025-03-16T00:00:00.000000Z"}, {"uuid": "cea645b5-72c5-4fbc-8ef8-79b144fa1a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-19)", "content": "", "creation_timestamp": "2025-03-19T00:00:00.000000Z"}, {"uuid": "7f2145db-3f0d-447b-a858-79e893f133a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "835cccdc-7d4d-4d75-84a6-e63eeebe1cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-20)", "content": "", "creation_timestamp": "2025-03-20T00:00:00.000000Z"}, {"uuid": "0576d390-97f5-4e92-a194-c8c3f7288a9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-28)", "content": "", "creation_timestamp": "2025-02-28T00:00:00.000000Z"}, {"uuid": "c3ad0801-7224-41ea-a30c-fd659019e47d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-17)", "content": "", "creation_timestamp": "2025-03-17T00:00:00.000000Z"}, {"uuid": "05b132c6-d0d4-49d8-96c5-25a7b700ccba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-25)", "content": "", "creation_timestamp": "2025-02-25T00:00:00.000000Z"}, {"uuid": "2afef5d0-3c7b-499f-b0d4-b7a2b1faee6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-02)", "content": "", "creation_timestamp": "2025-04-02T00:00:00.000000Z"}, {"uuid": "d7bd6ab6-5b62-4231-b119-53d3a313019b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-21)", "content": "", "creation_timestamp": "2025-06-21T00:00:00.000000Z"}, {"uuid": "6eeb10f7-d588-421b-ad82-7fe758b1c2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-05)", "content": "", "creation_timestamp": "2025-04-05T00:00:00.000000Z"}, {"uuid": "621c2c68-7f76-426d-81e1-d8291c3e2b33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-09)", "content": "", "creation_timestamp": "2025-04-09T00:00:00.000000Z"}, {"uuid": "817ca670-0169-488a-83d1-ffa0e873a0b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/238add84-60d4-59b7-91a5-fb3919377cfb", "content": "", "creation_timestamp": "2025-04-15T12:54:48.000000Z"}, {"uuid": "dcc2ebcd-4843-42dd-9587-a99f15e8e504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-15)", "content": "", "creation_timestamp": "2025-04-15T00:00:00.000000Z"}, {"uuid": "23f9cf0f-4b50-48aa-916d-da3b0b75bbf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-13)", "content": "", "creation_timestamp": "2025-06-13T00:00:00.000000Z"}, {"uuid": "730981c9-2085-4f99-99e6-cee1b1861b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-17)", "content": "", "creation_timestamp": "2025-04-17T00:00:00.000000Z"}, {"uuid": "cf51c441-1740-41b8-81e6-43373c7bd85e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-19)", "content": "", "creation_timestamp": "2025-06-19T00:00:00.000000Z"}, {"uuid": "ac9c0433-af90-4302-8f43-690957a4cb84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "2f5cd4a9-a61a-4d4f-a89d-968f9958c500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "a988a2eb-9f69-48df-8415-d7987cbf9435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-25)", "content": "", "creation_timestamp": "2025-04-25T00:00:00.000000Z"}, {"uuid": "633d598b-1957-4c89-9ba7-8ac4c7f1e4fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-23)", "content": "", "creation_timestamp": "2025-06-23T00:00:00.000000Z"}, {"uuid": "de286f16-a910-4753-bb0b-72e67255429a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-12)", "content": "", "creation_timestamp": "2025-06-12T00:00:00.000000Z"}, {"uuid": "6fa39951-bc81-4826-86a9-2244b32d5833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "79aac230-2519-43bd-a023-f497120e5b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "408dd65f-0597-442f-a247-80abe74675ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "a73cb469-8bab-4274-bcef-a7315d994192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-27)", "content": "", "creation_timestamp": "2025-05-27T00:00:00.000000Z"}, {"uuid": "042d94b4-21e5-4eff-9e2d-c6106cfaba8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-11)", "content": "", "creation_timestamp": "2025-05-11T00:00:00.000000Z"}, {"uuid": "8996c290-90d5-4374-84d6-bc27502b45f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-12)", "content": "", "creation_timestamp": "2025-05-12T00:00:00.000000Z"}, {"uuid": "404f1718-9dd1-4e8a-b9fe-73dac0f9d6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-15)", "content": "", "creation_timestamp": "2025-06-15T00:00:00.000000Z"}, {"uuid": "034ac822-d584-4056-98d4-625b6f1c4d62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "3f249a8a-ccf8-46df-a247-76088ae9458f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures", "content": "", "creation_timestamp": "2025-05-14T05:58:20.451417Z"}, {"uuid": "bdd8a784-3187-4990-ada4-ca4af102bfd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "ac15b7aa-0306-44fc-8c5b-a6b570399def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-13)", "content": "", "creation_timestamp": "2025-05-13T00:00:00.000000Z"}, {"uuid": "4fe1582a-4a62-45f3-8a70-511129eaf4a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-fb46317f-f199617e874bb2a8", "content": "", "creation_timestamp": "2025-09-25T15:33:25.663101Z"}, {"uuid": "73a6fa59-c35b-4d51-8cc8-9164f13f1d11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-18)", "content": "", "creation_timestamp": "2025-10-18T00:00:00.000000Z"}, {"uuid": "eef994c4-e3d0-4a23-bfd1-6c8aeaf39005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "1c499048-a189-4a34-b238-14c465385071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "022e29e0-7db0-45d2-9b53-f42754fe8dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-02)", "content": "", "creation_timestamp": "2025-08-02T00:00:00.000000Z"}, {"uuid": "2f474965-6cbe-44ad-8f85-99e5c3687539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/1/kritische-sicherheitslucken-in-ivanti-connect-secure-und-ivanti-policy-secure-aktiv-ausgenutzt", "content": "", "creation_timestamp": "2024-01-11T11:25:20.000000Z"}, {"uuid": "12aef8e5-e625-4553-9d7f-5ad2e7fa881d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3lvqevlkx3322", "content": "", "creation_timestamp": "2025-08-06T13:57:03.475174Z"}, {"uuid": "03bea5e2-0d43-477e-ba14-78777a169e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-19)", "content": "", "creation_timestamp": "2025-10-19T00:00:00.000000Z"}, {"uuid": "235246f1-8620-494f-b568-cf6fab6bf3b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-31)", "content": "", "creation_timestamp": "2025-10-31T00:00:00.000000Z"}, {"uuid": "7381c113-6f2a-4cec-bfce-b899dc2b553d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-14)", "content": "", "creation_timestamp": "2025-09-14T00:00:00.000000Z"}, {"uuid": "9308df74-eb97-41a0-a1e9-fed7c1755a67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "1a531104-6eb6-4134-8924-3662de9ec3cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-16)", "content": "", "creation_timestamp": "2025-11-16T00:00:00.000000Z"}, {"uuid": "67d85cb3-6727-42e8-a78e-4cc5fcb6c6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-26)", "content": "", "creation_timestamp": "2025-10-26T00:00:00.000000Z"}, {"uuid": "ec71b5fa-56b5-4e7d-b85c-179893f7c73d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "94f1f9e2-aa9d-4c25-8dbb-a68b4866d301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-11)", "content": "", "creation_timestamp": "2025-10-11T00:00:00.000000Z"}, {"uuid": "63ec213e-5846-4ff0-a4a1-286c42cd22d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2024_21893.rb", "content": "", "creation_timestamp": "2024-02-20T23:56:50.000000Z"}, {"uuid": "390a5aee-a577-49a3-9354-6996e421983b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2023_46805.rb", "content": "", "creation_timestamp": "2024-01-19T22:03:20.000000Z"}, {"uuid": "8bde58cf-16c0-4e92-b88a-e0092a96c3ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-29)", "content": "", "creation_timestamp": "2025-11-29T00:00:00.000000Z"}, {"uuid": "679ded1a-22c8-484f-bb23-d48555055d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-30)", "content": "", "creation_timestamp": "2025-11-30T00:00:00.000000Z"}, {"uuid": "47e2d219-6fe5-4179-bfaf-25e2f08ac407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "29750049-cc7b-4c7a-9031-e54f986e0a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-04)", "content": "", "creation_timestamp": "2026-01-04T00:00:00.000000Z"}, {"uuid": "a318a134-e604-4b92-a682-8661c1428051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/thehackernews/4932", "content": "Researchers have uncovered a sophisticated attack chain targeting Ivanti Connect Secure devices. \n \nTwo vulnerabilities (CVE-2023-46805 and CVE-2024-21887) are being exploited to deliver the infamous Mirai botnet payload. \n \nMore details: https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html", "creation_timestamp": "2024-05-09T13:06:46.000000Z"}, {"uuid": "8967b672-eede-4324-88f8-1d3bafc4c102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/thehackernews/4780", "content": "\ud83d\uded1 Multiple China-based hackers are on a spree exploiting zero-day flaws in Ivanti appliances. \n \nVulnerabilities CVE-2023-46805, CVE-2024-21887, CVE-2024-21893 are being abused. \n \nLearn more: https://thehackernews.com/2024/04/researchers-identify-multiple-china.html \n \nEven financially motivated groups are in on the action.", "creation_timestamp": "2024-04-05T09:18:31.000000Z"}, {"uuid": "0deb70f2-6a10-4e66-8839-bf9d983a96b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/xakep_ru/15256", "content": "0-day \u0431\u0430\u0433\u0438 \u0432 Ivanti Connect Secure VPN \u0438 Policy Secure \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c\n\n\u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 Ivanti Connect Secure VPN \u0438 Policy Secure, \u043f\u043e\u0434\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u043c \u0430\u0442\u0430\u043a\u0430\u043c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2023-46805 \u0438 CVE-2024-21887 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0430\u0442\u0447\u0435\u0439 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 0-day \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442.\n\nhttps://xakep.ru/2024/01/18/ivanti-0days/", "creation_timestamp": "2024-01-18T14:41:32.000000Z"}, {"uuid": "c8116b0f-ad0a-4abd-909c-f6c527ec0482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1882", "content": "https://github.com/rxwx/pulse-meter\n\nTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805 and CVE-2024-21887\n#github", "creation_timestamp": "2024-01-21T06:15:38.000000Z"}, {"uuid": "5437461b-b99d-4715-bf07-18732ddf86e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2607", "content": "#tools\n#Red_Team_Tactics\n1. PoC Checker for Ivanti CVE-2024-21887 (Command injcetion)\nhttps://github.com/oways/ivanti-CVE-2024-21887\n2. All Tools For Hacking Activity: Exploiter, Checker, Webshell Finder, Grabber, Searching, Bruteforce, Random, and others tools\nhttps://github.com/DarkSkull777/DarkCool\n3. Syscalls via Vectored Exception Handling\nhttps://redops.at/en/blog/syscalls-via-vectored-exception-handling", "creation_timestamp": "2024-08-16T09:09:01.000000Z"}, {"uuid": "a9086a9b-06be-484f-9321-0d5dccffe378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/Rootsec_2/2611", "content": "#Threat_Research\n1. NextGen Mirth Connect Pre-Auth RCE (CVE-2023-43208)\nhttps://www.horizon3.ai/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce\n2. The SSLVPN Chaos Continues - Ivanti CVE-2023-46805, CVE-2024-21887\nhttps://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887", "creation_timestamp": "2024-08-16T09:09:01.000000Z"}, {"uuid": "44b9d5ae-43dc-4851-b9f1-5e246392043c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/9b0e1df3-b940-4dad-b639-688a43920690", "content": "", "creation_timestamp": "2024-02-01T16:40:06.000000Z"}, {"uuid": "807a39d0-e307-4b6d-ae22-2e226a90c17e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "MISP/9b0e1df3-b940-4dad-b639-688a43920690", "content": "", "creation_timestamp": "2024-02-01T16:40:06.000000Z"}, {"uuid": "144e3804-56aa-438a-bb6e-c14b221a959a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/3469fa1d-e6f2-4558-a6ad-b8e1e6817bab", "content": "", "creation_timestamp": "2024-01-25T19:16:18.000000Z"}, {"uuid": "edc705ac-4a3e-44ea-b969-1fb68450ead4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/ffea72a3-7935-4078-b769-b872475c5eae", "content": "", "creation_timestamp": "2024-11-27T08:28:21.000000Z"}, {"uuid": "140be60d-f014-4427-a8c5-4c3438b4eaaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "054b2b06-c24f-4588-913b-a1a04dd106e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "1669def1-5520-464f-9f4e-08426a5d4b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-22)", "content": "", "creation_timestamp": "2025-01-22T00:00:00.000000Z"}, {"uuid": "425304e4-e695-4880-b32d-522b3ea8bc88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-31)", "content": "", "creation_timestamp": "2024-12-31T00:00:00.000000Z"}, {"uuid": "49213a8a-c71b-4bba-98af-16e5c4a17c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-01)", "content": "", "creation_timestamp": "2025-01-01T00:00:00.000000Z"}, {"uuid": "3c78f189-d903-40e6-835b-d0ea85d375e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-02)", "content": "", "creation_timestamp": "2025-02-02T00:00:00.000000Z"}, {"uuid": "1a4af03b-cfd0-4147-87b6-2c7edd18de82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-24)", "content": "", "creation_timestamp": "2024-10-24T00:00:00.000000Z"}, {"uuid": "953fd558-a826-427e-93de-0cab5f3e0ee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-09)", "content": "", "creation_timestamp": "2024-11-09T00:00:00.000000Z"}, {"uuid": "d640b832-2ae5-4fd7-bcaa-6ff8d66c7bdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-08)", "content": "", "creation_timestamp": "2024-11-08T00:00:00.000000Z"}, {"uuid": "9d6e391e-d982-48a8-8ae0-ef3f592ff432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-06)", "content": "", "creation_timestamp": "2024-12-06T00:00:00.000000Z"}, {"uuid": "d39b1499-f1d2-4fa2-b0d5-fe1fc6501c0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "418669fc-8fee-493a-bc14-eb06688b71ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-20)", "content": "", "creation_timestamp": "2024-12-20T00:00:00.000000Z"}, {"uuid": "0860b322-1247-41d2-8c5d-4e4a59654ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "dddf8753-be4c-40c0-a2ef-0f7d512334b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "6aab59d3-d51b-43fe-9bde-804ac7df922a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "edb6482c-6eda-4c2f-b514-ad0bc1d9954c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "020883ec-afaf-468c-b316-1558dde85f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "b6e260cf-0c9d-4747-82de-634fb3d26ca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "5e3e5ea7-f0a1-4176-b643-cb4655670e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-23)", "content": "", "creation_timestamp": "2025-03-23T00:00:00.000000Z"}, {"uuid": "a5259897-c7e0-42d8-8551-f3b7335b9af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-26)", "content": "", "creation_timestamp": "2025-03-26T00:00:00.000000Z"}, {"uuid": "2258bf12-eed0-424b-90fc-9a262542a813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21881", "type": "seen", "source": "https://bsky.app/profile/dynom.nl/post/3lk3er3lci22b", "content": "", "creation_timestamp": "2025-03-11T05:51:29.937157Z"}, {"uuid": "6e8987c0-0cd7-46d2-a3fd-c8ec985d97b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-13)", "content": "", "creation_timestamp": "2025-02-13T00:00:00.000000Z"}, {"uuid": "ede1f099-9cf1-42a1-a5eb-84bc8d922e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:51.000000Z"}, {"uuid": "1d4a8402-e06a-4363-80fe-637c463309e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-24)", "content": "", "creation_timestamp": "2025-03-24T00:00:00.000000Z"}, {"uuid": "4aa2930f-f8df-4786-af39-5101a7c9dfc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-27)", "content": "", "creation_timestamp": "2025-03-27T00:00:00.000000Z"}, {"uuid": "88e88c07-0382-4469-8a0d-323002e5a5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-18)", "content": "", "creation_timestamp": "2025-05-18T00:00:00.000000Z"}, {"uuid": "29bc2273-8b51-4379-9218-7642c0e70a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "f229177d-af90-4fe7-bde6-f5727f4dd123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-08)", "content": "", "creation_timestamp": "2025-04-08T00:00:00.000000Z"}, {"uuid": "1d8bacc2-6436-4edf-9a3a-9250f9546653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-10)", "content": "", "creation_timestamp": "2025-04-10T00:00:00.000000Z"}, {"uuid": "9556d4bb-b685-44f2-917d-30944a6a62e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-11)", "content": "", "creation_timestamp": "2025-04-11T00:00:00.000000Z"}, {"uuid": "19595e33-bb05-4b28-a7a0-c72bb1c77f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-11)", "content": "", "creation_timestamp": "2025-06-11T00:00:00.000000Z"}, {"uuid": "5d2e0722-039e-4ef2-b3cc-8e49ccd45d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-21)", "content": "", "creation_timestamp": "2025-05-21T00:00:00.000000Z"}, {"uuid": "681d8a13-6f64-46af-9f29-f0a6ba7c3ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-26)", "content": "", "creation_timestamp": "2025-05-26T00:00:00.000000Z"}, {"uuid": "849c710d-4220-4956-86d5-bfef4e787850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-18)", "content": "", "creation_timestamp": "2025-04-18T00:00:00.000000Z"}, {"uuid": "48abcb5c-ec18-41f7-a780-d62e0956824b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-28)", "content": "", "creation_timestamp": "2025-05-28T00:00:00.000000Z"}, {"uuid": "fcf91f85-63b2-41ac-9901-f469a224d17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-08)", "content": "", "creation_timestamp": "2025-06-08T00:00:00.000000Z"}, {"uuid": "f44a4fba-4993-4958-b2ad-02c4b14c376d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "25175a7f-3ab2-44b9-af04-f52dcbbf1127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-27)", "content": "", "creation_timestamp": "2025-04-27T00:00:00.000000Z"}, {"uuid": "850af677-b539-4171-8982-7fffd4e1ba48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-19)", "content": "", "creation_timestamp": "2025-05-19T00:00:00.000000Z"}, {"uuid": "57c5feaa-34ce-4667-928c-3cc279319a58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-30)", "content": "", "creation_timestamp": "2025-06-30T00:00:00.000000Z"}, {"uuid": "e901672b-9a20-4eac-b4cf-1a3f7b4f30af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "904b83e7-6a34-45de-9437-c5858817b55d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "8e125077-47cb-4392-b713-1a3b43de95da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "07ef041f-23cc-4dcc-