{"vulnerability": "CVE-2024-37079", "sightings": [{"uuid": "28cc44f1-dd11-4ea8-8250-c4edf999a578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/27/cve-2024-37079-vmware-vcenter-server-integer-underflow-code-execution-vulnerability", "content": "", "creation_timestamp": "2024-08-28T15:00:00.000000Z"}, {"uuid": "465cb2ec-ed8f-401a-9ffa-72689e7015a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkdtpilizh2p", "content": "", "creation_timestamp": "2025-03-14T14:40:20.182444Z"}, {"uuid": "64ddec90-7b40-491a-a0fd-a61bb7b2e645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://thehackernews.com/2026/01/cisa-adds-actively-exploited-vmware.html", "content": "", "creation_timestamp": "2026-01-24T07:09:00.000000Z"}, {"uuid": "8a0755c8-d621-4e24-99c5-faef9564cdd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3md66adkk462l", "content": "", "creation_timestamp": "2026-01-24T12:02:35.506369Z"}, {"uuid": "cde8c78e-015f-4018-84d5-8134c79573a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3md6driinwve2", "content": "", "creation_timestamp": "2026-01-24T13:42:09.746017Z"}, {"uuid": "80a724e4-38cd-439b-ad4f-92b8de5dc1c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/115950766092948088", "content": "", "creation_timestamp": "2026-01-24T15:24:41.875083Z"}, {"uuid": "feb9ab2e-d975-4935-a5f8-beaad329f733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3md6jjzaegk2c", "content": "", "creation_timestamp": "2026-01-24T15:24:52.551432Z"}, {"uuid": "270576fd-29b1-4b11-b0a5-047edcbe3541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3md6oz77w7623", "content": "", "creation_timestamp": "2026-01-24T17:02:49.732146Z"}, {"uuid": "0638e797-e3da-45f3-91e1-87634cfc3e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/rankednews.bsky.social/post/3md6scfacrm2i", "content": "", "creation_timestamp": "2026-01-24T18:01:39.259603Z"}, {"uuid": "08129eb0-c9cc-438d-8331-51e157ebef89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3md74goylav2i", "content": "", "creation_timestamp": "2026-01-24T21:03:01.996986Z"}, {"uuid": "b58945eb-19b8-4fea-b777-f14734479107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3mdinq5zk7s2c", "content": "", "creation_timestamp": "2026-01-28T16:06:36.129671Z"}, {"uuid": "c7554c81-756c-420b-8b78-81417db22b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5cbefa20-48a2-4797-8c11-9803a3a7b937", "content": "", "creation_timestamp": "2026-02-02T12:25:42.315545Z"}, {"uuid": "f360a767-1033-4290-975e-b78d9662db75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1313", "content": "", "creation_timestamp": "2024-06-19T04:00:00.000000Z"}, {"uuid": "c597af50-bcb2-4ce8-a104-9a20375f28d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5cbefa20-48a2-4797-8c11-9803a3a7b937", "content": "", "creation_timestamp": "2026-02-02T12:25:42.315545Z"}, {"uuid": "868300b7-f645-4754-82d0-d37f1d1fd20f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7548", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-37079\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.\n\ud83d\udccf Published: 2024-06-18T05:43:06.619Z\n\ud83d\udccf Modified: 2025-03-14T13:36:56.241Z\n\ud83d\udd17 References:\n1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453", "creation_timestamp": "2025-03-14T13:47:13.000000Z"}, {"uuid": "3e79b274-9fea-4f21-bbff-aabb826dbf2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/itsec_news/4525", "content": "\u200b\u26a1\ufe0fCheck Point \u0438 Veeam \u043d\u0435 \u0443\u0441\u0442\u043e\u044f\u043b\u0438: \u043e\u0431\u0437\u043e\u0440 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u0438\u044e\u043d\u044c\n\n\ud83d\udcac\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Positive Technologies \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u043f\u0438\u0441\u043e\u043a \u0434\u0435\u0432\u044f\u0442\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft, VMware, Linux, VPN-\u0448\u043b\u044e\u0437\u0435 \u043e\u0442 Check Point Software Technologies \u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Veeam Backup Enterprise Manager. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u0438\u044f \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440.\n\n\u0422\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u0442\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \u0414\u043b\u044f \u0438\u0445 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432: \u0431\u0430\u0437\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438, \u0431\u043b\u043e\u0433\u0438 \u0438 \u0442\u0435\u043b\u0435\u0433\u0440\u0430\u043c-\u043a\u0430\u043d\u0430\u043b\u044b, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 Windows. \u041e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u043e\u043a\u043e\u043b\u043e \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n1. CVE-2024-26229: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Client-Side Caching (CSC) Windows. \u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043a\u0443\u0447\u0435 (\u043e\u0442\u043d\u0435\u0441\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-122 ). ). \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f CSC. