{"vulnerability": "CVE-2024-49112", "sightings": [{"uuid": "8adbc291-93d9-41d2-bad2-f30dc9d83ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/CyberBulletin/26834", "content": "\u26a1\ufe0fCVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover.\n\n#CyberBulletin", "creation_timestamp": "2024-12-17T08:01:00.000000Z"}, {"uuid": "d7d37787-ee36-4ec3-a678-7ff4b2f96530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "exploited", "source": "https://t.me/SecLabNews/16082", "content": "\u0414\u0432\u043e\u0439\u043d\u0430\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c: \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u0433\u0438 LDAP \u0438 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\n\n\ud83d\udd25 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 LDAP \u0434\u043b\u044f Windows \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0438\u0437 \u043d\u0438\u0445 (CVE-2024-49112) \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9.8 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\n\ud83c\udfa3 \u0412 \u0441\u0435\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 LDAPNightmare, \u044f\u043a\u043e\u0431\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-49113. \u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u043c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udd0d \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u044f\u0432\u043b\u044f\u044e\u0449\u0438\u0439\u0441\u044f \u0444\u043e\u0440\u043a\u043e\u043c \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0435\u043a\u0442\u0430. \u041f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0438\u0445 \u043d\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 FTP-\u0441\u0435\u0440\u0432\u0435\u0440.\n\n#cybersecurity #WindowsSecurity #LDAP #infosec\n\n@SecLabNews", "creation_timestamp": "2025-01-10T17:40:03.000000Z"}, {"uuid": "506f2085-e53f-4eb8-b1e9-42ea5b4e5ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/Russian_OSINT/4975", "content": "\ud83e\ude9f \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft \u0437\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2024 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u043a \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e 72 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 (CVE). \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, Office, SharePoint, Edge \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \n\n1\ufe0f\u20e3 \u0421\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows LDAP (CVE-2024-49112) \u2014 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \n\n2\ufe0f\u20e3 CVE-2024-49138 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Common Log File System (CLFS) Windows. \u041f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 7.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS,\n\n\u0422\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 Microsoft Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-43600 (7.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows Mobile Broadband \u0438 Remote Desktop Services \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0438 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a defense-in-depth. \u041f\u0440\u0430\u0432\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows Server 2008 \u0438 2008 R2 \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0441\u0442\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (Extended Security Update) \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 Microsoft Update Catalog \u0438\u043b\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043a\u0430\u0436\u0434\u043e\u043c CVE \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 Microsoft Security Update Guide.\n\n\u041a\u043b\u044e\u0447\u0435\u0432\u044b\u043c \u043c\u043e\u043c\u0435\u043d\u0442\u043e\u043c \u0432 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b \u0430\u043a\u0446\u0435\u043d\u0442 Microsoft \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \u0412 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u043e\u0447\u0438\u0442\u0430\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b CSAF, \u0443\u043f\u0440\u043e\u0449\u0430\u044f \u0430\u043d\u0430\u043b\u0438\u0437 \u0438 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u2b07\ufe0f \u0415\u0441\u043b\u0438 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u043f\u043e CVSS \u2265 8.0, \u0442\u043e \u0438\u0437 72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 20 \u0438\u043c\u0435\u044e\u0442 \u0431\u0430\u043b\u043b 8.0 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, \u0442\u043e \u0435\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 27-30% \u2014 \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0442\u0440\u0435\u0442\u044c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439.