986a-67fd947843cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-25)", "content": "", "creation_timestamp": "2025-05-25T00:00:00.000000Z"}, {"uuid": "862cfaf6-4dfe-4546-bab1-5ff90f61ac80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "4b22c146-1623-408e-b886-57d438b71366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-04)", "content": "", "creation_timestamp": "2025-06-04T00:00:00.000000Z"}, {"uuid": "78c95402-2629-4ff0-a091-d39446d3a9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "5915d7bc-94f9-4fbf-a725-3a514cf10df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-09)", "content": "", "creation_timestamp": "2025-06-09T00:00:00.000000Z"}, {"uuid": "fd20c445-d474-4bec-ad2f-c3f93047300f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-22)", "content": "", "creation_timestamp": "2025-07-22T00:00:00.000000Z"}, {"uuid": "dba28d81-29e9-4736-a2c5-8d421cd11dd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-25)", "content": "", "creation_timestamp": "2025-10-25T00:00:00.000000Z"}, {"uuid": "db65108a-2c95-4232-ba56-923389dad8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}, {"uuid": "089a5568-b49a-40fd-907c-d54ebb3330fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-15)", "content": "", "creation_timestamp": "2025-11-15T00:00:00.000000Z"}, {"uuid": "a7d548de-67ae-40e2-ac21-dc3cb08c33b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/1/kritische-sicherheitslucken-in-ivanti-connect-secure-und-ivanti-policy-secure-aktiv-ausgenutzt", "content": "", "creation_timestamp": "2024-01-11T11:25:20.000000Z"}, {"uuid": "bee2b7cb-50fc-4167-8765-8944f9e3481a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-03)", "content": "", "creation_timestamp": "2025-08-03T00:00:00.000000Z"}, {"uuid": "040023d4-945c-4d94-a287-23c7fcbeab8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-09)", "content": "", "creation_timestamp": "2025-08-09T00:00:00.000000Z"}, {"uuid": "4db5d859-9c98-454e-bdf5-6bb9e1704950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-21)", "content": "", "creation_timestamp": "2025-09-21T00:00:00.000000Z"}, {"uuid": "21a70d4e-fcd0-40e9-81e2-2f76aa0adc87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "8f6fa959-da1e-4279-8093-ca8a1e2261ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-22)", "content": "", "creation_timestamp": "2025-11-22T00:00:00.000000Z"}, {"uuid": "254b8b6f-8465-4651-ae01-21b4f385ef11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-07)", "content": "", "creation_timestamp": "2025-09-07T00:00:00.000000Z"}, {"uuid": "b493c3ec-7968-4cf2-a2e4-0415de6b2144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "55db6d5f-e005-43a0-969e-b1b75fb8b760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "2e4e14f2-5e4f-4b58-8946-b35491ec93e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-18)", "content": "", "creation_timestamp": "2025-08-18T00:00:00.000000Z"}, {"uuid": "1cc35d91-856f-43b3-b44b-f80ecaa6ee96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "b37eb826-a0aa-4973-801b-5ccbc15e89c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "441fae03-d1d9-4704-a8a3-2a12617dfdf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-04)", "content": "", "creation_timestamp": "2025-10-04T00:00:00.000000Z"}, {"uuid": "0710bab1-ee65-4497-abb5-08bb68262284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "e9bf368e-43c2-44db-8120-d3e608c2adb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "e0cdfddd-e484-44cb-a13a-171f9e721530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ivanti_connect_secure_rce_cve_2024_21893.rb", "content": "", "creation_timestamp": "2024-02-20T23:56:50.000000Z"}, {"uuid": "0ca50e86-8f1b-45f2-945e-a12c8c66c10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://threatintel.cc/2025/08/30/cisa-aaa-global-advisory-on.html", "content": "", "creation_timestamp": "2025-08-30T21:15:53.000000Z"}, {"uuid": "01aabf3d-3942-4ff0-9ad5-e3c4f61b20a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-31)", "content": "", "creation_timestamp": "2025-08-31T00:00:00.000000Z"}, {"uuid": "12de899a-4049-4900-9142-ab7b771f0a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-23)", "content": "", "creation_timestamp": "2025-11-23T00:00:00.000000Z"}, {"uuid": "b9c4acdd-e75e-4b77-8e5f-0b72a613988f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-24)", "content": "", "creation_timestamp": "2025-09-24T00:00:00.000000Z"}, {"uuid": "3c3ee9e7-2b60-411f-9120-bc131ac68e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-08)", "content": "", "creation_timestamp": "2025-12-08T00:00:00.000000Z"}, {"uuid": "6b2c89a3-92ff-4ae9-ba36-90cffc249347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "bc032b43-778f-4153-afd1-fe68c65b768c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "add3fc08-7201-4a73-8059-5f1ec89ab534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-30)", "content": "", "creation_timestamp": "2025-12-30T00:00:00.000000Z"}, {"uuid": "97144711-1cb7-4ec8-adc3-7742ea10babd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "895933a5-1e7e-4690-9704-8a0af29056fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "395cae39-78cb-4189-8d7c-41971ad0d890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-22)", "content": "", "creation_timestamp": "2026-01-22T00:00:00.000000Z"}, {"uuid": "6115ae89-d848-444a-9d14-588b16b6b9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-05)", "content": "", "creation_timestamp": "2026-02-05T00:00:00.000000Z"}, {"uuid": "dfde8425-13a6-4f28-bc5f-94ccd2e04da2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-03)", "content": "", "creation_timestamp": "2026-02-03T00:00:00.000000Z"}, {"uuid": "e7ffba25-66e8-43d8-be20-c59f7bc6272c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b50e73bd-437e-4e8d-bf9f-1fe293b293c1", "content": "", "creation_timestamp": "2026-02-02T12:26:43.166151Z"}, {"uuid": "14fa2938-5518-4799-9093-215e0302dce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-06)", "content": "", "creation_timestamp": "2026-02-06T00:00:00.000000Z"}, {"uuid": "3e9914ce-eb52-4b98-be9b-9406fcb1a059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-19)", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "e8c6d2f2-367c-4d80-b29e-e1973feaf87f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-25)", "content": "", "creation_timestamp": "2026-03-25T00:00:00.000000Z"}, {"uuid": "d3adeab6-0281-435a-934f-47bb901d47d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "a1b3e99e-b48c-4715-96cb-7bb0ee5c47bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-28)", "content": "", "creation_timestamp": "2026-03-28T00:00:00.000000Z"}, {"uuid": "51935149-735c-46a5-b72d-f1cbb0c14bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b50e73bd-437e-4e8d-bf9f-1fe293b293c1", "content": "", "creation_timestamp": "2026-02-02T12:26:43.166151Z"}, {"uuid": "e06f304d-3e1d-47c2-9811-1a712e1fef8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-06)", "content": "", "creation_timestamp": "2026-04-06T00:00:00.000000Z"}, {"uuid": "f91e0a57-74e5-4039-9de1-aa6f5ad9e143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/E99GV6b_0bPHJGpg3-uU0s1YiwZUE2cHW_8vO8VqO0pnd3Y", "content": "", "creation_timestamp": "2024-04-05T11:46:36.000000Z"}, {"uuid": "4ad5a819-4b9b-42ac-bdcb-57a7d286439a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-22)", "content": "", "creation_timestamp": "2026-04-22T00:00:00.000000Z"}, {"uuid": "02af89bb-c070-4695-8d64-7cf35657df04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-23)", "content": "", "creation_timestamp": "2026-04-23T00:00:00.000000Z"}, {"uuid": "597bb18c-9146-40f5-b4af-d55578dcd5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-24)", "content": "", "creation_timestamp": "2026-04-24T00:00:00.000000Z"}, {"uuid": "7a711e62-1a67-452a-9ba0-e645fb8cd754", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6417", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC Checker for ivanti CVE-2024-21887 Command injcetion\nURL\uff1ahttps://github.com/oways/ivanti-CVE-2024-21887\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-14T09:30:45.000000Z"}, {"uuid": "0d5a97e5-6681-4d43-abef-8c424b77aa14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/itsec_news/3981", "content": "\u200b\u26a1\ufe0f0day \u0432 Ivanti: \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0442\u044b\u0441\u044f\u0447\u0438 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0441\u0440\u0435\u0434\u0438 \u0436\u0435\u0440\u0442\u0432 \u2013 \u0432\u043e\u0435\u043d\u043d\u044b\u0435, \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u044b \u0438 \u0431\u0430\u043d\u043a\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443\n\n\u0420\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u043c\u044b \u0443\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Ivanti. \u041d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 Mandiant \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Zipline, Thinspool Dropper, Wirefire, Lightwire \u0438 Warpwire Harverster.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Volexity, 14 \u044f\u043d\u0432\u0430\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 1 700 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ICS \u0441 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u043c GIFFEDVISITOR.\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0436\u0435\u0440\u0442\u0432 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u0447\u0430\u0441\u0442\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f, \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u044f\u0434\u0447\u0438\u043a\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0431\u0430\u043d\u043a\u0438, \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u0438 \u0431\u0443\u0445\u0433\u0430\u043b\u0442\u0435\u0440\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043c\u0438\u0440\u043e\u0432\u044b\u0435 \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0444\u0438\u0440\u043c\u044b \u0432 \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439, \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0438 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043d\u043e\u0439 \u043e\u0442\u0440\u0430\u0441\u043b\u044f\u0445.\n\n\u0421\u043b\u0443\u0436\u0431\u0430 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0433\u0440\u043e\u0437 Shadowserver \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 16 800 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ICS \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 (\u043e\u043a\u043e\u043b\u043e 5 000) \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0421\u0428\u0410, \u043e\u0434\u043d\u0430\u043a\u043e \u0443\u0433\u0440\u043e\u0437\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e \u043d\u043e\u0441\u0438\u0442 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440.\n\n\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 VPN ICS \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 IPS, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043e\u0447\u0435\u0442\u0430\u044f \u0434\u0432\u0435 \u0440\u0430\u043d\u0435\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-46805 \u0438 CVE-2024-21887 .\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u0435\u043c\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 (UTA0178 \u0438\u043b\u0438 UNC5221) \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u043e\u0441\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043d\u043e\u0432\u044b\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\nIvanti \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u043e\u0441\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u0433\u043b\u0443\u0431\u0438\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440, \u0447\u0435\u043c \u043c\u043e\u0433\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0440\u0430\u043d\u0435\u0435. \u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0441\u0435\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Ivanti Integrity Checker \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0412 \u0438\u044e\u043b\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Ivanti ( CVE-2023-35078 \u0438 CVE-2023-35081 ) \u0431\u044b\u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043d\u043e\u0440\u0432\u0435\u0436\u0441\u043a\u0438\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439, \u0430 \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0447\u0430\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u0442\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2023-38035 ) \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Ivanti Sentry \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 API.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-16T15:35:02.000000Z"}, {"uuid": "dfc8a346-c2b7-45be-8f9b-b21764db8b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/itsec_news/4012", "content": "\u200b\u26a1\ufe0fIvanti \u043f\u043e\u0434\u0430\u0440\u0438\u043b\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0421\u0428\u0410\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (Cybersecurity and Infrastructure Security Agency, CISA) \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0443, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044e\u0449\u0443\u044e \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0441\u043a\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0432\u043b\u0430\u0441\u0442\u0438 (Federal Civilian Executive Branch, FCEB) \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0434\u0432\u0443\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Ivanti Connect Secure (ICS) \u0438 Ivanti Policy Secure (IPS).\n\n\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 ( CVE-2023-46805 , \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.2) \u0438 \u043e\u0448\u0438\u0431\u043a\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 ( CVE-2024-21887 , \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.1) \u2014 \u0441\u0442\u0430\u043b\u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\nIvanti \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430, \u0447\u0442\u043e \u0441\u0442\u0430\u043b\u0430 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u0435\u043c \u00ab\u0440\u0435\u0437\u043a\u043e\u0433\u043e \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0443\u0433\u0440\u043e\u0437\u00bb, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 11 \u044f\u043d\u0432\u0430\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0431\u043e\u043a\u043e\u0432\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435 (Lateral Movement), \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043a\u0440\u0430\u0436\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0442\u044c \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0443\u0442\u044c \u0447\u0435\u0440\u0435\u0437 XML-\u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0434\u043b\u044f \u0432\u043d\u0435\u0441\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e.\n\nCISA \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 ICS, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u044f\u0432\u0438\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0430 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0445 \u043e\u0442 \u0441\u0435\u0442\u0435\u0439 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0438\u043c\u043f\u043e\u0440\u0442\u043e\u043c XML-\u0444\u0430\u0439\u043b\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c FCEB \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043e\u0437\u0432\u0430\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u043a\u043b\u044e\u0447\u0438 API \u0438 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u043b\u044e\u0431\u043e\u0433\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0448\u043b\u044e\u0437\u0435.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Volexity \u0438 Mandiant \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c, \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043e \u043e\u043a\u043e\u043b\u043e 2 100 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u0432\u043e\u043b\u043d\u0430 \u0430\u0442\u0430\u043a \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430. \u0421 \u0442\u043e\u0433\u043e \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u0435\u043c\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 (UTA0178 \u0438\u043b\u0438 UNC5221) \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u043e\u0441\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043d\u043e\u0432\u044b\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-22T14:41:11.000000Z"}, {"uuid": "5cd6ef01-3bcd-4a46-b75f-6756add28db6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6667", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21887 Exploitation with Ngrok Reverse Shell\nURL\uff1ahttps://github.com/pwniel/ivanti_shell\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-24T12:59:54.000000Z"}, {"uuid": "c75ba5a2-c3d3-4a21-a83c-be360a2efefd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1092", "content": "\ud83d\udc40 \u0428\u043b\u044e\u0437\u043e\u0432\u043e\u0435 \u041f\u041e Ivanti \u0441\u043d\u043e\u0432\u0430 \u043f\u0440\u043e\u0434\u044b\u0440\u044f\u0432\u0438\u043b\u0438\n\n\u041d\u043e\u0432\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c Ivanti \u0434\u043b\u044f \u0436\u0435\u043b\u0430\u044e\u0449\u0438\u0445 \u0432\u0437\u0431\u043e\u0434\u0440\u0438\u0442\u044c\u0441\u044f: \u0434\u0432\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u044f \u0432 Ivanti Connect Secure \u0438 Policy Secure. \u041f\u0430\u0440\u043e\u0447\u043a\u0430 \u0438\u0437 CVE-2023-46805 (\u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438) \u0438 CVE-2024-21887 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434) \u0432 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0438\u0447\u044c RCE \u043d\u0430 \u0448\u043b\u044e\u0437\u0435. \u0412 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0442\u043e\u0440\u0447\u0438\u0442 \u043f\u043e\u0447\u0442\u0438 15 \u0442\u044b\u0441\u044f\u0447 \u0442\u0430\u043a\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0432 \u0421\u0428\u0410, \u042f\u043f\u043e\u043d\u0438\u0438, \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u041a\u0438\u0442\u0430\u0435. \n\n\u0414\u044b\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435, \u043d\u043e \u043d\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e, Ivanti \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 \u043e \u00ab\u043c\u0435\u043d\u0435\u0435 10\u00bb \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445  \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u0435\u0449\u0430\u044e\u0442 \u0432 \u0434\u0432\u0435 \u043f\u0430\u0440\u0442\u0438\u0438: \u0431\u0435\u0442\u0430 22 \u044f\u043d\u0432\u0430\u0440\u044f, \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u2014 19 \u0444\u0435\u0432\u0440\u0430\u043b\u044f. \u0422\u0435\u043c, \u043a\u043e\u043c\u0443 \u0436\u0438\u0442\u044c \u0441 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c\u0438 \u0434\u044b\u0440\u0430\u043c\u0438 \u0432 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0434\u0438\u0441\u043a\u043e\u043c\u0444\u043e\u0440\u0442\u043d\u043e, \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0442 \u0432\u0437\u044f\u0442\u044c \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0440\u0442\u0430\u043b\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0430\u0442\u0447 mitigation.release.20240107.1.xml (\u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0443 \u0442\u0443\u0442).