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n2. CVE-2024-26169: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 (Windows Error Reporting). \u041e\u043d\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a Windows \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-269 . \u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0438\u0437\u043c\u0435\u043d\u044f\u0435\u0442, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0438\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0438\u0437-\u0437\u0430 \u0447\u0435\u0433\u043e \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n3. CVE-2024-30088: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0434\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b NtQueryInformationToken. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043d\u0430\u0434 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,0.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: CVE-2024-26229 , CVE-2024-26169 , CVE-2024-30088 .\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Linux \u0438 VMware\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u044f\u0434\u0440\u0435 Linux, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u0442\u043e\u0440\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n4. CVE-2024-1086: \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 netfilter \u044f\u0434\u0440\u0430 Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 kernel.org .\nVMware \u0442\u0430\u043a\u0436\u0435 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c.\n\n5 \u0438 6. CVE-2024-37080 \u0438 CVE-2024-37079: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware vCenter, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 VMware vCenter \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438. \u042d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u044b \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440 DCE (RPC). CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 9,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 VMware.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0435 Check Point\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0430\u0445 Check Point Software Technologies.\n\n7. CVE-2024-4577: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 Apache \u0438 PHP CGI \u0432 Windows. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 (remote code execution, RCE) \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043d\u0435\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-07-11T09:12:24.000000Z"}, {"uuid": "783b1c74-fc71-42a0-93f6-cfe03a7aed0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/itsec_news/4734", "content": "\u200b\u26a1\ufe0fCVE-2024-38812: \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0432\u0430\u0448\u0435\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Broadcom \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware vCenter Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2024-38812 , \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 DCE/RPC.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 vCenter.\n\n\u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441\u0445\u043e\u0436 \u0441 \u0434\u0432\u0443\u043c\u044f \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u2014 CVE-2024-37079 \u0438 CVE-2024-37080, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430. \u041e\u0446\u0435\u043d\u043a\u0430 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9.8 \u043f\u043e CVSS.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 CVE-2024-38813 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 7.5, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root. \u0410\u0442\u0430\u043a\u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u043f\u0440\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b TZL \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u0440\u0435\u0432\u043d\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Matrix Cup, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0432 \u041a\u0438\u0442\u0430\u0435 \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439:\n\nvCenter Server 8.0 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 8.0 U3b);\nvCenter Server 7.0 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.0 U3s);\nVMware Cloud Foundation 5.x (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0438 8.0 U3b);\nVMware Cloud Foundation 4.x (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.0 U3s).\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Broadcom \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043b\u0443\u0436\u0431 VMware vCenter.