\n\n\u270b @Russian_OSINT", "creation_timestamp": "2024-12-11T13:04:52.000000Z"}, {"uuid": "f6cafb72-cf86-42ca-a558-1e7562aedc0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfbml2udni24", "content": "", "creation_timestamp": "2025-01-09T02:21:17.884587Z"}, {"uuid": "4bd43e75-338c-4237-a256-ec8195481d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-49112", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ley5rrn64s2r", "content": "", "creation_timestamp": "2025-01-05T08:02:56.619970Z"}, {"uuid": "6966dfb1-269d-4a97-ab92-4f7725554bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/113775209399756842", "content": "", "creation_timestamp": "2025-01-05T10:12:01.694533Z"}, {"uuid": "f7ebdd8e-0a7b-4aa5-b31f-d84eafecfa97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/giterlizzi.dev/post/3lf3bpdoqh22i", "content": "", "creation_timestamp": "2025-01-06T13:50:54.795557Z"}, {"uuid": "3defa8ed-6949-4e0d-953a-502a5bd2da0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/9aa579cb-be14-4a74-9427-91defcc2ccd5", "content": "", "creation_timestamp": "2025-01-02T22:00:01.220523Z"}, {"uuid": "d4eb5047-d17b-4ff3-ba6e-3eae769302c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9687", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-49112 Windows LDAP RCE PoC and Metasploit Module\nURL\uff1ahttps://github.com/BOl1o/CVE-2024-49112-RCE-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2025-01-02T04:32:11.000000Z"}, {"uuid": "2e79a4c1-bb18-42d5-83ba-b42a32b00c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/981", "content": "\ud83d\udea8 CVE-2024-49112: \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 Windows LDAP \n\nCVE-2024-49112 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u062f\u0631 \u067e\u0631\u0648\u062a\u06a9\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0633\u0628\u06a9 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0648\u06cc\u0646\u062f\u0648\u0632 (LDAP) \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc LDAP \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f. \u0627\u06cc\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u06a9\u0646\u062a\u0631\u0644 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0648 \u0628\u0647 \u062e\u0637\u0631 \u0627\u0646\u062f\u0627\u062e\u062a\u0646 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u062d\u0633\u0627\u0633 \u0634\u0648\u062f. \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u06cc\u0646 \u0646\u0648\u0639 \u0634\u062f\u06cc\u062f \u0647\u0633\u062a\u0646\u062f \u0648 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0641\u0648\u0631\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0647\u0634 \u062e\u0637\u0631\u0627\u062a \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u0636\u0631\u0648\u0631\u06cc \u0645\u06cc\u200c\u0633\u0627\u0632\u0646\u062f. \n\ud83d\udca1 \u0686\u0631\u0627 \u0645\u0647\u0645 \u0627\u0633\u062a: \u0627\u06cc\u0646 \u0646\u0648\u0639 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0642\u0627\u0628\u0644\u06cc\u062a \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0628\u0631\u062f\u0627\u0631 \u062d\u0645\u0644\u0647 \u062a\u0627\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647\u060c \u06cc\u06a9 \u062a\u0647\u062f\u06cc\u062f \u062c\u062f\u06cc \u0627\u0633\u062a. \u067e\u06cc\u0627\u0645\u062f\u0647\u0627\u06cc \u0628\u0627\u0644\u0642\u0648\u0647 \u0639\u0628\u0627\u0631\u062a\u0646\u062f \u0627\u0632: \n\u2620\ufe0f \u06a9\u0646\u062a\u0631\u0644 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u062f\u06cc\u062f\u0647. \n\u2620\ufe0f \u062d\u0630\u0641 \u062f\u0627\u062f\u0647 \u0647\u0627 \u0648 \u0627\u062e\u062a\u0644\u0627\u0644 \u062f\u0631 \u062e\u062f\u0645\u0627\u062a. \n\u2620\ufe0f \u0627\u0645\u06a9\u0627\u0646 \u0628\u0647 \u062e\u0637\u0631 \u0627\u0641\u062a\u0627\u062f\u0646 \u0634\u0628\u06a9\u0647 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af. \n\ud83d\udee1\ufe0f \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062a\u0648\u0635\u06cc\u0647 \u0634\u062f\u0647: \n\u2705 \u062d\u0633\u0627\u0628\u0631\u0633\u06cc \u0648 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u062d\u062a\u0645\u0627\u0644\u06cc.