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-01-11T15:38:03.000000Z"}, {"uuid": "820f0d1e-6368-4213-984d-f55c04ffc2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/Q2Wb1gTo4-yPIel4el29lFnXORS7KBW-EynGz4H2VTwYbg", "content": "", "creation_timestamp": "2024-04-05T11:23:56.000000Z"}, {"uuid": "16d3fd87-cf9c-43fd-be1b-209faaf9b400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/YhPCDR0YMLzZ9QBAc-P2uB1KGyb_ka2H-QrgAoGp7YzzjA", "content": "", "creation_timestamp": "2024-05-09T14:27:44.000000Z"}, {"uuid": "54845f66-26bc-44a1-8b38-9a87007dadaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/KomunitiSiber/1419", "content": "Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware\nhttps://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html\n\nA pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called\u00a0KrustyLoader\u00a0that's used to drop the open-source Sliver adversary simulation tool.\nThe\u00a0security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused", "creation_timestamp": "2024-01-31T08:46:59.000000Z"}, {"uuid": "384a01de-9854-48a5-b1dd-708715787007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/KomunitiSiber/1914", "content": "Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery\nhttps://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html\n\nTwo recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous\u00a0Mirai botnet.\nThat's according to\u00a0findings\u00a0from Juniper Threat Labs, which said the vulnerabilities\u00a0CVE-2023-46805 and CVE-2024-21887\u00a0have been leveraged to deliver the botnet payload.\nWhile CVE-2023-46805 is an authentication bypass flaw,", "creation_timestamp": "2024-05-09T13:48:35.000000Z"}, {"uuid": "06d76f22-779a-4c02-bd52-225229998713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/KomunitiSiber/1738", "content": "Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws\nhttps://thehackernews.com/2024/04/researchers-identify-multiple-china.html\n\nMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).\nThe clusters are being tracked by Mandiant under the monikers\u00a0UNC5221, UNC5266, UNC5291,\u00a0UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is\u00a0UNC3886.\nThe Google Cloud", "creation_timestamp": "2024-04-05T10:41:57.000000Z"}, {"uuid": "77d56cda-97c5-42f0-8853-3578cd037f49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "Telegram/2ZJRl6kj35bpV8cE0y3_laNFG0_cPupuWOOpZwB2O4Aai5A", "content": "", "creation_timestamp": "2024-03-24T06:43:04.000000Z"}, {"uuid": "930fd5cc-0357-4e97-b019-f47a04a56749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "Telegram/AoTh20eJfP8344orP2xRahZLy0eANhtkd2IQ0wCN21aSR88", "content": "", "creation_timestamp": "2024-01-31T14:27:41.000000Z"}, {"uuid": "4128c8a5-f9f2-4d54-82d3-8c4218c6749f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/true_secator/5361", "content": "\u0421\u043e \u0441\u043a\u0440\u0438\u043f\u043e\u043c \u0437\u0430\u043f\u0438\u043b\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day \u0441 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435\u043c \u0432\u0441\u0435\u0445 \u0441\u0440\u043e\u043a\u043e\u0432, Ivanti \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u0442 \u0434\u0432\u0435 \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Connect Secure \u0438 Policy Secure VPN \u0438 Ivanti Neurons for ZTA, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0430\u043a\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 Ivanti \u043e \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u0445, \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c CVE-2023-46805 \u0438 CVE-2024-21887, \u0432\u044b\u0448\u043b\u043e \u0440\u043e\u0432\u043d\u043e \u0442\u043e\u0433\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0437\u0430\u043f\u043e\u0437\u0434\u0430\u043b\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0432 \u043e\u0431\u0438\u0445\u043e\u0434\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f.\n\nShadowserver\u00a0\u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044f\u043c Ivanti VPN \u0438 \u0442\u043e\u043b\u044c\u043a\u043e 30 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e\u00a0\u0431\u043e\u043b\u0435\u0435 460 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\nMandiant\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u044f\u0442\u044c \u0448\u0442\u0430\u043c\u043c\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0445\u043e\u0434\u0435 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u043a\u0440\u0430\u0436\u0443 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0443 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Volexity \u0438 GreyNoise \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u044b XMRig \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Rust \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0436\u0435\u0440\u0442\u0432.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0432\u043d\u043e\u0432\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u0430\u044f CVE-2024-21893 (CVSS 8,2 \u0438\u0437 10) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 SAML \u0448\u043b\u044e\u0437\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-21888 \u0441 CVSS 8,8/10) \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0448\u043b\u044e\u0437\u043e\u0432 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432. \u041d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u2014 \u0432\u0435\u0440\u0441\u0438\u044e 9.x \u0438 22.x.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 (CVE-2024-21893) \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.\n\nIvanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043e\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 ZTA \u0438 Connect Secure, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e\u00a0\u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u0441\u0435 \u043e\u0436\u0438\u0434\u0430\u044e\u0449\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2024-02-01T11:24:46.000000Z"}, {"uuid": "1c4cb25e-0cd4-4e07-8f4c-7adc1d3bbbd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "6de9b491-0f1e-4765-84dc-9f1b180d64b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "2b231352-8082-4abe-bf04-1e2026c97f0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-02)", "content": "", "creation_timestamp": "2025-11-02T00:00:00.000000Z"}, {"uuid": "76ea1f87-8491-430c-889f-d0ce4d9099b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-24)", "content": "", "creation_timestamp": "2025-11-24T00:00:00.000000Z"}, {"uuid": "c21873d9-6120-4e50-adc7-72e4928c86eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/94901317-a31d-44b5-a66c-8fe3dbace6b5", "content": "", "creation_timestamp": "2025-09-12T00:16:18.000000Z"}, {"uuid": "1fd3da8b-7085-47af-b702-e4255cfca40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-24)", "content": "", "creation_timestamp": "2025-08-24T00:00:00.000000Z"}, {"uuid": "47819a88-c191-45b1-8bf5-0b69d1fbb5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-25)", "content": "", "creation_timestamp": "2025-08-25T00:00:00.000000Z"}, {"uuid": "db0f44a3-1f1d-47c4-87c4-12f13276322f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://gist.github.com/Darkcrai86/da9ecf3adb54c85fdd2c034d1f6c6e26", "content": "", "creation_timestamp": "2025-08-28T17:17:10.000000Z"}, {"uuid": "0301a37d-c797-49b3-94c8-543ddc67359c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-0cc0a2cc-984ab59dd0761b42", "content": "", "creation_timestamp": "2025-08-29T07:38:09.319333Z"}, {"uuid": "b6ced000-180f-4380-9c78-b9ed6c79080e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/3057b723-5fae-476d-b162-b0a1a9a63ac2", "content": "", "creation_timestamp": "2025-08-28T15:41:48.000000Z"}, {"uuid": "241d2779-a9d0-4c41-bef4-190453bb7457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://gist.github.com/Darkcrai86/3cba1d61c2336cd96b3fc8eeb1ae8f56", "content": "", "creation_timestamp": "2025-08-29T17:27:13.000000Z"}, {"uuid": "908561aa-60eb-4853-a9a0-6db8aafbb382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:11.000000Z"}, {"uuid": "7fe4a617-369d-45be-8c19-c2bf347522bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-30)", "content": "", "creation_timestamp": "2025-08-30T00:00:00.000000Z"}, {"uuid": "c46372ce-ef4d-4b67-aece-81fd822046b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/3057b723-5fae-476d-b162-b0a1a9a63ac2", "content": "", "creation_timestamp": "2025-09-01T03:42:36.000000Z"}, {"uuid": "cfddd373-28ea-42cc-96bc-1df4fa7c4fec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/3445a876-cced-4346-bf37-e276ba39cff4", "content": "", "creation_timestamp": "2025-09-02T18:30:14.000000Z"}, {"uuid": "2beca524-1e19-4667-a813-b744d91e20f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-06)", "content": "", "creation_timestamp": "2025-12-06T00:00:00.000000Z"}, {"uuid": "fa39ecf7-e5d3-4938-b5aa-1073f30d46cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "0bd34922-245a-4a82-a0eb-5971ee51c5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-19)", "content": "", "creation_timestamp": "2025-12-19T00:00:00.000000Z"}, {"uuid": "337ee7a2-f40c-45a3-8fd4-fef2a8c24739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "2a27d2d2-8510-4c8c-a25f-c8481611b1fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-21)", "content": "", "creation_timestamp": "2025-12-21T00:00:00.000000Z"}, {"uuid": "5562d819-e029-4852-af7f-8882e7f42268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-28)", "content": "", "creation_timestamp": "2025-12-28T00:00:00.000000Z"}, {"uuid": "21ba9321-d581-4652-a27c-599c2b28547d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "13dd31fe-e5e5-47a5-b403-92600f3b7160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-15)", "content": "", "creation_timestamp": "2026-01-15T00:00:00.000000Z"}, {"uuid": "833d7f4e-8d5f-45a5-92e5-04191c803cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "05dfb7b9-3aed-470b-bc93-bec33b7ff720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "e1bef082-743a-4f33-b9e9-be02dbec5b4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-24)", "content": "", "creation_timestamp": "2026-01-24T00:00:00.000000Z"}, {"uuid": "c1abc9f6-c0c2-482b-8fba-733da526258f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-30)", "content": "", "creation_timestamp": "2026-01-30T00:00:00.000000Z"}, {"uuid": "88fcf0c0-ee42-46d0-a083-ac7ac0d3946e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-01)", "content": "", "creation_timestamp": "2026-02-01T00:00:00.000000Z"}, {"uuid": "af1fb550-63ae-4e50-b42e-0bf705f8e555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-30)", "content": "", "creation_timestamp": "2026-03-30T00:00:00.000000Z"}, {"uuid": "8e0ede1a-da5c-4b32-bad2-542f52aa8915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "be9ec638-5120-4869-aa13-ed485ac76eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "6b8b5932-47d6-4bdf-ae14-7db256fa610e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "993a5174-6b58-467f-9f5c-f87b7592d877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-10)", "content": "", "creation_timestamp": "2026-02-10T00:00:00.000000Z"}, {"uuid": "e04e014a-a17f-4011-a1b5-48a7458d122e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "b707089e-c829-4762-a65a-87e4586994f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/f3b16ca9-f749-4169-9a68-b159e6aaf5ed", "content": "", "creation_timestamp": "2026-04-18T13:07:25.000000Z"}, {"uuid": "702e1f73-af2a-4fe5-bf66-685dca55ffe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-02)", "content": "", "creation_timestamp": "2026-03-02T00:00:00.000000Z"}, {"uuid": "b4d71714-77bb-4bf4-a0ab-a45d733fc05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-26)", "content": "", "creation_timestamp": "2026-02-26T00:00:00.000000Z"}, {"uuid": "ae00ec1b-a525-4caa-a398-5151fd9078ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1197", "content": "", "creation_timestamp": "2024-01-11T04:00:00.000000Z"}, {"uuid": "dc3c08d0-48a4-4679-a9cf-e875c10b6b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-11)", "content": "", "creation_timestamp": "2026-03-11T00:00:00.000000Z"}, {"uuid": "0a449ce9-44ab-44ea-b2bb-4c748f618f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_2/2024", "content": "", "creation_timestamp": "2024-01-10T20:21:17.000000Z"}, {"uuid": "2c357a27-5da1-4473-b006-de03ced99c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_2/2024", "content": "", "creation_timestamp": "2024-01-10T20:21:17.000000Z"}, {"uuid": "6bfb80f6-e806-4747-92a2-5161a4c2caa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1197", "content": "", "creation_timestamp": "2024-01-11T04:00:00.000000Z"}, {"uuid": "c557ed81-42db-4fc5-8d57-2bf5cd24ea96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "e80f9ff8-0a88-4c09-a00f-c666db04cb66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/e3ff8696-592c-4423-9a57-2cb2716b141e", "content": "", "creation_timestamp": "2025-08-29T14:07:34.392990Z"}, {"uuid": "f424e284-8f0f-4f34-92ba-adc5deead739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/MgTqQgmDO8xxM6Pf2YfmuSScTpaiNL3ESHnSqRU-m1GfL0c", "content": "", "creation_timestamp": "2024-05-09T14:25:08.000000Z"}, {"uuid": "da578bc3-e310-4de0-83d5-586367b2ba02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-09)", "content": "", "creation_timestamp": "2026-04-09T00:00:00.000000Z"}, {"uuid": "51360f7f-0c73-45fe-94ee-abd81f8ccc04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/", "content": "", "creation_timestamp": "2026-04-06T04:00:00.000000Z"}, {"uuid": "d05ba502-1a98-4c04-91ea-ecf489549676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "8dec766c-e3c6-40c7-9cc2-c28c05f9de16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/GithubRedTeam/6557", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.\nURL\uff1ahttps://github.com/Agampreet-Singh/CVE-2024-0652\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-03T04:35:37.000000Z"}, {"uuid": "a0748ecd-4ab7-4292-87ec-5b0d4b9e9473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aTool for checking the Ivanti Connect Secure System Snapshot for IOCs related to CVE-2023-46805 and CVE-2024-21887\nURL\uff1ahttps://github.com/rxwx/pulse-meter\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-16T19:42:54.000000Z"}, {"uuid": "6e2001d0-c42c-4305-9244-dce7587a324b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6453", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aIvanti Connect Around attack chain mitigation validation tool. CVE-2023-46805 and CVE-2024-21887.\nURL\uff1ahttps://github.com/seajaysec/Ivanti-Connect-Around-Scan\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-19T01:55:03.000000Z"}, {"uuid": "414dba5f-bd41-4c4b-991c-1262e1320d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/itsec_news/3971", "content": "\u200b\u26a1\ufe0f0day \u0432 Ivanti \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u041a\u0438\u0442\u0430\u044e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440\u044b \u0432 \u0441\u0435\u0442\u044f\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439\n\n\ud83d\udcac\u041a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Zero-Day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure (ICS). \u0410\u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u043b\u0438 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Mandiant, \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 UNC5221 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c. \u0414\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2023-46805) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2024-21887), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Ivanti Connect Secure \u0438 Policy Secure.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Volexity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 \u044d\u0442\u0443 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 UTA0178, \u0440\u0430\u043d\u0435\u0435 \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u044b, \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440\u044b \u0432 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0441\u043e\u0431\u0440\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0442\u044c \u0433\u043b\u0443\u0431\u0436\u0435 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0436\u0435\u0440\u0442\u0432.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e Ivanti, \u0430\u0442\u0430\u043a\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u043c\u0435\u043d\u0435\u0435 10 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438. \u041e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (\u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0445 ConnectAround \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041a\u0435\u0432\u0438\u043d\u043e\u043c \u0411\u044c\u044e\u043c\u043e\u043d\u0442\u043e\u043c) \u043f\u043e\u044f\u0432\u044f\u0442\u0441\u044f \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 Mandiant \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c. \u041e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u0432\u043d\u0435\u0434\u0440\u044f\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 ICS \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0442\u0430\u043a\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u043a\u0430\u043a BusyBox (\u043d\u0430\u0431\u043e\u0440 UNIX-\u0443\u0442\u0438\u043b\u0438\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438) \u0438 PySoxy (\u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 SOCKS5).