\n\n\u042d\u0442\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0441\u043e\u0432\u043f\u0430\u043b\u0438 \u0441 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043e\u0442 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 (CISA) \u0438 \u0424\u0411\u0420. \u0412 \u043d\u0451\u043c \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 cross-site scripting (XSS), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-09-19T13:23:48.000000Z"}, {"uuid": "231d11b3-7300-4845-8d92-2513943e5905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/kasperskyb2b/1308", "content": "\ud83d\udd14 \u0422\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 VMWare: \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0439\u0442\u0435 \u043f\u0430\u0442\u0447\u0438\n\n\u041d\u043e\u0432\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c VMWare VMSA-2024-0012 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 vCenter Server (CVE-2024-37079 \u0438  -37080, CVSS 9.8), \u0438 \u043e\u0434\u0438\u043d \u0434\u0435\u0444\u0435\u043a\u0442 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root \u0432 vCenter Server (CVE-2024-37081, CVSS 7.8). \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043f\u043b\u0430\u043d\u043e\u0432\u043e, \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0432 FAQ.  \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u043d\u0443\u0436\u043d\u043e \u0438 VMware Cloud Foundation, \u0430 \u0432\u043e\u0442 \u0445\u043e\u0441\u0442\u044b ESXi \u0442\u0440\u043e\u0433\u0430\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f.\n\u041d\u043e \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u043e\u043f\u044b\u0442\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 vCenter, \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043d\u0430\u0434\u043e\u043b\u0433\u043e \u043d\u0435\u043b\u044c\u0437\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-06-19T16:47:35.000000Z"}, {"uuid": "adc7749b-664f-4bdc-bdff-107b069ba603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/8239", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-21T02:31:47.000000Z"}, {"uuid": "969bd046-e664-4752-8430-ec5e474ed732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/4053", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:39:20.000000Z"}, {"uuid": "a2ece705-0b05-4375-ba6c-8a4db26780d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/HackingInsights/2896", "content": "\u200aCVE-2024-37079, CVE-2024-37080: Critical VMware vCenter Server Vulnerabilities Demand Immediate Action\n\nhttps://securityonline.info/cve-2024-37079-cve-2024-37080-critical-vmware-vcenter-server-vulnerabilities-demand-immediate-action/", "creation_timestamp": "2024-06-18T20:43:17.000000Z"}, {"uuid": "fc217235-4e5d-46f9-96a8-1d05d891b055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1123", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:35:41.000000Z"}, {"uuid": "f4a8a98d-d43c-4bb1-be1f-d6ee5e12b84d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/KomunitiSiber/2122", "content": "VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi\nhttps://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html\n\nVMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could", "creation_timestamp": "2024-06-18T11:00:18.000000Z"}, {"uuid": "05a718d2-9e11-4202-a655-b905f3d2d3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/GrayHatsHack/8037", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\nThey could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-25T10:24:26.000000Z"}, {"uuid": "17e4effb-f223-4a61-bc90-8f1c744dd510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/MrVGunz/1189", "content": "\u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062d\u06cc\u0627\u062a\u06cc \u062f\u0631 VMware vCenter Server \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u062e\u06cc\u0631 \u0642\u0627\u0628\u0644 \u0628\u0631\u0637\u0631\u0641\u06cc \u0647\u0633\u062a\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0634\u0627\u0645\u0644 heap overflow \u0648 privilege escalation \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-37079\u060c CVE-2024-37080 \u0648 CVE-2024-37081 \u0647\u0633\u062a\u0646\u062f \u0648 \u0646\u0645\u0631\u0647 CVSSv3 \u0622\u0646\u200c\u0647\u0627 \u0628\u06cc\u0646 7.8 \u062a\u0627 9.8 \u0627\u0633\u062a. \u0628\u0631\u0627\u06cc \u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0648 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0644\u0627\u0632\u0645\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0647 \u0644\u06cc\u0646\u06a9 \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83d\udd17 \u0644\u06cc\u0646\u06a9 \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\n\nA series of critical vulnerabilities has been identified in VMware vCenter Server, which can be mitigated by installing recent security updates. These vulnerabilities include heap overflow and privilege escalation identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, with CVSSv3 scores ranging from 7.8 to 9.8. For more details and to install the necessary updates, please visit the following link:\n\n\ud83d\udd17 Link to More Information", "creation_timestamp": "2024-07-03T08:32:23.000000Z"}, {"uuid": "cc061b0a-416d-42cb-af35-31f05c4a1113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6146", "content": "\u0412\u043a\u0440\u0430\u0442\u0446\u0435 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6386 (CVSS: 9,9) \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WPML \u0434\u0435\u043b\u0430\u0435\u0442 \u0441\u0430\u0439\u0442\u044b WordPress \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0434\u043e 4.6.13, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 20 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2024 \u0433\u043e\u0434\u0430.