\n \u2705 \u0622\u062e\u0631\u06cc\u0646 \u0648\u0635\u0644\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u06cc\u062f. \n\u2705 \u062f\u0633\u062a\u0631\u0633\u06cc LDAP \u0631\u0627 \u0641\u0642\u0637 \u0628\u0647 \u0634\u0628\u06a9\u0647 \u0647\u0627 \u0648 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0645\u062d\u062f\u0648\u062f \u06a9\u0646\u06cc\u062f. \n\u2705 \u062a\u0631\u0627\u0641\u06cc\u06a9 LDAP \u0631\u0627 \u0628\u0631\u0627\u06cc \u0641\u0639\u0627\u0644\u06cc\u062a \u063a\u06cc\u0631\u0645\u0639\u0645\u0648\u0644 \u06cc\u0627 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0646\u0638\u0627\u0631\u062a \u06a9\u0646\u06cc\u062f. \u0645\u0627  \u0634\u0645\u0627 \u0631\u0627 \u067e\u0633\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc\u06a9\u0646\u06cc\u0645! \u0627\u0632 \u0627\u06cc\u0646 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u0647\u0627\u06cc \u062a\u06cc\u0645 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a\u06cc Vicarius \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f: \n\ud83d\udd0d \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u062a\u0634\u062e\u06cc\u0635: https://lnkd.in/dwjziqv7 \n\n\ud83e\ude79 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u0627\u0635\u0644\u0627\u062d: \nhttps://lnkd.in/dTDuiFq3 \n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2024-12-24T16:03:38.000000Z"}, {"uuid": "7aa69715-5d06-4c12-b4c3-a45042eb405c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/CyberBulletin/1768", "content": "\u26a1\ufe0fCVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover.\n\n#CyberBulletin", "creation_timestamp": "2024-12-17T08:01:00.000000Z"}, {"uuid": "aeac1a9f-d206-42b7-b7cc-ca229a8aecad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9451", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA short scraper looking for a POC of CVE-2024-49112\nURL\uff1ahttps://github.com/tnkr/poc_monitor\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-16T13:47:22.000000Z"}, {"uuid": "b0bf0b2d-a525-4384-a8e6-21aeaf9fa662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/2631", "content": "\ud83d\udd34CVE-2024-49112 \nLDAP Nightmare\n\nWriteUP\nPOC", "creation_timestamp": "2025-01-03T03:47:01.000000Z"}, {"uuid": "8d3689a7-29c8-4a9b-afa2-6873efbf7b3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "Telegram/6dN-xPk5ChsV-Ud1UMbF9kuccvIlVY21KcYcIldvuep9gA", "content": "", "creation_timestamp": "2025-01-03T10:46:05.000000Z"}, {"uuid": "c913f27a-428a-41fd-bad6-8841cd670dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/ctinow/228841", "content": "What We Know About CVE-2024-49112 and CVE-2024-49113\nhttps://ift.tt/qE3rBmt", "creation_timestamp": "2025-01-04T08:44:14.000000Z"}, {"uuid": "f1f19f06-6478-426e-853f-756d00fcaad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/ctinow/228842", "content": "What We Know About CVE-2024-49112 and CVE-2024-49113\nhttps://ift.tt/qE3rBmt", "creation_timestamp": "2025-01-04T08:59:34.000000Z"}, {"uuid": "f8765ed9-6c0c-40b9-8fb0-3211894be3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/6110", "content": "\ud83d\udea8 Critical Flaws in LDAP Exploited! \n \nA new proof-of-concept exploit, LDAPNightmare, crashes unpatched Windows Servers with one crafted request. \n \nEven worse? RCE attacks are possible with minor tweaks. \n \n\u00bb CVE-2024-49113 causes DoS attacks. \n\u00bb CVE-2024-49112 allows remote code execution. \n \nWhat can you do? \n\u2705 Patch ASAP with Microsoft\u2019s December 2024 updates. \n\u2705 Monitor RPC calls and suspicious LDAP activity. \n \n\ud83d\udc49 Read more: https://thehackernews.com/2025/01/ldapnightmare-poc-exploit-crashes-lsass.html", "creation_timestamp": "2025-01-03T09:21:11.000000Z"}, {"uuid": "8e4e30cd-f752-47c2-8d1f-a62f4c3c1f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113630112880421336", "content": "", "creation_timestamp": "2024-12-10T19:12:03.909794Z"}, {"uuid": "0e709b76-76f5-4ecc-9b0c-f23628dae61b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review", "content": "", "creation_timestamp": "2024-12-10T17:33:56.000000Z"}, {"uuid": "b3807da6-f7ed-41b6-bb74-00990db77513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113630508296939233", "content": "", "creation_timestamp": "2024-12-10T20:52:38.655491Z"}, {"uuid": "5bac48d7-b3c0-4e80-8699-e4a8380e9b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://www.darkreading.com/application-security/microsoft-zero-day-critical-rces-patch-tuesday", "content": "", "creation_timestamp": "2024-12-10T21:21:02.000000Z"}, {"uuid": "3d8dd9e8-8c6f-404b-ac5e-31ef069ad705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