\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0438\u0437-\u0437\u0430 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 Perl-\u0441\u043a\u0440\u0438\u043f\u0442 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0441\u0442\u0430\u043b\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u044b LIGHTWIRE \u0438 WIREFIRE. \u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 WARPWIRE \u043d\u0430 \u0431\u0430\u0437\u0435 JavaScript \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0431\u044d\u043a\u0434\u043e\u0440 ZIPLINE, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c/\u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c Reverse Shell, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0442\u0443\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438.\n\n\u0425\u043e\u0442\u044f UNC5221 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u043d\u0438 \u0441 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043c\u0435\u0442\u043e\u0434\u044b \u0433\u0440\u0443\u043f\u043f\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u0443\u044e \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0438 \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u043e \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432. \u0414\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c UNC5221 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440\u0430 \u0441\u0435\u0442\u0435\u0439 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-12T16:19:40.000000Z"}, {"uuid": "d6d5a27c-5b4c-4f0c-b777-8eaea0369df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6584", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aIvanti Connect Secure &  Ivanti Policy Secure allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. (RCE Exploits)\nURL\uff1ahttps://github.com/imhunterand/CVE-2024-21887\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-09T18:08:00.000000Z"}, {"uuid": "45003bce-7613-4470-b66e-6d5fbca94320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/codeby_sec/9384", "content": "\ud83c\udde8\ud83c\uddf3 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \n\n\ud83d\udc32 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Salt Typhon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b 600 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\ud83c\udf0e \u0414\u0430\u043d\u043d\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0441\u0432\u043e\u0438 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0442\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430, \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0438 \u0432\u043e\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\ud83c\udfe2 \u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 , \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u043c \u0432\u043b\u0430\u0441\u0442\u044f\u043c\u0438 13 \u0441\u0442\u0440\u0430\u043d, \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0440\u0435\u043c\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438: Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd. \u0438 Sichuan Zhixin Ruijie Network Technology Co., Ltd.\n\n\ud83d\udc69\u200d\ud83d\udcbb Salt Typhoon \u0431\u044b\u043b \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0442 Cisco ( CVE-2018-0171 , CVE-2023-20198 \u0438 CVE-2023-20273 ), Ivanti ( CVE-2023-46805 \u0438 CVE-2024-21887 ) \u0438 Palo Alto Networks ( CVE-2024-3400 ).", "creation_timestamp": "2025-09-12T15:42:01.000000Z"}, {"uuid": "c26f6b88-013c-449a-ac35-015ae906f5b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "Telegram/haAkjxuNgk5xBmTvFiRT801ERGlDk_Oz2LRf7VL3quAPKg", "content": "", "creation_timestamp": "2024-01-18T15:37:53.000000Z"}, {"uuid": "ca2f5442-776b-4903-adf7-7b5351444c6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/6864", "content": "https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/\nCVE-2023-46805 & CVE-2024-21887\n#poc", "creation_timestamp": "2024-06-08T00:15:49.000000Z"}, {"uuid": "cb67c748-b6e6-4463-9e5d-1de9532f4dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/7245", "content": "The Hacker News\nMirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery\n\nTwo recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet.\nThat's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload.\nWhile CVE-2023-46805 is an authentication bypass flaw,", "creation_timestamp": "2024-05-09T15:53:37.000000Z"}, {"uuid": "f454f79a-9fad-4c0a-a238-7a86308f7bc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/5026", "content": "The Hacker News\nResearchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws\n\nMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).\nThe clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.\nThe Google Cloud", "creation_timestamp": "2024-04-05T11:23:57.000000Z"}, {"uuid": "5253c65d-20e1-47c2-8c86-f0c7f25e25ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/arpsyndicate/2874", "content": "#ExploitObserverAlert\n\nCVE-2024-21887\n\nDESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-21887. A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.\n\nNVD-IS: 6.0\nNVD-ES: 2.3", "creation_timestamp": "2024-01-16T19:13:31.000000Z"}, {"uuid": "04a2542e-33c2-49d5-bcdd-0503fd8a28ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/nDe9IWqszS3xUEziPtsnrG0iNuY-q73SuCpBTPQD82ejAg", "content": "", "creation_timestamp": "2024-01-31T08:47:43.000000Z"}, {"uuid": "78bfc061-635a-4225-a4ab-c20ba6dc9dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "exploited", "source": "Telegram/Z7_5JgjL0XNFjOOn5GPx-WUpNmjgUytmbcC3vvsd8t0-BQ", "content": "", "creation_timestamp": "2024-01-31T19:11:04.000000Z"}, {"uuid": "2fe288d4-479a-423b-8d45-ff6d4841c8d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/1358", "content": "The Hacker News\nMirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery\n\nTwo recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet.\nThat's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload.\nWhile CVE-2023-46805 is an authentication bypass flaw,", "creation_timestamp": "2024-05-09T15:53:37.000000Z"}, {"uuid": "6074befc-c3b6-46b5-adf4-5fb3874ba0e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "exploited", "source": "https://t.me/KomunitiSiber/1423", "content": "Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation\nhttps://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html\n\nIvanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-21888\u00a0(CVSS score: 8.8) - A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows", "creation_timestamp": "2024-01-31T15:40:50.000000Z"}, {"uuid": "09a7337a-5104-4af1-a8f5-9a76e6f9dbb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1356", "content": "", "creation_timestamp": "2024-01-21T14:42:47.000000Z"}, {"uuid": "85139b1e-b941-4e1c-9cf1-69220726845c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/6604", "content": "\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Ivanti \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0438 \u0440\u043e\u0436\u0434\u0435\u0441\u0442\u0432\u0435\u043d\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0430\u0440\u043e\u0447\u043a\u0438 \u0432 \u0432\u0438\u0434\u0435 \u043d\u043e\u0432\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day, \u043d\u0430 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0443 \u043f\u043e\u0437\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Mandiant \u0438\u0437 Google Cloud.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 Ivanti \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0432 \u0435\u0435 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Connect Secure (ICS) \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - CVE-2025-0282 \u0438 CVE-2025-0283.\u00a0\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0435 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430\u00a0\u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0417\u0430\u0442\u0435\u043c Mandiant, \u043f\u0440\u0438\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u0430\u044f Ivanti \u043a \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0430\u0442\u0430\u043a, \u0432\u044b\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0431\u044b\u043b\u0430\u00a0\u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0430 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0435\u0449\u0435 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2025-0282 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u041d\u043e \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Spawn, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0431\u044b\u043b\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 UNC5337.\n\nSpawn \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a SpawnAnt, \u0442\u0443\u043d\u043d\u0435\u043b\u0435\u0440 SpawnMole \u0438 SSH-\u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c SpawnSnail.\n\n\u0412 Mandiant \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e UNC5337 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e\u00a0\u0433\u0440\u0443\u043f\u043f\u044b \u0443\u0433\u0440\u043e\u0437 UNC5221, \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Ivanti (CVE-2023-46805 \u0438 CVE-2024-21887). \u0416\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a \u0442\u043e\u0433\u0434\u0430 \u0441\u0442\u0430\u043b\u0438\u00a0MITRE\u00a0\u0438\u00a0CISA.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u043d\u043e\u0432\u044b\u043c \u043d\u0443\u043b\u0435\u043c Ivanti ICS Mandiant \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f DryHook \u0438 PhaseJam, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0449\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043d\u044b \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 \u0443\u0433\u0440\u043e\u0437.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043a\u043e\u0434\u043e\u0432 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Spawn, DryHook \u0438 PhaseJam) \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u043d\u043e \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0442\u0447\u0435\u0442\u0430 \u0442\u043e\u0447\u043d\u043e \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0447\u0438\u0441\u043b\u043e \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0443\u0433\u0440\u043e\u0437, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 CVE-2025-0282, \u0432 Mandiant \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438.\n\n\u0412 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 CVE-2025-0282, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u043b\u0438 SELinux, \u0432\u043d\u0435\u0441\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 PhaseJam - \u044d\u0442\u043e \u0434\u0440\u043e\u043f\u043f\u0435\u0440, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Ivanti Connect Secure, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u043e\u0431\u043b\u0435\u0433\u0447\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043b\u0430\u0446\u0434\u0430\u0440\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435.\n\nDryHook \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\u00a0\n\n\u0412 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e SpawnAnt, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0431\u044f \u0438 \u0441\u0432\u043e\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0434\u0435\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e PhaseJam \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u043e \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u0448\u043a\u0430\u043b\u0443 \u043f\u0440\u043e\u0433\u0440\u0435\u0441\u0441\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u0439.\n\nMandiant \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e CVE-2025-0282, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC.\u00a0\n\n\u041f\u043e\u043a\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0440\u0430\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f, Ivanti \u0432\u043d\u043e\u0432\u044c \u0443\u0441\u0435\u0440\u0434\u043d\u043e \u043f\u0438\u043b\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043b\u0438\u0448\u044c \u0434\u043b\u044f Connect Secure.\n\n\u041e\u0434\u043d\u0430\u043a\u043e Policy Secure \u0438 Neurons \u0434\u043b\u044f ZTA \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0442\u043e\u043b\u044c\u043a\u043e 21 \u044f\u043d\u0432\u0430\u0440\u044f.\u00a0", "creation_timestamp": "2025-01-09T17:46:04.000000Z"}, {"uuid": "7a1d1e23-3a0e-42fa-9aec-8447f11cc4ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/true_secator/6473", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Trend Micro \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 GhostSpider, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0441\u044f Salt Typhoon (Earth Estries, GhostEmperor \u0438\u043b\u0438 UNC2286) \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433.\n\n\u041f\u043e\u043c\u0438\u043c\u043e GhostSpider Salt Typhoon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0431\u043e\u0440 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u0441\u0442\u0440\u043e\u0433\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u044b\u0445 \u0430\u0442\u0430\u043a: SNAPPYBEE (Deed RAT), SparrowDoor, CrowDoor \u0438 MASOL RAT \u0434\u043b\u044f Linux, \u0440\u0443\u0442\u043a\u0438\u0442 DEMODEX, ShadowPad, NeoReGeorg, frpc\u00a0\u0438 Cobalt Strike.\n\nSalt Typhoon - \u044d\u0442\u043e \u0441\u043b\u043e\u0436\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 2019 \u0433\u043e\u0434\u0430 \u0438 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0438 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Verizon, AT&T, Lumen Technologies \u0438\u00a0T-Mobile.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Washington Post, Salt Typhoon \u0442\u0430\u043a\u0436\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c\u00a0\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0435\u00a0\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 150 \u0434\u043e\u043b\u0436\u043d\u043e\u0441\u0442\u043d\u044b\u0445 \u043b\u0438\u0446 \u0438\u0437 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0421\u0428\u0410 \u0438 \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043d\u044b\u0445 \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u043e\u0432.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0Trend Micro, Salt Typhoon \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u0442\u0435\u043b\u0435\u043a\u043e\u043c, \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u043e\u0432\u044b\u0435, \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0421\u0428\u0410, \u0410\u0437\u0438\u0430\u0442\u0441\u043a\u043e-\u0422\u0438\u0445\u043e\u043e\u043a\u0435\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0435, \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435, \u0432 \u042e\u0436\u043d\u043e\u0439 \u0410\u0444\u0440\u0438\u043a\u0435 \u0438 \u0434\u0440.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0434\u0432\u0430\u0434\u0446\u0430\u0442\u0438 \u0441\u043b\u0443\u0447\u0430\u0435\u0432, \u043a\u043e\u0433\u0434\u0430 Salt Typhoon \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f, \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0443\u0434\u0435\u043b\u0435\u043d\u043e \u0434\u0432\u0443\u043c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u043c: \n- \u0410\u043b\u044c\u0444\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Demodex \u0438 SnappyBee,\n- \u0411\u0435\u0442\u0430 - \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0439 \u0448\u043f\u0438\u043e\u043d\u0430\u0436 \u043f\u0440\u043e\u0442\u0438\u0432 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c GhostSpider \u0438 Demodex.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c: CVE-2023-46805, CVE-2024-21887\u00a0(VPN-\u0441\u0435\u0440\u0432\u0438\u0441 Ivanti Connect), CVE-2023-48788 (FortiClient EMS), CVE-2022-3236 (\u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440 Sophos), CVE-2021-26855, CVE-2021-26857 - 26858, CVE-2021-27065 (ProxyLogon).\n\nSalt Typhoon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b LOLbin \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, GhostSpider - \u044d\u0442\u043e \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u0437\u0430 \u0441\u0447\u0435\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041e\u043d \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 DLL \u0438 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 regsvr32.exe, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043c\u0430\u044f\u043a\u043e\u0432, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u044c.\n\nGhostSpider \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f (C2), \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 HTTP \u0438\u043b\u0438 \u0444\u0430\u0439\u043b\u0430\u0445 cookie, \u0447\u0442\u043e\u0431\u044b \u0441\u043c\u0435\u0448\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u0421\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0431\u044d\u043a\u0434\u043e\u0440\u0443 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0430\u0440\u0441\u0435\u043d\u0430\u043b Salt Typhoon \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0431\u0448\u0438\u0440\u0435\u043d \u0438 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u0443\u0435\u0442 \u0435\u0435 \u043a\u0430\u043a \u043e\u0434\u043d\u0443 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0430\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u044b\u0445 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 APT.", "creation_timestamp": "2024-11-26T13:40:05.000000Z"}, {"uuid": "bb205a8b-a33e-48c4-b19a-266f6e0c888c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "exploited", "source": "https://t.me/true_secator/5408", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Orange Cyberdefense \u043f\u043e\u0434\u0431\u0440\u043e\u0441\u0438\u043b\u0438 \u0432 \u043f\u043e\u0436\u0430\u0440 Ivanti 0-day \u043d\u043e\u0432\u044b\u0445 \u0434\u0440\u043e\u0432\u0438\u0448\u0435\u043a, \u0441\u043e\u043e\u0431\u0449\u0430\u044f \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 DSLog \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 670 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure, Policy Secure \u0438 ZTA.\n\n\u041d\u043e\u0432\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-21893, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0442\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430 PoC. \n\nCVE-2024-21893 \u0431\u044b\u043b\u0430\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 31 \u044f\u043d\u0432\u0430\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 CVE-2024-21888 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u043c\u043e\u0434\u0443\u043b\u044c SAML, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043d\u0430 \u0448\u043b\u044e\u0437\u0430\u0445 Ivanti, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0439 9.x \u0438 22.x.