\n\nWPML - \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043c\u043d\u043e\u0433\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress c \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Stealthcopter \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u043c \u043a\u043e\u0440\u043e\u0442\u043a\u0438\u0445 \u043a\u043e\u0434\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0432\u0441\u0442\u0430\u0432\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u043f\u043e\u0441\u0442\u043e\u0432: \u0430\u0443\u0434\u0438\u043e, \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u0438\u0434\u0435\u043e.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u044f Contributor \u0438 \u0432\u044b\u0448\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438\u00a0\u043d\u0430\u0448\u043b\u0438\u00a0\u0441\u043f\u043e\u0441\u043e\u0431 \u0434\u0430\u043c\u043f\u0430 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u0438\u043b\u0438 Fuse Key0) \u0434\u043b\u044f Intel SGX.\n\n\u041c\u0435\u0442\u043e\u0434 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0435\u0440\u0438\u044f\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432,\u00a0\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0436\u0435 \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0430. \n\n\u042d\u0442\u043e\u0442 \u043a\u043b\u044e\u0447 \u0442\u0435\u043f\u0435\u0440\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430 SGX \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043a\u043b\u044e\u0447\u0435\u0439 Intel - \u0438\u043b\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u043d\u0443\u0442\u0440\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0432 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0435 Intel. \u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0441 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0447\u0438\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u0431\u0443\u0444\u0435\u0440, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0432\u0441\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f FK0.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041c\u0430\u0440\u043a\u0443\u0441 \u0425\u0430\u0442\u0447\u0438\u043d\u0441 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0441\u0442\u0430\u0442\u044c\u044e\u00a0\u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 CVE-2024-38063 (CVSS 9,8), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u0448\u0435\u043b \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 PoC (\u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442) \u043d\u0435\u0442, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u044d\u0442\u043e\u0433\u043e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 DoS.\n\nMobile Security Framework (MobSF) \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 \u0434\u043b\u044f \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0438\u043d\u0433\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0442\u0430\u043a ZIP Slip \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 MobSF.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438 \u043f\u0440\u043e\u0441\u0442\u0430 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\nRedTeam Pentensting \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e CVE-2024-43425 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c Moodle.\n\n\u0421\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC \u0434\u043b\u044f CVE-2024-38856, RCE \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Apache OFBiz, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439\u00a0\u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0431\u0430\u0437\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a CISA KEV.\n\nMicrosoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0438\u043c\u0432\u043e\u043b\u044b ASCII \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438\u0437 Copilot AI.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 Trend Micro \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 CVE-2024-37079 \u0432 VMware vCenter Server, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043f\u0440\u0438\u0447\u0438\u043d\u0443 \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044f, \u043a\u0430\u043a \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f RCE.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u043d\u0438 \u043e\u0434\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u0430.", "creation_timestamp": "2024-08-29T14:20:05.000000Z"}, {"uuid": "796815ec-1cf6-4486-be31-08e502865dfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6164", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043d\u0430 3 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.\n\n\u0414\u0432\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u0422\u0435\u043b\u044c-\u0410\u0432\u0438\u0432\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b Windows Kerberos. PoC\u00a0\u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442\u0441\u044f.