://krebsonsecurity.com/2024/12/patch-tuesday-december-2024-edition/", "content": "", "creation_timestamp": "2024-12-11T00:53:13.000000Z"}, {"uuid": "6d3aa515-d90d-4b72-a0b1-32fece96e985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://threatintel.cc/2025/01/10/green-bay-packers-online-pro.html", "content": "", "creation_timestamp": "2025-01-10T13:25:21.000000Z"}, {"uuid": "0b976221-627c-4fc0-a333-59259d22d33b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/socprime.com/post/3lfufm3whjl2t", "content": "", "creation_timestamp": "2025-01-16T13:37:13.032425Z"}, {"uuid": "ca15f2d6-0cce-4fab-8b99-fd5802cbc101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/socprime.com/post/3lfugduh5e22m", "content": "", "creation_timestamp": "2025-01-16T13:50:33.656383Z"}, {"uuid": "c54f88e7-62cd-4648-ab8f-89e0d08dc955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3ler5knisor2x", "content": "", "creation_timestamp": "2025-01-02T13:10:02.612380Z"}, {"uuid": "d52532ab-7904-46fb-af33-69a25233868e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/socprime.com/post/3ler5xbprzq2r", "content": "", "creation_timestamp": "2025-01-02T13:17:06.431566Z"}, {"uuid": "8b996dce-78d9-475e-aec1-8a32ef6ea8c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/socprime.com/post/3ler66ckhtt2f", "content": "", "creation_timestamp": "2025-01-02T13:21:02.330132Z"}, {"uuid": "f99aecc2-96cb-44cf-9e87-8ac8a1599cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lerayvvur72t", "content": "", "creation_timestamp": "2025-01-02T14:11:43.107111Z"}, {"uuid": "c9944426-d1be-41e0-945c-2be3af7d5762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/binitamshah.bsky.social/post/3lerellt3gs2i", "content": "", "creation_timestamp": "2025-01-02T15:15:52.862711Z"}, {"uuid": "a0b033b0-23c0-4c7a-acc6-5efdc0159f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113798930548659828", "content": "", "creation_timestamp": "2025-01-09T14:44:37.524775Z"}, {"uuid": "bae257f0-1949-44b1-a169-748021c589af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3leripllm5s26", "content": "", "creation_timestamp": "2025-01-02T16:29:38.921797Z"}, {"uuid": "1ec3b882-50fa-460f-85c8-a75797d1a408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/nekointheshell.com/post/3lerjrchvis2n", "content": "", "creation_timestamp": "2025-01-02T16:48:30.702490Z"}, {"uuid": "1a9d49b6-318e-41b3-8a21-122efe797261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/securestep9/statuses/113760157494707212", "content": "", "creation_timestamp": "2025-01-02T21:41:22.584407Z"}, {"uuid": "a1884709-ff42-450c-a890-a7e09d026fb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-49112", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3leswytauyk2j", "content": "", "creation_timestamp": "2025-01-03T06:18:00.967505Z"}, {"uuid": "7f470b1c-6272-490e-915b-e78deeb954fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3leta7eblts2l", "content": "", "creation_timestamp": "2025-01-03T09:02:43.732092Z"}, {"uuid": "fcdac777-9f57-4734-be55-0490fd2b0f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/alexmilla.bsky.social/post/3letde5szns2e", "content": "", "creation_timestamp": "2025-01-03T09:59:06.859612Z"}, {"uuid": "fed9db38-7529-4703-aa4a-a2e28101fe44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/3kkenekkepen.bsky.social/post/3letdsqtt2k2o", "content": "", "creation_timestamp": "2025-01-03T10:07:19.816979Z"}, {"uuid": "43488085-6f64-41f3-b159-39f638282394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://thehackernews.com/2025/01/ldapnightmare-poc-exploit-crashes-lsass.html", "content": "", "creation_timestamp": "2025-01-03T07:16:00.000000Z"}, {"uuid": "3ac7e64e-eb0d-44fe-a931-f7b1030a7d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/intruder-io.bsky.social/post/3letrboimmk2v", "content": "", "creation_timestamp": "2025-01-03T14:08:16.149894Z"}, {"uuid": "6f96c692-bead-48c5-b429-e3477a929e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lewese3j7w2j", "content": "", "creation_timestamp": "2025-01-04T15:02:56.264197Z"}, {"uuid": "ebf06d2e-770c-4356-a2b6-de5223c6bbce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lgxs66lja52l", "content": "", "creation_timestamp": "2025-01-30T15:25:15.837233Z"}, {"uuid": "5b0a650e-3595-4484-acc0-054c36f9d26a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lgbxe6geom2y", "content": "", "creation_timestamp": "2025-01-21T22:59:30.359971Z"}, {"uuid": "d5f7fce2-e2c2-4abc-b301-4e0db22e9e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "MISP/bd312f64-bd8b-48d9-b2f2-3c7ee31a5c9f", "content": "