\n\n\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 Shadowserver Foundation\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e\u00a0\u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 170 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Rapid7 \u0438 AssetNote \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044f\u043c\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 PoC.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 Orange Cyberdefense \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u043b\u0438 \u0435\u0449\u0435 3 \u0444\u0435\u0432\u0440\u0430\u043b\u044f: \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0441 \u0446\u0435\u043b\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0418\u0437\u0443\u0447\u0430\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Invanti, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u043a\u043e\u0434\u043e\u0432\u0443\u044e \u0431\u0430\u0437\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u044b\u043b \u0432\u043d\u0435\u0434\u0440\u0435\u043d \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c DSLog.pm, \u0432\u044b\u0434\u0430\u0432\u0448\u0438\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SAML, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u0418\u043c\u043f\u043b\u0430\u043d\u0442 DSLog \u043e\u0441\u043d\u0430\u0449\u0435\u043d \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0443\u043b\u043e\u0432\u043a\u0430\u043c\u0438, \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u044e\u0449\u0438\u043c\u0438 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u043d\u0438\u0435 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0445\u0435\u0448\u0430 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0445\u0435\u0448\u0430 \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u0442\u043e\u043c\u0443 \u0436\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u0443 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0422\u043e \u0436\u0435 \u0445\u0435\u0448-\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432\u00a0\u043f\u043e\u043b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 User-Agent\u00a0\u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0435 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443, \u0447\u0442\u043e\u0431\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u043c\u043e\u0433\u043b\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c \u00abcdi\u00bb. \u0420\u0430\u0441\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n\u0412\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430 \u043d\u0435 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0441\u0442\u0430\u0442\u0443\u0441/\u043a\u043e\u0434 \u043f\u0440\u0438 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0441\u0432\u044f\u0437\u0430\u0442\u044c\u0441\u044f \u0441 \u043d\u0435\u0439, \u0447\u0442\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0435\u0433\u043e \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u044c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0442\u0438\u0440\u0430\u043b\u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u00ab.access\u00bb \u043d\u0430 \u00ab\u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445\u00bb \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u0441\u043a\u0440\u044b\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u043b\u0435\u0434\u044b.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0442\u044c \u043d\u0430 3 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u043e\u043a\u043e\u043b\u043e 700 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Ivanti, \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u044f \u0434\u0440\u0443\u0433\u0438\u0435 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b, \u043e\u0434\u043d\u0430\u043a\u043e \u043a 7 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u044d\u0442\u043e \u0447\u0438\u0441\u043b\u043e \u0443\u043f\u0430\u043b\u043e \u0434\u043e 524.\n\n\u0412 \u0441\u0432\u0435\u0442\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Ivanti\u00a0\u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u043c\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0442\u0430\u043a\u0436\u0435 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.", "creation_timestamp": "2024-02-13T16:41:48.000000Z"}, {"uuid": "caf340ce-c67d-46cc-bff5-1a425f7bab9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://t.me/true_secator/5361", "content": "\u0421\u043e \u0441\u043a\u0440\u0438\u043f\u043e\u043c \u0437\u0430\u043f\u0438\u043b\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day \u0441 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435\u043c \u0432\u0441\u0435\u0445 \u0441\u0440\u043e\u043a\u043e\u0432, Ivanti \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u0442 \u0434\u0432\u0435 \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Connect Secure \u0438 Policy Secure VPN \u0438 Ivanti Neurons for ZTA, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0430\u043a\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 Ivanti \u043e \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u0445, \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c CVE-2023-46805 \u0438 CVE-2024-21887, \u0432\u044b\u0448\u043b\u043e \u0440\u043e\u0432\u043d\u043e \u0442\u043e\u0433\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0437\u0430\u043f\u043e\u0437\u0434\u0430\u043b\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0432 \u043e\u0431\u0438\u0445\u043e\u0434\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f.\n\nShadowserver\u00a0\u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044f\u043c Ivanti VPN \u0438 \u0442\u043e\u043b\u044c\u043a\u043e 30 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e\u00a0\u0431\u043e\u043b\u0435\u0435 460 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\nMandiant\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u044f\u0442\u044c \u0448\u0442\u0430\u043c\u043c\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0445\u043e\u0434\u0435 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u043a\u0440\u0430\u0436\u0443 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0443 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Volexity \u0438 GreyNoise \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u044b XMRig \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Rust \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0436\u0435\u0440\u0442\u0432.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0432\u043d\u043e\u0432\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u0430\u044f CVE-2024-21893 (CVSS 8,2 \u0438\u0437 10) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 SAML \u0448\u043b\u044e\u0437\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-21888 \u0441 CVSS 8,8/10) \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0448\u043b\u044e\u0437\u043e\u0432 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432. \u041d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u2014 \u0432\u0435\u0440\u0441\u0438\u044e 9.x \u0438 22.x.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 (CVE-2024-21893) \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.\n\nIvanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043e\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 ZTA \u0438 Connect Secure, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e\u00a0\u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u0441\u0435 \u043e\u0436\u0438\u0434\u0430\u044e\u0449\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2024-02-01T11:24:46.000000Z"}, {"uuid": "966be5af-769d-4cfa-b91a-dc0f49eea52e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-08)", "content": "", "creation_timestamp": "2026-01-08T00:00:00.000000Z"}, {"uuid": "fd0f00b5-3850-439a-84fd-553b3eece404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-09)", "content": "", "creation_timestamp": "2026-01-09T00:00:00.000000Z"}, {"uuid": "a0fcd9d6-4d06-4c26-9637-d221a5ec2937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-18)", "content": "", "creation_timestamp": "2026-01-18T00:00:00.000000Z"}, {"uuid": "b96cd574-26f7-448f-82bd-989d76c351b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "a0a29d7c-5327-410a-8045-28350a24bcfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "4d5f2179-7fe3-49e8-8a94-6dcaa74e1c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mk7dets32j2t", "content": "", "creation_timestamp": "2026-04-24T01:03:36.770812Z"}, {"uuid": "4ac95f1d-3cda-4525-b9bc-027c20b7752b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mk7desyqjx2q", "content": "", "creation_timestamp": "2026-04-24T01:03:35.958608Z"}, {"uuid": "fa44b034-c8d5-443f-9cc6-17c7a944d4e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-12)", "content": "", "creation_timestamp": "2026-02-12T00:00:00.000000Z"}, {"uuid": "29f196a1-1488-42bb-9fe3-b6e0e59882ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-27)", "content": "", "creation_timestamp": "2026-02-27T00:00:00.000000Z"}, {"uuid": "23530191-2d14-42f2-b493-d98b9fcf2f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-06)", "content": "", "creation_timestamp": "2026-03-06T00:00:00.000000Z"}, {"uuid": "8b88840a-1ee5-46f5-8d5d-46f826399def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-09)", "content": "", "creation_timestamp": "2026-03-09T00:00:00.000000Z"}, {"uuid": "4ceb2471-8edb-4ffd-80d9-d9a671cdd1db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-05)", "content": "", "creation_timestamp": "2026-03-05T00:00:00.000000Z"}, {"uuid": "f5344105-926f-48d1-9e47-d6b4f92810c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-19)", "content": "", "creation_timestamp": "2026-02-19T00:00:00.000000Z"}, {"uuid": "ebaad815-f5e4-488c-9038-40f8dde73602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-20)", "content": "", "creation_timestamp": "2026-02-20T00:00:00.000000Z"}, {"uuid": "c624abb2-8e15-45f4-96d9-8cc649a2762c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "7927ae0a-1e67-4abc-bbfd-85814dadabde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-14)", "content": "", "creation_timestamp": "2026-03-14T00:00:00.000000Z"}, {"uuid": "7f88d735-dcdc-4840-adda-77908a38d00a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "d188fd6a-4846-406f-80af-57d8f01b0097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/11268897-8798-4ec2-bcac-b23fe0715823", "content": "", "creation_timestamp": "2025-03-11T20:37:58.600981Z"}, {"uuid": "b0669145-312a-4071-bbfc-68b94d6e6df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "MISP/f3b16ca9-f749-4169-9a68-b159e6aaf5ed", "content": "", "creation_timestamp": "2026-04-08T07:25:52.000000Z"}, {"uuid": "6a068aea-ca19-45ea-b8c1-9847cffcf0ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-", "content": "", "creation_timestamp": "2026-04-07T04:00:00.000000Z"}, {"uuid": "7e3ae2f3-e5c2-4eee-930f-8335054de8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "3a214f1b-0629-4706-bc65-1d487e83c556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "76eb9bdc-8849-4f73-867c-a96ddb96d665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-17)", "content": "", "creation_timestamp": "2026-04-17T00:00:00.000000Z"}, {"uuid": "ce7b6a3b-99a2-46a2-85c9-7158e29331ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-21)", "content": "", "creation_timestamp": "2026-04-21T00:00:00.000000Z"}, {"uuid": "c1ed81c4-b466-44f2-883b-14c09fe40c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/HackingInsights/175", "content": "\u200aMirai Botnet Exploits Ivanti Vulnerabilities (CVE-2023-46805 & CVE-2024-21887)\n\nhttps://securityonline.info/mirai-botnet-exploits-ivanti-vulnerabilities-cve-2023-46805-cve-2024-21887/", "creation_timestamp": "2024-05-08T11:26:00.000000Z"}, {"uuid": "e6162fcc-4dd7-4712-b970-4d02fa0d2095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10832", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA Python script for examining Ivanti Secure Connect (ICS) event logs, designed to support investigations into vulnerabilities CVE-2025-0282, CVE-2023-46805, and CVE-2024-21887.\nURL\uff1ahttps://github.com/Hexastrike/Ivanti-Secure-Connect-Logs-Parser\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-01-19T09:05:47.000000Z"}, {"uuid": "233119d9-0380-430a-8bea-fd47364c5035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6446", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aHere is a script to check vulns CVE-2023-46805 and CVE-2024-21887\nURL\uff1ahttps://github.com/TheRedDevil1/Check-Vulns-Script\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-17T10:32:51.000000Z"}, {"uuid": "e8d0a500-166c-417a-ad66-d900054cd12f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/itsec_news/4028", "content": "\u200b\u26a1\ufe0f\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0435\u043b\u044c\u0437\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c: \u041a\u0438\u0442\u0430\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 0day \u0432 VPN Ivanti \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0437\u0430 \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u043e\u043c\n\n\u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Censys \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e, \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 (VPN) \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Ivanti, \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Censys, \u0438\u0437 26 \u0442\u044b\u0441\u044f\u0447 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443, 492 VPN Ivanti \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u043c\u0438\u0440\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0421\u0428\u0410 (121 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e), \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044e (26), \u042e\u0436\u043d\u0443\u044e \u041a\u043e\u0440\u0435\u044e (24) \u0438 \u041a\u0438\u0442\u0430\u0439 (21). \u041d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0435 Microsoft (13), \u0437\u0430 \u043d\u0438\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b Amazon (12) \u0438 Comcast (10).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Censys \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Ivanti Connect Secure \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 412 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432 \u0441 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c, \u0430 \u0442\u0430\u043a\u0436\u0435 22 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438\u043b\u0438 \u043d\u0430 \u043e\u0434\u043d\u043e\u0433\u043e, \u043c\u0435\u043d\u044f\u044e\u0449\u0435\u0433\u043e \u0441\u0432\u043e\u0438 \u0442\u0430\u043a\u0442\u0438\u043a\u0438.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (zero-day) \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 (9.x, 22.x):\n\nCVE-2023-46805 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.2): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u2013 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u043c\u0438\u043d\u0443\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438;\n\nCVE-2024-21887 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.1): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u2013 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0445\u0430\u043a\u0435\u0440\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u043f\u043e \u0441\u0435\u0442\u0438. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u043e\u0434\u0445\u043e\u0434 Living off the Land (LotL), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c \u041f\u041e \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438, \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Censys, \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044e\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0446\u0435\u043b\u044f\u043c\u0438 \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430. \u042d\u0442\u0430 \u0442\u0435\u043e\u0440\u0438\u044f \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u0435\u0442 \u0441 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c\u0438 \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 Volexity \u0438 Mandiant. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Volexity \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u0433\u0440\u043e\u0437\u0430 \u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u00ab\u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u00bb UTA0178. Mandiant, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0443 \u0433\u0440\u0443\u043f\u043f\u0443 \u043a\u0430\u043a UNC5221, \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043c\u0435\u0442\u043e\u0434\u044b \u0433\u0440\u0443\u043f\u043f\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0443\u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 (Advanced Persistent Threat, APT).\n\n\u0412\u0441\u0435 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. Ivanti \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041f\u043e\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u043b\u0438, CISA \u0438 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Ivanti \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0441\u0438\u0441\u0442\u0435\u043c. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e: \u043f\u0435\u0440\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c 22 \u044f\u043d\u0432\u0430\u0440\u044f, \u0430 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u2014 19 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u0432\u0437\u043b\u043e\u043c\u044b \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c 11 \u044f\u043d\u0432\u0430\u0440\u044f, \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Ivanti \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041e\u0448\u0438\u0431\u043a\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u044b \u0438\u0437-\u0437\u0430 \u0438\u0445 \u0432\u043b\u0438\u044f\u043d\u0438\u044f, \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u043c\u0435\u0442\u043e\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u0445 Volexity \u0438 Mandiant. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0432\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043e\u043b\u0436\u043d\u044b \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f VPN.