\n\nZDI \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 CVE-2024-37079, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 VMWare vCenter, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0438\u044e\u043d\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439, \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 DCERPC \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u044b.\n\nPatchstack \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Wishlist \u0434\u043b\u044f WooCommerce, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u043d\u0430\u00a0100 000 \u0441\u0430\u0439\u0442\u0430\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043a\u0430\u043a Hypr, \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u00a0\u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-20017, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 MediaTek WLAN, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 2024.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0414\u0438\u0432\u044c\u044f\u043d\u0448\u0443 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29360 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043f\u043e\u0442\u043e\u043a\u043e\u0432\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041c\u0438\u0445\u0430\u0438\u043b \u0416\u043c\u0430\u0439\u043b\u043e \u0438\u0437 CICADA8 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 Microsoft MSI.\n\nMicrosoft \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u043d\u0443\u043b\u0435\u0439 \u0432 Chrome \u0438 Windows, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0435\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430. \n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Chrome \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u0432 Windows - \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0440\u0443\u0442\u043a\u0438\u0442\u0430 FudModule.\n\n\u041e\u0431\u0435 0-day \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u0432\u044f\u0437\u0430\u043b\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u0441 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 APT, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043a\u0430\u043a Citrine Sleet.", "creation_timestamp": "2024-09-03T18:37:14.000000Z"}, {"uuid": "da9d7d7b-1775-4e74-bd44-ef0c673c818c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "exploited", "source": "https://t.me/true_secator/5960", "content": "\u0421\u043b\u0435\u0434\u0443\u044f \u0432\u044b\u0448\u0435\u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0443\u043c\u043e\u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u043c \u0413\u0440\u0438\u0431\u043e\u0432, \u041f\u043e\u0437\u0438\u0442\u0438\u0432\u044b \u043f\u0440\u043e\u0448\u0435\u0440\u0441\u0442\u0438\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0441\u0435\u0442\u0435\u0439, \u0431\u043b\u043e\u0433\u043e\u0432, \u0422\u0413-\u043a\u0430\u043d\u0430\u043b\u043e\u0432, \u0431\u0430\u0437 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u043a\u043e\u0434\u0430, \u0432\u044b\u0434\u0435\u043b\u0438\u0432 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u044e\u043d\u044f.\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u044d\u0442\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0438\u0431\u043e \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043b\u0438\u0431\u043e \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u2014 \u0434\u0435\u0432\u044f\u0442\u044c:\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439: \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 CSC (CVE-2024-26229), \u0441\u043b\u0443\u0436\u0431\u0435 Error Reporting (CVE-2024-26169) \u0438 \u044f\u0434\u0440\u0435 \u041e\u0421 (CVE-2024-30088);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u043c \u044f\u0437\u044b\u043a\u0435 PHP \u043d\u0430 \u0443\u0437\u043b\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows (CVE-2024-4577);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0432 \u044f\u0434\u0440\u0435 Linux (CVE-2024-1086);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432 Check Point Quantum Security Gateways (CVE-2024-24919);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VMware vCenter, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 (CVE-2024-37079, CVE-2024-37080);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Veeam Backup & Replication, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024-29849).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043f\u043e \u043a\u0430\u0436\u0434\u043e\u0439 \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432, \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 - \u0432 \u0431\u043b\u043e\u0433\u0435\u00a0Positive Technologies.", "creation_timestamp": "2024-07-11T18:50:01.000000Z"}, {"uuid": "9ecc32c0-52ff-49ca-b04d-27c12f0ea15c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/thehackernews/5132", "content": "VMware has released patches for Cloud Foundation, vCenter Server, and vSphere ESXi to fix critical flaws that could allow RCE and privilege escalation. \n \nLearn more about CVE-2024-37079, CVE-2024-37080 & CVE-2024-37081\u2014and secure your infrastructure now. \n \nhttps://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html", "creation_timestamp": "2024-06-18T10:56:22.000000Z"}, {"uuid": "c60236ba-b911-4d32-af1b-e0ed3d277b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10710", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T19:11:41.000000Z"}, {"uuid": "a9539c8e-fc36-436f-b28b-1893d63f3801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/115966848915496422", "content": "", "creation_timestamp": "2026-01-27T11:34:46.288098Z"}, {"uuid": "04ab0310-4671-4e8e-860c-cf6cf058cbca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3mdfo3qybm22r", "content": "", "creation_timestamp": "2026-01-27T11:35:00.329247Z"}, {"uuid": "68852731-6b40-4d40-a334-754e64e71e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mdh3i3ewu22r", "content": "", "creation_timestamp": "2026-01-28T01:07:15.327435Z"}, {"uuid": "f320d905-4271-4db4-bfdf-b25c337e6e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/5922987", "content": "", "creation_timestamp": "2026-03-04T01:43:11.681738Z"}, {"uuid": "fbe8484e-6f12-422f-8e28-6fa2b1d00e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3meuja7mg622w", "content": "", "creation_timestamp": "2026-02-15T02:43:09.549031Z"}, {"uuid": "eb3ce9e8-c6c3-49b5-b88b-2f142b8b1b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "cve-2024-37079", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116129911417527349", "content": "", "creation_timestamp": "2026-02-25T06:43:43.076761Z"}, {"uuid": "5865ef97-051b-41bf-89d3-01f898904459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7715", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-37079 Vcenter server unauthenticated RCE.\nURL\uff1ahttps://github.com/v3rce/CVE-2024-37079-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-20T01:11:29.000000Z"}, {"uuid": "4e5c0d47-07c4-4d3b-ae17-9a12f2b034bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "exploited", "source": "Telegram/H87yTBCUb93IWJHi3j-rkiwIaQJ9ZGb6Ef7qsdfRiN7bOA", "content": "", "creation_timestamp": "2026-01-25T20:01:54.000000Z"}, {"uuid": "0c0a51b2-5cf6-4c7f-b0bb-3dd7d4226c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/ics_cert/857", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0627\u062c\u0631\u0627\u06cc \u067e\u0631\u0648\u062a\u06a9\u0644 DCERPC \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u0645\u062c\u0627\u0632\u06cc VMware vCenter Server \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0633\u0631\u0631\u06cc\u0632 \u0628\u0627\u0641\u0631 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u067e\u0634\u062a\u0647 \u0627\u0633\u062a. \n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u0628\u0633\u062a\u0647 \u0634\u0628\u06a9\u0647 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2024-04649\nCVE-2024-37079\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\n\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062a\u0648\u0627\u0646\u0627\u06cc\u06cc \u0627\u062a\u0635\u0627\u0644 \u0628\u0647 vCenter \u0628\u0627 \u0645\u0639\u0631\u0641\u06cc \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0644\u06cc\u0633\u062a \u0633\u0641\u06cc\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 vCenter.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\n\nhttps://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\u0628\u0631\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u067e\u06cc\u0645\u0627\u06cc\u0634 \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u067e\u06cc\u0686\u06cc\u062f\u0647 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc\u060c \u0628\u0647 \u0645\u0646 \u0628\u067e\u06cc\u0648\u0646\u062f\u06cc\u062f. \n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\n\u200fhttps://t.me/ics_cert", "creation_timestamp": "2024-06-20T15:08:46.000000Z"}, {"uuid": "024e6b04-7e9b-42aa-a589-9254176c3fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "Telegram/7TmeLhBEwGZ4R6H7RLJZ_TUPR9TuN_dX3tdoe0qvNiQQVg", "content": "", "creation_timestamp": "2024-06-20T18:49:32.000000Z"}, {"uuid": "595bc442-b595-4c11-b9ab-fd9a14f8a8e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "Telegram/T0L2qoE3g7bZ7uebznwh8TeJ-spc6YzSi52rzunmaddsJ1rv", "content": "", "creation_timestamp": "2024-08-31T12:47:17.000000Z"}, {"uuid": "53e3a6f8-df10-4853-936d-ba559bffe2d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/12100", "content": "The Hacker News\nVMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi\n\nVMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could", "creation_timestamp": "2024-06-18T12:12:57.000000Z"}, {"uuid": "2eb49431-7c41-4ebe-9b1d-7b054819d519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/1036", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T14:26:37.000000Z"}, {"uuid": "df4ce8e9-792a-4539-9f1b-df2679f0c6cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/309", "content": "\ud83d\udd25 VMware vCenter Server RCE + PrivEsc\n\nMultiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n\u2014 CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance. (CVSS v3.1 score: 7.8 \"high\").