", "creation_timestamp": "2025-01-28T09:18:11.000000Z"}, {"uuid": "5f1d2283-646b-4675-9c50-8f6928de8eec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.bsky.social/post/3lgss5eha622u", "content": "", "creation_timestamp": "2025-01-28T15:41:32.356444Z"}, {"uuid": "e88c2dfd-6cc4-45ae-abc6-6c1006e4bfee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.bsky.social/post/3lgss5ehhy22u", "content": "", "creation_timestamp": "2025-01-28T15:41:32.854656Z"}, {"uuid": "3eefa9c9-e8bd-41c6-97da-2d638c963e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "MISP/dd71e3c5-20f7-409a-8bcc-8df3cd8022a7", "content": "", "creation_timestamp": "2025-09-03T13:30:06.000000Z"}, {"uuid": "cbe9d48a-ba70-478d-9dfb-4795bae18185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1440", "content": "", "creation_timestamp": "2024-12-11T04:00:00.000000Z"}, {"uuid": "6fafc402-48bc-4c8c-a77f-79ead5a5cddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/elblogden4p5t3r/358", "content": "\ud83d\udcc3 \"Exploit DoS para LDAPNightmare (CVE-2024-49112)\" https://www.hackplayers.com/2025/01/exploit-dos-para-ldapnightmare-cve-2024.html\n\n\ud83d\udee0 LDAP Nightmare https://github.com/SafeBreach-Labs/CVE-2024-49113", "creation_timestamp": "2025-02-10T12:55:16.000000Z"}, {"uuid": "39999da2-3c87-4aea-8cf8-d0a9f58d42b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/ddos_guard/603", "content": "\u200b\u0412 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 Microsoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 LDAP \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0430\u0439\u043d\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2024-49112 (CVSS: 9.8), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2024-49113 (CVSS: 7.5), \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0421\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430 GitHub \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c LDAPNightmare \u0434\u043b\u044f CVE-2024-49113. \u041e\u043d \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u043b\u0438  \u0430\u0440\u0445\u0438\u0432 \u0441 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u043d\u0430\u043b\u0438\u0437.\n\n\u0412 \u0444\u0438\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Python-\u0444\u0430\u0439\u043b\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u043d\u0435\u043d\u044b \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b poc.exe. \u041f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043e\u043d \u0441\u043e\u0437\u0434\u0430\u0435\u0442 PowerShell-\u0441\u043a\u0440\u0438\u043f\u0442 \u0432 \u043f\u0430\u043f\u043a\u0435 %Temp%, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 FTP-\u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u041f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435, \u0441\u043f\u0438\u0441\u043e\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u0430\u043f\u043e\u043a \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0443\u0434\u0430\u043b\u0438\u043b\u0438, \u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0418\u0411 \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043b\u0438 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u0431\u043b\u044e\u0434\u0430\u0442\u044c \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0441 \u0445\u043e\u0440\u043e\u0448\u0435\u0439 \u0440\u0435\u043f\u0443\u0442\u0430\u0446\u0438\u0435\u0439.", "creation_timestamp": "2025-01-16T09:16:16.000000Z"}, {"uuid": "ada211c0-595a-4055-8109-876702c39c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9475", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-49112 LDAP RCE PoC and Metasploit Module\nURL\uff1ahttps://github.com/b0l1o/CVE-2024-49112-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-18T00:29:19.000000Z"}, {"uuid": "4c29e1ee-81ab-4408-b99a-db0b27bbd0db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/8692", "content": "\u0421\u0442\u0438\u043b\u0435\u0440 \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f LDAPNightmare (CVE-2024-49113). \n\n\u2757\ufe0f \u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \"Patch Tuesday\" \u043e\u0442 Microsoft \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 LDAP. \u041e\u0431\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u044b \u043e\u0447\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u043c\u0438 \u0438\u0437-\u0437\u0430 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f LDAP \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 Windows:\n\u23fa\ufe0fCVE-2024-49112: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE), \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b LDAP.