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-25T10:23:27.000000Z"}, {"uuid": "1a954024-e64d-43ca-a5f3-87917a67e6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6558", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21893 to CVE-2024-21887 Exploit Toolkit\nURL\uff1ahttps://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-03T11:36:50.000000Z"}, {"uuid": "9afe0044-abfc-4122-9fb1-f299ac8c857f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/itsec_news/4068", "content": "\u200b\u26a1\ufe0f\u0423 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432 \u0421\u0428\u0410 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0441\u0435 \u043c\u0435\u043d\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti\n\n\ud83d\udcac \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e \u043e\u0442 \u0432\u0441\u0435\u0445 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432 \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0438\u0437-\u0437\u0430 \u0442\u0440\u0435\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u0434\u0432\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, CVE-2023-46805 (\u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438) \u0438 CVE-2024-21887 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434), \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0441 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0434\u043b\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u2014 CVE-2024-21893. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0448\u043b\u044e\u0437\u0430\u0445 Ivanti Connect Secure \u0438 Ivanti Policy Secure.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041f\u041e, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u044d\u0442\u0438\u043c \u0443\u0433\u0440\u043e\u0437\u0430\u043c. Ivanti \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043b\u044c\u0437\u044f \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u043f\u0440\u044f\u043c\u043e \u0441\u0435\u0439\u0447\u0430\u0441.\n\n\u041a\u0440\u0430\u0439\u043d\u0438\u043c \u0441\u0440\u043e\u043a\u043e\u043c \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0447\u044c \u043f\u044f\u0442\u043d\u0438\u0446\u044b, 2 \u0444\u0435\u0432\u0440\u0430\u043b\u044f. \u0417\u0430\u0442\u0435\u043c \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c \u043f\u043e\u0438\u0441\u043a \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u043a \u0441\u0435\u0442\u0438, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u043d\u0443\u0436\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0440\u044f\u0434 \u043c\u0435\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043a \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f, \u0437\u0430\u043d\u043e\u0432\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0440\u0430\u043d\u0435\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043e\u0437\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u043a\u043b\u044e\u0447\u0438 \u0438 \u043f\u0430\u0440\u043e\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan, \u0441\u0435\u0439\u0447\u0430\u0441 \u0431\u043e\u043b\u0435\u0435 22 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Shadowserver \u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0441\u043e\u0442\u043d\u0438 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0438\u0445 \u0432\u0437\u043b\u043e\u043c\u0430 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u043f\u0430\u0441\u0430\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u043e\u0433\u043b\u0438 \u0442\u0430\u0439\u043d\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u0421\u0428\u0410 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u043d\u0435\u0434\u0435\u043b\u044c \u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u0430 \u044d\u0442\u043e \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0432\u043e\u043f\u0440\u043e\u0441 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u00ab\u042d\u0442\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u0438\u043b\u0435, \u043f\u043e\u043a\u0430 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e CISA \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 Ivanti, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0432\u0441\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0435. \u0414\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0442\u043c\u0435\u043d\u0435\u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c\u00bb, \u2014 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 CISA.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-02T10:08:27.000000Z"}, {"uuid": "c2ac8d3f-cdd3-4466-bfa8-4a6e0a444bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/itsec_news/4122", "content": "\u200b\u26a1\ufe0f1200 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 5000 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: Ivanti, \u043f\u043e\u0440\u0430 \u043d\u0430 \u043f\u0435\u043d\u0441\u0438\u044e\n\n\ud83d\udcac \u041d\u0435\u0434\u0430\u0432\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pulse Secure \u043e\u0442 Ivanti \u043f\u0440\u043e\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u0435\u0442 \u043d\u0430 \u0433\u043b\u0443\u0431\u043e\u043a\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0430\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Eclypsium \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0432\u0441\u044e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0440\u0435\u0432\u0435\u0440\u0441-\u0438\u043d\u0436\u0438\u043d\u0438\u0440\u0438\u043d\u0433 \u0434\u043b\u044f \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 9.1.18.2-24467.1, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Pulse Secure. \u0411\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 CentOS 6.4, \u0431\u0430\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0430 Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 11 \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434 \u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0451\u0445 \u043b\u0435\u0442.\n\n\u041f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043a \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432\u044b\u0437\u0432\u0430\u043d\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u043e\u043c \u0447\u0438\u0441\u043b\u0430 \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Ivanti, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Connect Secure, Policy Secure \u0438 ZTA-\u0448\u043b\u044e\u0437\u044b. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0447\u0442\u043e \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0421\u0440\u0435\u0434\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u044b CVE-2023-46805 , CVE-2024-21887 \u0438 CVE-2024-21893 . \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e, Ivanti \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-22024 , \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c.\n\n\u041e\u0442\u0447\u0451\u0442 Eclypsium \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pulse Secure, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044e Perl, \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0432\u0448\u0443\u044e\u0441\u044f \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 23 \u043b\u0435\u0442, \u0438 \u0432\u0435\u0440\u0441\u0438\u044e \u044f\u0434\u0440\u0430 Linux, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u043b\u0430\u0441\u044c \u0432 2016 \u0433\u043e\u0434\u0443. \u0422\u0430\u043a\u0438\u0435 \u043d\u0430\u0445\u043e\u0434\u043a\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442 \u0440\u0438\u0441\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u044b\u044f\u0432\u0438\u043b \u0431\u043e\u043b\u0435\u0435 1200 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0441\u0432\u044b\u0448\u0435 5000 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Python, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0430 \u0433\u043b\u0443\u0431\u043e\u043a\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 133 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430, \u0447\u0442\u043e \u0443\u0441\u0443\u0433\u0443\u0431\u043b\u044f\u0435\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e \u0435\u0449\u0451 \u0431\u043e\u043b\u044c\u0448\u0435.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u0443\u0434\u0435\u043b\u0435\u043d\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e Ivanti. \u042d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0439, \u0447\u0442\u043e \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u00ab\u043b\u043e\u0436\u043d\u043e\u0435 \u0447\u0443\u0432\u0441\u0442\u0432\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00bb.\n\n\u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u044d\u0442\u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0439 Eclypsium \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u0431\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Eclypsium \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0438 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u044b\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u0443\u044e \u0438 \u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u0434\u0430\u0432\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u043c \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c.\n\n\u00ab\u0427\u0435\u043c \u0431\u043e\u043b\u0435\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0431\u0443\u0434\u0435\u0442 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0442\u0435\u043c \u043b\u0443\u0447\u0448\u0435 \u043c\u044b \u0441\u043c\u043e\u0436\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a\u00bb, \u2014 \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-19T11:52:46.000000Z"}, {"uuid": "df269311-ff82-42f3-98f4-ba57149881f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_Watch_insider/361", "content": "https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", "creation_timestamp": "2024-01-31T10:02:56.000000Z"}, {"uuid": "ae97e8b2-46a9-42b7-9cd5-c35e29375db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3671", "content": "\u0418\u0441\u0442\u043e\u0440\u0438\u044f \u043e \u0431\u0430\u0433\u0430\u0445 \u0438 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0444\u0438\u043a\u0441 \u043e\u0434\u043d\u0438\u0445 \u0431\u0430\u0433\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043d\u043e\u0432\u044b\u0435 \u0431\u0430\u0433\u0438 \ud83d\ude02\n\n\u041c\u043d\u043e\u0433\u043e \u0432\u0438\u0434\u0435\u043b \u043f\u043e\u0441\u0442\u043e\u0432 \u043f\u0440\u043e \u0441\u0443\u043f\u0435\u0440\u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e \u0432\u0443\u043b\u043d\u0443 \u0432 Ivanti. \u0412 \u0446\u0435\u043b\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0445\u0443\u0448\u043a\u0430 \u0430\u0439\u0441\u0431\u0435\u0440\u0433\u0430.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0435\u0448\u0438\u043b \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e PoC, \u043d\u043e \u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u043e\u043c \u043e\u0442 AttackerKB (\u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0438 metasploit). \u041e\u043d\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u0438 \u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043e\u0431\u044a\u044f\u0441\u043d\u0438, \u043a\u0430\u043a \u043d\u0430\u0448\u043b\u0438 \u0438 \u043a\u0430\u043a \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0437\u043b\u043e\u043f\u043e\u043b\u0443\u0447\u043d\u0430\u044f SSRF \u0432 Ivanti Connect Secure, Ivanti Policy Secure, Ivanti Neurons for ZTA.\n\n\u041d\u043e \u043d\u0430\u0447\u043d\u0435\u043c \u043c\u044b \u043d\u0435 \u0441 CVE-2024-21893, \u0430 \u0441\u0434\u0435\u043b\u0430\u0435\u043c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0448\u0430\u0433\u043e\u0432 \u043d\u0430\u0437\u0430\u0434)\n\n0\ufe0f\u20e3 \u0418\u0441\u0442\u043e\u0440\u0438\u044f \u0441 Ivanti \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0441 CVE-2023-46805, \u044d\u0442\u043e \u0431\u044b\u043b authentication bypass. \u0418\u043c\u043f\u0430\u043a\u0442 \u043e\u0447\u0435\u0432\u0438\u0434\u0435\u043d, \u043d\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043d\u0430 \u044d\u0442\u043e\u043c \u043d\u0435 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044c.\n\n1\ufe0f\u20e3 \u0414\u0430\u043b\u0435\u0435 \u043e\u043d\u0438 \u043d\u0430\u0448\u043b\u0438 command injection CVE-2024-21887. \u042d\u0442\u043e \u0431\u044b\u043b\u043e \u0432\u043a\u0443\u0441\u043d\u0435\u0435, \u043a \u0442\u043e\u043c\u0443 \u0436\u0435 \u0447\u0435\u0439\u043d\u0438\u043b\u043e\u0441\u044c \u0441 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0443\u043b\u043d\u043e\u0439 \u043d\u0430 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0427\u0442\u043e \u0432\u044b\u043b\u0438\u043b\u043e\u0441\u044c \u0432 unauthenticated RCE.\n\n2\ufe0f\u20e3 Ivanti \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u044d\u0442\u0438 \u0434\u0432\u0435 CVE. \u041d\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0435\u0449\u0451 \u043d\u0435 \u0432\u044b\u0448\u0435\u043b.\n\n3\ufe0f\u20e3 \u0417\u0430\u0442\u0435\u043c \u0432\u044b\u0448\u0435\u043b \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 1 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u043d\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0443\u0441\u043f\u0435\u043b\u0438 \u043d\u0430\u0439\u0442\u0438 \u0442\u0443 \u0441\u0430\u043c\u0443\u044e SSRF CVE-2024-21893 \u043d\u0430 \u0434\u0435\u043d\u044c \u0440\u0430\u043d\u044c\u0448\u0435, \u0442\u043e \u0431\u0438\u0448\u044c 31 \u044f\u043d\u0432\u0430\u0440\u044f). \u0414\u0430\u043d\u043d\u0430\u044f SSRF \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0430\u0442\u0447 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 CVE (CVE-2023-46805 & CVE-2024-21887). \n\n\u0415\u0441\u0442\u044c \u043b\u0438 \u0432 \u0438\u0442\u043e\u0433\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435?\n\u0414\u0430, \u043a\u043e\u043d\u0435\u0447\u043d\u043e. \u0412 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 22.5R2.2, \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u0442\u044c\u0438, \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b. \u041d\u043e \u0435\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 Ivanti Connect Secure 22.3R1 \u0438\u043b\u0438 \u0441\u0442\u0430\u0440\u0448\u0435, \u0442\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 ASAP.\n\n\u27a1\ufe0f \u0410 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0445\u043e\u0447\u0435\u0442 \u0435\u0449\u0451 \u0433\u043b\u0443\u0431\u0436\u0435 \u043f\u043e\u0433\u0440\u0443\u0437\u0438\u0442\u0441\u044f \u0432 \u044d\u0442\u043e\u043c, \u0441\u043e\u0432\u0435\u0442\u0443\u044e \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0440\u0435\u0441\u0435\u0440\u0447.\n\n\u0418\u0442\u043e\u0433 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u043e\u0447\u0435\u0432\u0438\u0434\u0435\u043d. \u0424\u0438\u043a\u0441\u044f \u043e\u0434\u043d\u0438 \u0431\u0430\u0433\u0438, \u0441\u043e\u0437\u0434\u0430\u0435\u043c \u0434\u0440\u0443\u0433\u0438\u0435)\n\ud83e\udd7a Stay secure!\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-02-09T07:02:51.000000Z"}, {"uuid": "37e7ffbf-943c-4cf9-87ba-0299b3dbd3ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/true_secator/7103", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 2024 \u0433\u043e\u0434\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0438\u0445 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043c\u043d\u043e\u0433\u0438\u0435 CWE \u0438\u0437 TOP 10 \u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Microsoft \u0438 \u044f\u0434\u0440\u0430 Linux \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043b\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0430\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0447\u0430\u0441\u0442\u043e \u043a \u00ab\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e\u00bb \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0442\u0430\u043a \u0434\u043b\u044f Linux \u043d\u0430 Windows \u0438 \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0430\u0449\u0435 \u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2018-0802, CVE-2017-11882 (\u043e\u0431\u0435 RCE \u0432 Equation Editor), CVE-2017-0199 (Microsoft Office \u0438 WordPad).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 2024 \u0433\u043e\u0434\u0430, \u0438 \u043c\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 WinRAR \u0438 \u0432 \u0441\u0430\u043c\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (WinRAR), CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0ks.sys) \u0438 CVE-2022-3699 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Lenovo Diagnostics).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2022-0847 (Dirty Pipe), CVE-2019-13272 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-3156 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435\u00a0sudo).\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u0430\u043a \u0441\u0430\u043c\u043e\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043b\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c - \u044d\u0442\u0430 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft Office.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 APT, \u0432 \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430: CVE-2025-0282, CVE-2024-21887 \u0438 CVE-2025-0283 (Ivanti Connect Secure), CVE-2020-1472 (Netlogon Windows), CVE-2023-46805 (Ivanti ICS), CVE-2023-48788 (Fortinet) \u0438 \u0434\u0440.