\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a\n\nNmap Script (PoC):\n\ud83d\udd17 https://github.com/nmap/nmap/blob/4b28defac6e3eb8b8eb4704f506949806d784f73/scripts/vmware-version.nse\n\nShodan\nproduct:\"VMware vCenter Server\"\nFOFA\napp=\"vmware-vCenter\"\n\n#vmware #vcenter #rce #lpe #cve", "creation_timestamp": "2024-06-20T12:00:07.000000Z"}, {"uuid": "6d75fea3-1910-43d5-a657-37c39e3dbe34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/GrayHatsHack/6797", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\nThey could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-25T10:24:26.000000Z"}, {"uuid": "10b9d3d3-19c1-4233-bfca-4391e3062eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://gist.github.com/emadshanab/34522c81b12208711193e3838a7ca04d", "content": "", "creation_timestamp": "2025-10-12T00:45:20.000000Z"}, {"uuid": "964425da-3c46-4562-994e-8a8e104cb9ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115946155187059510", "content": "", "creation_timestamp": "2026-01-23T19:52:05.203635Z"}, {"uuid": "ed62f268-102b-4c41-ab89-dccba0e3beb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3md4iiu77gv2c", "content": "", "creation_timestamp": "2026-01-23T20:00:59.246234Z"}, {"uuid": "768f9916-85e0-40d4-bc59-e78043928cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3md4qjwksl62z", "content": "", "creation_timestamp": "2026-01-23T22:24:45.971128Z"}, {"uuid": "649c9e33-83bf-4403-ad97-9a48880ab203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3md5tkxg4hz2f", "content": "", "creation_timestamp": "2026-01-24T08:51:40.814576Z"}, {"uuid": "2d9bf25f-cc5f-4e94-bb0e-2999f22f114c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/techit.bsky.social/post/3md5tzy52k32e", "content": "", "creation_timestamp": "2026-01-24T09:00:06.577416Z"}, {"uuid": "55d30ddf-2f41-4fbc-be24-0c4456db02e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3md5u3msmfi2y", "content": "", "creation_timestamp": "2026-01-24T09:00:59.766174Z"}, {"uuid": "ac295799-4f5c-44b2-ba73-53fe01cdf60b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3md7i4aibt22j", "content": "", "creation_timestamp": "2026-01-25T00:31:58.011503Z"}, {"uuid": "205f7d3d-2165-4ad5-abcd-11a0f5f8055b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/sctocs.bsky.social/post/3md7kv4lecs27", "content": "", "creation_timestamp": "2026-01-25T01:21:39.174599Z"}, {"uuid": "ebf086ec-fc58-4cab-9f04-ef0f749ffc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3md7olu6nv42a", "content": "", "creation_timestamp": "2026-01-25T02:28:01.584770Z"}, {"uuid": "9d4206d4-0019-443d-8562-8e141eb426f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/calimegai.bsky.social/post/3mda5tlzwkl2m", "content": "", "creation_timestamp": "2026-01-25T07:00:48.592544Z"}, {"uuid": "e725dcbb-a52d-46b4-9c81-aeafa58e2a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mdasvnbyqs2m", "content": "", "creation_timestamp": "2026-01-25T13:17:45.030593Z"}, {"uuid": "d34f4412-8042-47b2-b52f-f7cffa47b572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3mdavztylqk24", "content": "", "creation_timestamp": "2026-01-25T14:13:49.233506Z"}, {"uuid": "1b73d841-61aa-4e32-add2-bf33d7948371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mdazvphud62i", "content": "", "creation_timestamp": "2026-01-25T15:23:03.377847Z"}, {"uuid": "9218c3c8-a7e0-480e-a867-ac6a571fbbd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/allsafeus.bsky.social/post/3mdb3h6psh722", "content": "", "creation_timestamp": "2026-01-25T15:50:43.421833Z"}, {"uuid": "13a0a440-b19a-47c3-a357-4c27e993b3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mdbemzlt442n", "content": "", "creation_timestamp": "2026-01-25T18:35:04.125427Z"}, {"uuid": "1448bc98-73ca-455b-bbf0-2362a56d8312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mdbm5pxmsi2e", "content": "", "creation_timestamp": "2026-01-25T20:49:39.131810Z"}, {"uuid": "f264a609-e2be-4075-94cb-8e7ebd5b5548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mdbmicq3tc2x", "content": "", "creation_timestamp": "2026-01-25T20:55:35.258891Z"}, {"uuid": "fc51599a-75f0-4bcf-8eda-dbd1d7388514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mdc72qkl2b26", "content": "", "creation_timestamp": "2026-01-26T02:28:00.426887Z"}, {"uuid": "c9c2d9d7-79b4-4757-8a83-1f639fe190d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mdcjsom5rp2p", "content": "", "creation_timestamp": "2026-01-26T05:40:20.803346Z"}, {"uuid": "53df321c-72cf-470e-a3df-667ed56191f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mdcjtdc5pb2z", "content": "", "creation_timestamp": "2026-01-26T05:40:42.707627Z"}, {"uuid": "036b37b0-b933-466c-a7b2-cfc0744518b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mdd6rgpqi32d", "content": "", "creation_timestamp": "2026-01-26T11:55:27.633158Z"}, {"uuid": "e5d3dc18-9f72-4eb4-ae46-7add0bef8e11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-37079", "type": "seen", "source": "https://infosec.exchange/users/defendopsdiaries/statuses/115961298284897428", "content": "", "creation_timestamp": "2026-01-26T12:03:10.388315Z"}, {"uuid": "fe746ca5-0d6f-4ad8-9a0c-80188970d711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115961326255073891", "content": "", "creation_timestamp": "2026-01-26T12:10:17.215043Z"}, {"uuid": "9fe1e8a8-907a-42a8-b4a7-5c76f3776575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3mddatx6e342u", "content": "", "creation_timestamp": "2026-01-26T12:32:41.072645Z"}, {"uuid": "d6d132e1-bc05-4363-879f-e5b36fc6e250", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/hack4career.com/post/3mddciiyoca2k", "content": "", "creation_timestamp": "2026-01-26T13:02:07.523259Z"}, {"uuid": "58f5f8ab-3dc0-4333-8a4e-0ec31115377c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mdddudnt4k23", "content": "", "creation_timestamp": "2026-01-26T13:26:36.058723Z"}, {"uuid": "7b24f19b-7ea8-4a69-85c6-1fb404805c62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mddefy7jns23", "content": "", "creation_timestamp": "2026-01-26T13:36:36.014099Z"}, {"uuid": "0128b1e4-53f9-45a4-9d94-9dff049d124e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mddf2uzjw223", "content": "", "creation_timestamp": "2026-01-26T13:48:12.087231Z"}, {"uuid": "fd7c65c4-01d6-41d2-927f-a05c528613bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://threatintel.cc/2026/01/26/cisa-says-critical-vmware-rce.html", "content": "", "creation_timestamp": "2026-01-26T11:10:24.000000Z"}, {"uuid": "fa785661-f1ca-4af5-95c8-51aaa404d9d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/technology-news.bsky.social/post/3mddj67hheq26", "content": "", "creation_timestamp": "2026-01-26T15:01:33.852377Z"}, {"uuid": "ab24757c-fc4c-437a-81d6-d382b9d3e0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mfjo6asd322e", "content": "", "creation_timestamp": "2026-02-23T12:37:25.720193Z"}, {"uuid": "bc545ad7-e915-483c-aab8-d0fbf1b08ceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "Telegram/obSPr9PV0Da_qSLTggJciA2Cp_snkCDUqehnwTxKSd-hA48", "content": "", "creation_timestamp": "2024-06-18T10:35:10.000000Z"}, {"uuid": "9047f590-514a-45ea-8b3a-82d49b332be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/CyberDilara/244", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\nThey could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-25T17:20:25.000000Z"}, {"uuid": "3e1a7d54-6382-4bb7-b049-34290521fceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/CyberDilara/227", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\n\u26a0They could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-20T18:53:14.000000Z"}, {"uuid": "ce04a5c3-ed0e-4aad-9ffd-abefdc70ae7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "Telegram/JY3Tdlm-rK7NW97WMF3BzzCxel998rP3WdZdhbgiL7lEqg", "content": "", "creation_timestamp": "2024-06-18T11:45:57.000000Z"}, {"uuid": "ddec413c-dc6f-4901-af68-3d8e36d76750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "published-proof-of-concept", "source": "Telegram/zUsRWt3Wq7-Ohylg0lIat3q_zhXnMZf3Ssuf6Q7NZ3JiF_o", "content": "", "creation_timestamp": "2024-08-28T15:37:05.000000Z"}, {"uuid": "6c666140-6f9e-447f-af54-667d9a523cf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2369", "content": "The Hacker News\nVMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi\n\nVMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could", "creation_timestamp": "2024-06-18T12:12:57.000000Z"}, {"uuid": "efb8c33c-8311-4d63-a4b0-85cad20ef9d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/dilagrafie/3346", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\n\u26a0They could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-20T18:53:24.000000Z"}, {"uuid": "b6bf8cae-5a83-44ab-97fa-c80d62991cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37079", "type": "seen", "source": "https://t.me/true_secator/5867", "content": "VMware\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Cloud Foundation, vCenter Server \u0438 vSphere ESXi, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 CVE-2024-37079 \u0438 CVE-2024-37080\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8) \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u00a0DCE/RPC.\n\n\u041e\u0431\u0435 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0425\u0430\u043e \u0427\u0436\u044d\u043d\u0443 \u0438 \u0426\u0437\u044b\u0431\u043e \u041b\u0438 \u0438\u0437 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 QiAnXin.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 vCenter \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430.\n\n\u041c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f CVE-2024-37081\u00a0(CVSS: 7,8) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 EoP \u0432 VMware vCenter, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0438\u043c\u0438 \u0432 \u0432\u0438\u0434\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 sudo. \u0410\u0432\u0442\u043e\u0440\u0441\u0442\u0432\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0438\u0442 \u041c\u0430\u0442\u0435\u044e \u0411\u0430\u0434\u0430\u043d\u043e\u044e \u0438\u0437 Deloitte \u0432 \u0420\u0443\u043c\u044b\u043d\u0438\u0438.\n\n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u043d\u0435\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root-\u043f\u0440\u0430\u0432.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 vCenter Server 7.0 \u0438 8.0, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 7.0 U3r, 8.0 U1e \u0438 8.0 U2d.\n\n\u0421\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439\u00a0\u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e (\u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043f\u043e\u043a\u0430).", "creation_timestamp": "2024-06-18T13:10:05.000000Z"}]}