\n\u23fa\ufe0fCVE-2024-49113: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb (DoS), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0441\u0431\u043e\u044f \u0441\u043b\u0443\u0436\u0431\u044b LDAP.\n\n\ud83d\udcb1 \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438 CVE-2024-49113. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043e\u043d \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u0442 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f, \u043d\u043e \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b Python \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u043d\u0435\u043d\u044b \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c poc.exe, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0443\u043f\u0430\u043a\u043e\u0432\u0430\u043d \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e UPX. \u0425\u043e\u0442\u044f \u043d\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u0432\u0437\u0433\u043b\u044f\u0434 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u043e, \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u044f \u0438\u0437-\u0437\u0430 \u0435\u0433\u043e \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0435 \u043d\u0430 Python.\n\n\u270f\ufe0f \u041a\u043e\u0433\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0444\u0430\u0439\u043b, \u0432 \u043f\u0430\u043f\u043a\u0443 %Temp% \u043f\u043e\u043c\u0435\u0449\u0430\u0435\u0442\u0441\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell. \u042d\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0451\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441 Pastebin. \u0414\u0430\u043b\u0435\u0435 \u043e\u043d \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 IP-\u0430\u0434\u0440\u0435\u0441 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0435\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e FTP. \u0417\u0430\u0442\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442\u0441\u044f \u0438 \u0441\u0436\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ZIP, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 FTP-\u0441\u0435\u0440\u0432\u0435\u0440 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\udee1 \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043f\u043e\u043f\u0430\u0434\u0430\u043d\u0438\u044f \u0432 \u0442\u0430\u043a\u0438\u0435 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u044b\u043c \u0441 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u043c\u0438 \u0443 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u0430\u043b\u043e stars, forks, contributors. \u0422\u0430\u043a \u0436\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u043a\u043e\u043c\u043c\u0438\u0442\u043e\u0432 \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2025-01-29T07:06:29.000000Z"}, {"uuid": "5904b21b-fbbd-4b9a-b8ee-7c5807ea0eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9679", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aLdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49112\nURL\uff1ahttps://github.com/SafeBreach-Labs/CVE-2024-49112\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2025-01-01T18:21:20.000000Z"}, {"uuid": "e82f957b-be3a-47bb-b795-6ddd6bb950b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2472", "content": "CVE-2024-49112 \nLDAP Nightmare\n*\nWriteUP\nPOC", "creation_timestamp": "2025-01-02T06:31:04.000000Z"}, {"uuid": "03c568b5-565f-4f2b-bf88-45d9a95370c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6614", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Trend Micro \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u0438\u043d\u0444\u043e\u043a\u0440\u0430\u0434\u0430, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u0434 \u043a\u043e\u0434 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u044e\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Windows Lightweight Directory Access Protocol (LDAP).