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0432 TOP 10 \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438: \n\n- ZDI-CAN-25373: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 lnk-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 Windows;\n\n- CVE-2025-21333: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 vkrnlintvsp.sys;\n\n- CVE-2025-24071: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 NetNTLM-\u0445\u044d\u0448\u0430 \u0432 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-04T18:00:07.000000Z"}, {"uuid": "09d06615-16a4-416a-9c66-92c47990efad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/YD6mpe3TwIj5mekCtHmupokYwnKq56rX_43Fm9Af1mnNIg", "content": "", "creation_timestamp": "2024-05-09T15:53:36.000000Z"}, {"uuid": "cb6e05e5-3d67-4e3e-99c6-fd1b2dabf399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "Telegram/jA85BvIBDxOmpmiwAwY4MdJUsCl-3c7Ri4DgFzNBqTeVNg", "content": "", "creation_timestamp": "2024-02-25T16:59:19.000000Z"}, {"uuid": "d13c401c-5678-49ad-a05f-5c7ad653ed33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "published-proof-of-concept", "source": "Telegram/DK4zpnt2hY9_uaXvFlL8qKzoZITEe3zVAwuxple3iLHOBQ", "content": "", "creation_timestamp": "2024-01-15T20:33:19.000000Z"}, {"uuid": "06d9981a-8cdc-4bfe-be8b-16bc9b24f605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "Telegram/9Ua6neMVoMO2WjRB4-v1ZrEEi3AN2FVVatnipDBB0n9bcQ", "content": "", "creation_timestamp": "2024-04-05T11:22:50.000000Z"}, {"uuid": "428251bd-7c4e-484a-ae97-4ca270758fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21885", "type": "seen", "source": "https://t.me/arpsyndicate/3440", "content": "#ExploitObserverAlert\n\nZDI-24-120\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to ZDI-24-120. X.Org Server XISendDeviceHierarchyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-21885.", "creation_timestamp": "2024-02-11T16:27:18.000000Z"}, {"uuid": "2bd19593-28f7-4b9d-a72a-3052ec0800c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21886", "type": "seen", "source": "https://t.me/arpsyndicate/3395", "content": "#ExploitObserverAlert\n\nZDI-24-119\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to ZDI-24-119. X.Org Server DisableDevice Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-21886.", "creation_timestamp": "2024-02-11T13:54:58.000000Z"}, {"uuid": "bffae14f-db3c-43de-8900-1a1a96c36b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/arpsyndicate/3959", "content": "#ExploitObserverAlert\n\nPSS-177229\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177229. Ivanti Connect Secure Unauthenticated Remote Code Execution. This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x are vulnerable, prior to the vendor patch released on Feb 1, 2024. It is unknown if unsupported versions 8.x and below are also vulnerable.", "creation_timestamp": "2024-02-22T10:00:45.000000Z"}, {"uuid": "51d54c17-7b2b-449f-a76c-08b019a81424", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/arpsyndicate/2807", "content": "#ExploitObserverAlert\n\nCVE-2024-21887\n\nDESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-21887. A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.\n\nNVD-IS: 6.0\nNVD-ES: 2.3", "creation_timestamp": "2024-01-15T20:29:22.000000Z"}, {"uuid": "2f1da2c9-8773-4f14-b93a-fb311b706e45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/939", "content": "The Hacker News\nResearchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws\n\nMultiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).\nThe clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.\nThe Google Cloud", "creation_timestamp": "2024-04-05T11:23:57.000000Z"}, {"uuid": "73d25507-9066-4fad-96bf-d693c655ed01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/6912", "content": "\u041d\u043e\u0432\u0430\u044f \u043a\u043e\u0440\u0438\u0447\u043d\u0435\u0432\u0430\u044f \u043f\u043e\u043b\u043e\u0441\u0430 \u0432 \u0436\u0438\u0437\u043d\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Ivanti \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e Connect Secure, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u044b \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430.\n\nCVE-2025-22457 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u0442\u0435\u043a\u0430 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 Pulse Connect Secure 9.1x (\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0437\u0430\u043a\u043e\u043d\u0447\u0438\u043b\u0430\u0441\u044c \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435), Ivanti Connect Secure 22.7R2.5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, Policy Secure \u0438 Neurons \u0434\u043b\u044f \u0448\u043b\u044e\u0437\u043e\u0432 ZTA.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Ivanti, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0432 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u041e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 11 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2025 \u0433\u043e\u0434\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Ivanti Connect Secure 22.7R2.6.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c \u043a\u0430\u043a \u043d\u0435\u043f\u0440\u0438\u0433\u043e\u0434\u043d\u0430\u044f \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043d\u0435 \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0430\u044f \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043a \u0443\u0434\u0438\u0432\u043b\u0435\u043d\u0438\u044e Ivanti \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432, \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0448\u043b\u044e\u0437\u043e\u0432 ZTA \u0438 Ivanti Policy Secure \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0438 \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043a 19 \u0438 21 \u0430\u043f\u0440\u0435\u043b\u044f \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043d\u043e Ivanti \u0437\u0430\u0432\u0435\u0440\u044f\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u00ab\u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb \u0448\u043b\u044e\u0437\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 Ivanti \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f \u043d\u0430 ICT \u0438 \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c\u0438 \u0441\u0431\u043e\u044f\u043c\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0415\u0441\u043b\u0438 \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0438\u0445 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.6.\n\n\u041f\u043e\u043a\u0430 \u0432 Ivanti \u043e\u0442\u043c\u0430\u043b\u0447\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Mandiant \u0438 Google Threat Intelligence Group (GTIG) \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a (UNC5221) \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u044b \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430.\n\nUNC5221 \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 0-day \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 2023 \u0433\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti \u0438 NetScaler.\n\n\u0421\u043e\u0432\u0441\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 CVE-2025-0282, \u0435\u0449\u0435 \u043e\u0434\u043d\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 Ivanti Connect Secure \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Dryhook \u0438 Phasejam \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 VPN.\n\n\u0413\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043b\u0430 \u0434\u0432\u0435 0-day Connect Secure \u0438 Policy Secure (CVE-2023-46805 \u0438 CVE-2024-21887) \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 ICS VPN \u0438 IPS network access control (NAC). \u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u0441\u0442\u0430\u043b\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u044f MITRE.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Volexity, \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 UNC5221\u00a0\u0432\u0437\u043b\u043e\u043c\u0430\u043b \u0431\u043e\u043b\u0435\u0435 2100 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti,\u00a0\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432\u0435\u0431-\u0448\u0435\u043b\u043b  GIFTEDVISITOR, \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0438\u0445 \u0434\u0432\u0435 0-day.\n\n\u0412 \u043d\u043e\u0432\u044b\u0445 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0434\u0432\u0443\u0445 \u043d\u043e\u0432\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e: \u0434\u0440\u043e\u043f\u043f\u0435\u0440\u0430 TRAILBLAZE, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u0438 \u043f\u0430\u0441\u0441\u0438\u0432\u043d\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 BRUSHFIRE.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439  \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e SPAWN, \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u043c\u043e\u0439 UNC5221.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0437\u0443\u0447\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 ICS 22.7R2.6, \u043e\u0442\u044b\u0441\u043a\u0430\u0432 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 22.7R2.5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0442\u0430\u043a\u0438\u043c\u0438 \u0442\u0435\u043c\u043f\u0430\u043c\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434\u044b \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u043a\u043e\u0440\u043e \u043d\u0430\u0437\u0440\u0435\u044e\u0442.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0437\u043e\u043d \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Ivanti, \u043c\u043e\u0436\u043d\u043e \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, - \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f.", "creation_timestamp": "2025-04-04T15:00:48.000000Z"}, {"uuid": "2c98281e-92c5-47bf-85cf-31243813e6e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/5280", "content": "\u041c\u043e\u0436\u043d\u043e \u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043d\u0430 \u0442\u0440\u0438 \u0432\u0435\u0449\u0438:\u00a0\u043a\u0430\u043a \u0433\u043e\u0440\u0438\u0442 \u043e\u0433\u043e\u043d\u044c, \u043a\u0430\u043a \u0442\u0435\u0447\u0435\u0442 \u0432\u043e\u0434\u0430 \u0438 \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u0443\u044e\u0442 \u043d\u043e\u0432\u044b\u0435 0-day \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Ivanti.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0434\u0432\u0443\u0445 0-day \u0432 Connect Secure (ICS) \u0438 Policy Secure, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0448\u043b\u044e\u0437\u0430\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Mandiant \u0438 Volexity.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2023-46805 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0432\u0435\u0431-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0448\u043b\u044e\u0437\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043f\u0443\u0442\u0435\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-21887, - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b.\n\n\u041f\u0440\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0438 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441 22 \u044f\u043d\u0432\u0430\u0440\u044f, \u0430 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f - \u0441 19 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f 0-day \u043c\u043e\u0436\u043d\u043e\u00a0\u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c,\u00a0\u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0432\u00a0\u0444\u0430\u0439\u043b mitigation.release.20240107.1.xml, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u00a0\u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442\u0430\u043b Ivanti.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043e\u0431\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0410\u0420\u0422-\u0430\u0442\u0430\u043a\u0430\u0445, \u0447\u0442\u043e \u0435\u0449\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u00a0Volexity, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 10 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445.\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0432 \u043a\u0440\u0443\u0433\u0430\u0445 \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430 \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442 \u0442\u0430\u043a\u0436\u0435\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 MFA \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f RCE, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043a\u0440\u0438\u0442\u0438\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043a\u0440\u044b\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u043f\u043b\u0430\u0442\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c.\n\n\u0412\u043e\u043e\u0431\u0449\u0435, \u0435\u0441\u043b\u0438 \u0432\u0435\u0440\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u043c Shodan, \u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0441\u0435\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0431\u043e\u043b\u0435\u0435 15 000 \u0448\u043b\u044e\u0437\u043e\u0432 Connect Secure (ICS) \u0438 Policy Secure.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043d\u043e\u0432\u0430\u044f 3567-\u0430\u044f \u0441\u0435\u0440\u0438\u044f \u043e\u0441\u0442\u0440\u043e\u0441\u044e\u0436\u0435\u0442\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Ivanti 0-day \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0443\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-01-11T12:00:07.000000Z"}, {"uuid": "02708d3f-96bd-4bb2-80a0-1060a2df306a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/true_secator/5508", "content": "\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0442\u044c \u043e\u0431 \u0443\u0433\u0440\u043e\u0437\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 Ivanti, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0441\u0430\u043c\u0430 \u0431\u044b\u043b\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0443\u044e \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, CISA \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c (\u043a\u0430\u043a\u0438\u0445 \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0435 \u043f\u043e\u043d\u044f\u0442\u043d\u043e), \u0434\u0430\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u0422\u0430\u043a\u0436\u0435 CISA \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u043b\u0430\u0441\u044c \u043e\u0442 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u043e\u0433\u043e, \u043a\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u043e\u044f\u0442\u044c \u0437\u0430 \u044d\u0442\u0438\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u043c \u0438 \u0431\u044b\u043b\u0438 \u043b\u0438 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u044b \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u041d\u043e \u0437\u043d\u0430\u043a\u043e\u043c\u044b\u0435 \u0441 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043a\u0430\u0437\u0430\u043b\u0438, \u0447\u0442\u043e \u0441\u0440\u0435\u0434\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u044b\u043b \u0448\u043b\u044e\u0437 \u0437\u0430\u0449\u0438\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b (IP Gateway) \u0438 \u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (CSAT).\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432 CSAT \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u0430\u044f \u0438 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0438\u0444\u043d\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0421\u0428\u0410, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 Top Screen \u0434\u043b\u044f \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430, \u043f\u043b\u0430\u043d\u044b \u0438 \u043e\u0446\u0435\u043d\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432.\n\nCISA \u043e\u043f\u0440\u043e\u0432\u0435\u0440\u0433\u043b\u0430 \u0441\u043b\u0443\u0445\u0438, \u043d\u043e \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0435\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043a\u043e\u043d\u0441\u0443\u043b\u044c\u0442\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043e\u0442 29 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0449\u0435\u0435 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0448\u043b\u044e\u0437\u0430\u0445 Ivanti Connect Secure \u0438 Ivanti Policy Secure CVE-2023-46805, CVE-2024-21887 \u0438 CVE-2024-21893.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0434\u0435\u043b\u0430\u044f \u0430\u043a\u0446\u0435\u043d\u0442 \u043d\u0430 \u0442\u043e\u043c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u043e\u0431\u0445\u043e\u0434\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Ivanti \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438.\n\n\u0421\u044e\u0436\u0435\u0442 \u043d\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0437\u043e\u043d\u0430 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Ivanti 0 day \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0443\u0434\u0438\u0432\u043b\u044f\u0442\u044c, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u0436\u0435\u0439.\n\n\u041d\u043e \u043a\u043e\u043d\u0446\u043e\u0432\u043a\u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0438 \u043d\u0435 \u043f\u0440\u0435\u0434\u0432\u0438\u0434\u0438\u0442\u0441\u044f.", "creation_timestamp": "2024-03-11T18:50:05.000000Z"}, {"uuid": "ef4b16ea-ef67-488c-ab0b-d87f9b1b7a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/5289", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0441 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0432\u0443\u0445 0-day (CVE-2023-46805 \u0438 CVE-2024-21887) \u0432 VPN-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure (ICS).\n\n\u041f\u0440\u0438\u0432\u043b\u0435\u0447\u0435\u043d\u043d\u044b\u0435 Ivanti \u043a \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Mandiant \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0437\u0430 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u043a\u0430 \u0435\u0449\u0435 \u043d\u0435\u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0410\u0420\u0422 (\u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 Volexity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 UTA0178 \u043a \u041a\u041d\u0420), \u043f\u0440\u0435\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f \u0446\u0435\u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u0442\u0435\u043f\u0435\u0440\u044c \u043a\u0430\u043a UNC5221.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Mandiant, UNC5221 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 \u043f\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0441\u0440\u0435\u0434\u0443 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445: ThinSpool, LightWire, WireFire, WarpWire \u0438 ZipLine, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 Mandiant, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 Ivanti \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0434\u0435\u043b\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f, UNC5221 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 Perl (sessionserver.pl) \u0434\u043b\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0447\u0442\u0435\u043d\u0438\u044f/\u0437\u0430\u043f\u0438\u0441\u0438 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f THINSPOOL.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, ThinSpool \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a \u043a\u043b\u044e\u0447\u0435\u0432\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u044f\u0432\u043b\u044f\u044f\u0441\u044c \u0442\u0430\u043a\u0436\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0440\u043e\u043f\u043f\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 LightWire.\n\n\u0412\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 LightWire \u0438 WireFire \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u043b\u0438 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c CS. \u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043f\u0435\u0440\u0432\u0430\u044f \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0430 \u043d\u0430 Perl CGI, \u0434\u0440\u0443\u0433\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 Python.\n\n\u041f\u0430\u0441\u0441\u0438\u0432\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 ZIPLINE \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c/\u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0442\u0443\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u0435\u043b\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 WarpWire Javascript \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u044b\u0432\u0430\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c \u0434\u043b\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u043f\u0443\u0442\u0435\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430.\n\n\u041a\u0430\u0441\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442, \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0432\u0448\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ConnectAround, \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0436\u0435\u0440\u0442\u0432, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0431\u0443\u0434\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0443 \u043c\u043d\u043e\u0433\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0442\u0430\u043a\u0438\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u0412 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 \u044d\u0442\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u044b\u0441\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Rapid7, \u0441\u0441\u044b\u043b\u0430\u044f\u0441\u044c \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 7000\u00a0\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a (\u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u0421\u0428\u0410, \u042f\u043f\u043e\u043d\u0438\u0438 \u0438 \u0415\u0432\u0440\u043e\u043f\u0435).", "creation_timestamp": "2024-01-12T17:51:58.000000Z"}, {"uuid": "398cf1c5-af91-4c27-a349-1ac372294ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/5297", "content": "\u041a\u0430\u043a \u0438 \u043e\u0431\u0435\u0449\u0430\u043b\u0438, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u043c\u043d\u043e\u0433\u043e\u0441\u0435\u0440\u0438\u0439\u043d\u043e\u0439 \u0441\u0430\u0433\u0438 Ivanti \u043d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0431\u0435\u0437 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0433\u043e epic fail.\n\n\u0414\u0432\u0435 0-day \u0432 Connect Secure VPN \u0438 Policy Secure Network Access Control (NAC) \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Volexity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f  \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e 0-day \u0435\u0449\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435.\n\n\u0423\u0436\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0430\u043a\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u0438\u0441\u043f\u043e\u0441\u043e\u0431\u0438\u043b\u0438\u0441\u044c \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2023-46805 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2024-21887 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u043d\u0441\u043f\u0438\u0440\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 11 \u044f\u043d\u0432\u0430\u0440\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0436\u0435\u0440\u0442\u0432\u044b \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u044b \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443 \u0438 \u0441\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0443: \u043e\u0442 \u043c\u0430\u043b\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0434\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432 \u043c\u0438\u0440\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u043e\u0442\u0440\u0430\u0441\u043b\u044f\u0445.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 GIFTEDVISITOR, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 14 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Volexity \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 1700 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 ICS VPN, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u043d\u0435\u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u043c\u0443 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044e.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u0432\u043e\u0448\u043b\u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u044f\u0434\u0447\u0438\u043a\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0438 \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0438 \u0438\u043d\u0436\u0438\u043d\u0438\u0440\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u0444\u0438\u0440\u043c\u044b.\n\n\u0410 Ivanti \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u0434\u0432\u0443\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 0-day, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043b\u0438\u0448\u044c\u00a0\u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0440\u0438\u0441\u043a\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 Ivanti.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Shadowserver \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 16 800 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ICS VPN (\u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan - \u0431\u043e\u043b\u0435\u0435 15 000), \u0438\u0437 \u043d\u0438\u0445 \u0434\u043e 5 000\u00a0\u0432 \u0421\u0428\u0410.\n\n\u0422\u0430\u043a \u0447\u0442\u043e to be continued.", "creation_timestamp": "2024-01-16T16:05:06.000000Z"}, {"uuid": "8e13149d-25a1-43e7-af5d-d35d97dbcf06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2188", "type": "seen", "source": "https://t.me/ctinow/200270", "content": "https://ift.tt/ilC2wMq\nCVE-2024-2188", "creation_timestamp": "2024-03-05T14:32:13.000000Z"}, {"uuid": "6e265802-b3da-42db-9dd1-01b8e76c84ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2188", "type": "seen", "source": "https://t.me/ctinow/200268", "content": "https://ift.tt/ilC2wMq\nCVE-2024-2188", "creation_timestamp": "2024-03-05T14:26:18.000000Z"}, {"uuid": "6fe667f5-6aa6-4b82-887a-a6f281b9e669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21886", "type": "seen", "source": "https://t.me/ctinow/195492", "content": "https://ift.tt/Kwg27zu\nCVE-2024-21886", "creation_timestamp": "2024-02-28T14:33:59.000000Z"}, {"uuid": "49a514d8-a7f6-427a-ab37-6318b8a342b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21885", "type": "seen", "source": "https://t.me/ctinow/195491", "content": "https://ift.tt/VSC6Zwe\nCVE-2024-21885", "creation_timestamp": "2024-02-28T14:33:58.000000Z"}, {"uuid": "1777d500-208f-4ae8-8748-4cfbaf9aa7f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://t.me/ctinow/177016", "content": "https://ift.tt/JirPhuq\nCVE-2024-21888", "creation_timestamp": "2024-01-31T19:31:42.000000Z"}, {"uuid": "9abb49db-9a1b-428f-beb3-139ec57d3ce6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/ctinow/167440", "content": "https://ift.tt/FYUzkfJ\nCVE-2024-21887", "creation_timestamp": "2024-01-12T18:52:11.000000Z"}, {"uuid": "5d69806f-df9d-41e4-898d-b2ffa5e805dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/ctinow/166520", "content": "https://ift.tt/9MXxJi7\nIvanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)", "creation_timestamp": "2024-01-11T14:02:15.000000Z"}, {"uuid": "0ab8f6d8-326a-4eed-8e1b-be3c4c573bd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21886", "type": "seen", "source": "https://t.me/ctinow/169578", "content": "https://ift.tt/W4ChMLy\nCVE-2024-21886", "creation_timestamp": "2024-01-18T05:46:39.000000Z"}, {"uuid": "926c3f24-a645-41c7-a4f7-7d8fbbd26425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/5378", "content": "\u041d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0438 \u043d\u0435\u0434\u0435\u043b\u0438, \u0430 \u0443\u0436\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 Ivanti 0-day \u043d\u0430\u0447\u0430\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u044f \u0441\u0443\u0434\u044c\u0431\u0443 \u0438\u0445 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u0435\u0434\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u043e \u043d\u043e\u0432\u043e\u0439 SSRF-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-21893, \u0432 Ivanti Connect Secure \u0438 Ivanti Policy Secure \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 31 \u044f\u043d\u0432\u0430\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432 CVE-2023-46805 \u0438 CVE-2024-21887 \u043e\u0442 10 \u044f\u043d\u0432\u0430\u0440\u044f.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-21893 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 (\u0432\u0435\u0440\u0441\u0438\u0438 9.x \u0438 22.x).\n\nShadowserver \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 SSRF, \u0441\u043e 170 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043e\u0431\u044a\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0443 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 Ivanti, \u0447\u0442\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c 2 \u0444\u0435\u0432\u0440\u0430\u043b\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430,\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Rapid7.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0438\u043c\u0435\u0435\u0442\u0441\u044f \u043f\u043e\u0447\u0442\u0438 22 500 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti Connect Secure (\u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c ShadowServer), \u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0435\u0449\u0435 \u0434\u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f PoC \u043f\u0440\u0438\u0434\u0443\u043c\u0430\u043b\u0438, \u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2024-21893 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c Ivanti, \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u044b \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0431\u0443\u0434\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u0437\u0440\u0430\u0441\u0442\u0430\u0442\u044c.\n\n\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 0-day \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043c\u0435\u0440 \u043f\u043e \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u00a0\u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Ivanti Connect Secure \u0438 Policy Secure VPN.\n\n\u041a \u0441\u0435\u0442\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0441\u0431\u0440\u043e\u0448\u0435\u043d\u044b \u0434\u043e \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.", "creation_timestamp": "2024-02-06T09:26:46.000000Z"}, {"uuid": "2f54d3e1-6797-4462-8793-55474a3f4d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/true_secator/5313", "content": "\u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0447\u0438\u0441\u043b\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Ivanti Connect Secure VPN, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 0-day (CVE-2023-46805 \u0438 CVE-2024-21887), \u043d\u0435\u0443\u043a\u043b\u043e\u043d\u043d\u043e \u0440\u0430\u0441\u0442\u0435\u0442, \u0441\u043f\u0438\u0441\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0433\u043e\u0440\u0435-\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u043c\u0435\u043d\u044c\u0448\u0435 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e\u043f\u0430\u043b\u0430 \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f CVE-2023-35082, \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f Ivanti Endpoint Manager Mobile (EPMM), \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435.\n\nCVE-2023-35082 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2023 \u0433\u043e\u0434\u0430 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2023-35078, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 EPMM, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a 0-day \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u041d\u043e\u0440\u0432\u0435\u0433\u0438\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439 CISA \u0434\u0430\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 CVE-2023-35082\u00a0\u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-01-19T16:44:06.000000Z"}, {"uuid": "8301a36e-96d7-486f-8213-5ee547337f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/true_secator/5661", "content": "\u0413\u0435\u0440\u043e\u0435\u043c \u043d\u043e\u0432\u043e\u0439 \u0441\u0435\u0440\u0438\u0438 Ivanti Zero-Days \u0432\u0441\u043b\u0435\u0434 \u0437\u0430 CISA \u0441\u0442\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 - MITRE, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u0440\u0430\u043f\u043e\u0440\u0442\u043e\u0432\u0430\u0442\u044c \u043e \u043a\u0438\u0431\u0435\u0440\u0438\u043d\u0446\u0438\u0434\u043b\u0435\u043d\u0442\u0435.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0435\u0435 \u0441\u0435\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a NERVE \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044f\u043d\u0432\u0430\u0440\u044f \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u0430\u044f APT \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043d\u0443\u043b\u044f\u043c \u0432 Ivanti, \u043d\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0441\u0440\u0435\u0434\u0443 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 MITRE NERVE \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043e\u043a \u0438 \u043f\u0440\u043e\u0442\u043e\u0442\u0438\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f MITRE \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ivanti Connect Secure VPN \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0443\u043b\u044f\u043c\u0438 \u0432 Ivanti \u0438 \u043e\u0431\u043e\u0448\u043b\u0438 \u0435\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043c\u043d\u043e\u0433\u043e\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0441\u0435\u0430\u043d\u0441\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0433\u043b\u0443\u0431\u043e\u043a\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043b\u0438 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 VMware \u0441\u0435\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0410 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432.\n\nCVE-2023-46805 \u0438 CVE-2024-21887 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u043b\u0438\u0441\u044c \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 0-day \u0438 10 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f Volexity \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0438\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0422\u043e\u0433\u0434\u0430 Ivanti \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0431\u0435\u0441\u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043b\u0438\u0448\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u0442\u0440\u0438 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0437\u0430\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0439 Ivanti \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043b\u0430\u0433 \u0431\u044b\u043b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u043b\u0435\u0439. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438 MITRE \u043f\u043e\u043f\u0430\u043b\u0430 \u043f\u043e\u0434 \u0440\u0430\u0437\u0434\u0430\u0447\u0443.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 MITRE \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432, \u0447\u0442\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-04-22T15:14:32.000000Z"}, {"uuid": "d998c36a-9187-4f83-a70e-f03be80ad405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21886", "type": "seen", "source": "https://t.me/ctinow/195477", "content": "https://ift.tt/Kwg27zu\nCVE-2024-21886", "creation_timestamp": "2024-02-28T14:27:09.000000Z"}, {"uuid": "d4036e7d-de56-4d17-b976-d3681997187e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21885", "type": "seen", "source": "https://t.me/ctinow/195476", "content": "https://ift.tt/VSC6Zwe\nCVE-2024-21885", "creation_timestamp": "2024-02-28T14:27:08.000000Z"}, {"uuid": "e772f530-679a-4e5e-914d-e48b07623fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21888", "type": "seen", "source": "https://t.me/ctinow/190920", "content": "https://ift.tt/7tuNbyS\nCVE-2024-21888 | Ivanti Connect Secure/Policy Secure up to 9.1R18/22.6R2 Privilege Escalation", "creation_timestamp": "2024-02-22T16:51:24.000000Z"}, {"uuid": "1a80a68f-2f39-487e-8612-3c5a08cd01e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/ctinow/168805", "content": "https://ift.tt/GSyHmkD\nScans for Ivanti Connect \"Secure\" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887), (Tue, Jan 16th)", "creation_timestamp": "2024-01-16T14:06:58.000000Z"}, {"uuid": "ac53fc4c-b1b5-4ec3-9f21-03bc5123a16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "exploited", "source": "https://t.me/ctinow/166485", "content": "https://ift.tt/9MXxJi7\nIvanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887) - Help Net Security", "creation_timestamp": "2024-01-11T12:56:43.000000Z"}, {"uuid": "75156e8a-295a-4445-9ad7-2ead6ab2fbea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/ctinow/166498", "content": "https://ift.tt/xvRCmwp\nCVE-2024-21887 Exploitation", "creation_timestamp": "2024-01-11T13:32:04.000000Z"}, {"uuid": "28745bba-ca6a-4df0-a5f8-3f03d17510ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/ctinow/166895", "content": "https://ift.tt/dXEv1ug\nDual Zero-Day Threats in Ivanti Connect Secure and Policy Secure Gateways \u2013 CVE-2023-46805 and CVE-2024-21887\u00a0", "creation_timestamp": "2024-01-11T23:07:06.000000Z"}, {"uuid": "f48dc2d3-7401-426d-a5ae-e4027b6c7393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21887", "type": "seen", "source": "https://t.me/ctinow/166194", "content": "https://ift.tt/SfpBv1C\nCVE-2024-21887 | Ivanti Connect Secure/Policy Secure Web command injection", "creation_timestamp": "2024-01-10T23:16:37.000000Z"}]}