\n\nCVE-2024-49113 (CVSS 7,5), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e DoS, \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 10 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 70 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0440\u0443\u0433\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 LDAP (CVE-2024-49112), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u041c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 SafeBreach \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 PoC, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 CVE-2024-49113, \u043f\u043e\u043b\u0430\u0433\u0430\u044f, \u0447\u0442\u043e \u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0432\u0430\u0436\u043d\u043e\u0439, \u043d\u0435\u0436\u0435\u043b\u0438 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c SafeBreach, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u043c\u0435\u043d\u0443\u0435\u0442 CVE-2024-49113 \u043a\u0430\u043a LDAPNightmare, \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u0437\u043e\u0432\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0441\u0431\u043e\u044f \u043b\u044e\u0431\u043e\u0433\u043e \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Windows, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043e\u043d \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u043c \u0434\u043e\u043c\u0435\u043d\u0430, \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u0410 \u0432 Trend Micro \u0432\u0437\u0433\u043b\u044f\u043d\u0443\u043b\u0438 \u043d\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e LDAPNightmare \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0439 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0430 \u0431\u043e\u0440\u0442\u0443.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0442\u0430\u043a\u0442\u0438\u043a\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f PoC-\u043f\u0440\u0438\u043c\u0430\u043d\u043e\u043a \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u043d\u043e\u0432\u0430, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0432\u0441\u0435 \u0436\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u044f \u0432 \u0432\u0438\u0434\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432 \u043c\u043e\u043c\u0435\u043d\u0442\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043e\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0436\u0435\u0440\u0442\u0432.\n\nPoC \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u043e\u0442\u0432\u0435\u0442\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043e\u0442 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u0430, \u0438 \u0437\u0430\u043c\u0435\u043d\u044f\u0435\u0442 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b Python \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c, \u0443\u043f\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e UPX.\n\n\u041f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 PoC \u043f\u043e\u043c\u0435\u0449\u0430\u0435\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 PowerShell \u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043f\u0430\u043f\u043a\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u0421\u043a\u0440\u0438\u043f\u0442 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0438\u0437 Pastebin.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0442\u0430\u043a\u0443\u044e \u043a\u0430\u043a \u0441\u043f\u0438\u0441\u043e\u043a \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0441\u043f\u0438\u0441\u043e\u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432, IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0430\u0434\u0430\u043f\u0442\u0435\u0440\u0430\u0445 \u0441\u0435\u0442\u0438 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0441\u0436\u0438\u043c\u0430\u0435\u0442 \u0435\u0435 \u0432 ZIP-\u0430\u0440\u0445\u0438\u0432 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 FTP-\u0441\u0435\u0440\u0432\u0435\u0440, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u041f\u0435\u0440\u0435\u0447\u0435\u043d\u044c IoC - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2025-01-13T19:14:21.000000Z"}, {"uuid": "26d83017-835c-4a42-9830-0e3b5f19ab3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/300", "content": "https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49112/\n\nLDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112\n\nhttps://github.com/SafeBreach-Labs/CVE-2024-49112\n\n#github #\u5206\u6790 #exploit", "creation_timestamp": "2025-01-02T17:53:02.000000Z"}, {"uuid": "7bdba81e-9680-4bd4-836d-bcd06c70dd68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/etguenni.bsky.social/post/3ldsdubsc5k2a", "content": "", "creation_timestamp": "2024-12-21T07:10:16.319975Z"}, {"uuid": "952960ba-3801-4901-bbb5-ca24d6dc56f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1ce10b77-6eb97309939566ed", "content": "", "creation_timestamp": "2025-01-13T13:59:22.599450Z"}, {"uuid": "5c81c610-86e0-4e9c-bcd7-9739c080df73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3leq2vasubk2y", "content": "", "creation_timestamp": "2025-01-02T02:49:37.608416Z"}, {"uuid": "526bc12a-61ce-4f39-a42d-76a99da38224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3leq6wjenbc2r", "content": "", "creation_timestamp": "2025-01-02T04:01:54.357883Z"}, {"uuid": "ddf1f7c2-d4cb-4a0f-8166-2216c100a158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3leqawuz4ow2p", "content": "", "creation_timestamp": "2025-01-02T04:37:54.220976Z"}, {"uuid": "08873335-5378-4d76-830a-969bb1103f26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3leqcnizxzk2s", "content": "", "creation_timestamp": "2025-01-02T05:08:31.025264Z"}, {"uuid": "958c6608-89e7-4529-a252-e44263682141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3leqow5wj532e", "content": "", "creation_timestamp": "2025-01-02T08:48:03.101598Z"}, {"uuid": "a4d88f60-14bf-4040-9c61-104dcad643c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/warthogtk.bsky.social/post/3leqps4ewac2w", "content": "", "creation_timestamp": "2025-01-02T09:03:41.370888Z"}, {"uuid": "46c79690-8b34-43be-8fa4-8b31e2ff8891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/adulau/statuses/113758404886181647", "content": "", "creation_timestamp": "2025-01-02T10:58:24.908245Z"}, {"uuid": "d65d8feb-adf5-4cf9-9e88-b8e4583656e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/adulau.infosec.exchange.ap.brid.gy/post/3leqw7mkdvxm2", "content": "", "creation_timestamp": "2025-01-02T10:58:42.441348Z"}, {"uuid": "d3abaf08-0a4f-4016-bf85-7bdcfae254a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113758415696610331", "content": "", "creation_timestamp": "2025-01-02T11:01:10.487312Z"}, {"uuid": "ea8b1db5-14ac-4119-a7c6-579745d05911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/elhacker.net/post/3leqzdtv3lf2w", "content": "", "creation_timestamp": "2025-01-02T11:54:39.624465Z"}, {"uuid": "439d0fef-f3c0-4b91-a2f9-5375508908ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/cyb3rint3l.bsky.social/post/3ler2eyn5rc24", "content": "", "creation_timestamp": "2025-01-02T12:13:13.403573Z"}, {"uuid": "2152d9ba-8870-4c2f-a195-1c9a957eee14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/reynardsec.bsky.social/post/3ler2k47yg226", "content": "", "creation_timestamp": "2025-01-02T12:16:09.460278Z"}, {"uuid": "9b78de55-abd4-47d1-b7b6-3f3bac07a4aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lfhu63phw72a", "content": "", "creation_timestamp": "2025-01-11T13:53:10.772735Z"}, {"uuid": "40861cf0-2c3c-40c3-a458-2da1ea774adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9756", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-49112 LDAP RCE PoC and Metasploit Module\nURL\uff1ahttps://github.com/bo0l3an/CVE-2024-49112-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-08T02:00:15.000000Z"}, {"uuid": "3b28571b-c418-4f89-bbc7-a104b9e0ca23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9594", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-49112 Windows LDAP RCE PoC and Metasploit Module\nURL\uff1ahttps://github.com/BOl1o/CVE-2024-49112-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-25T02:08:05.000000Z"}, {"uuid": "2bb9f851-f5b5-4964-9852-41cf6458562b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/itsec_news/5376", "content": "\u200b\u26a1\ufe0fMicrosoft, FortiOS, 7-Zip: \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u0430\u0433\u043e\u0432 \u043f\u0430\u0440\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b\n\n\ud83d\udcac \u0412 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c \u0432\u043e\u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u042d\u0442\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 FortiOS \u0438 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0438\u0441\u0435 FortiProxy, \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 7-Zip.\n\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432 \u0441\u0435\u0442\u0438 Windows Lightweight Directory Access Protocol (LDAP Nightmare)\n\nCVE-2024-49112 (CVSS \u2014 9,8)\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c , \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 DCE/RPC \u043d\u0430 LDAP-\u0441\u0435\u0440\u0432\u0435\u0440 \u0436\u0435\u0440\u0442\u0432\u044b. \u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441 \u0438\u0449\u0435\u0442 \u0432 \u0441\u0435\u0442\u0438 IP-\u0430\u0434\u0440\u0435\u0441 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u0443\u0437\u043b\u0430 (\u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e). \u041f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0436\u0435\u0440\u0442\u0432\u0430 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u043c LDAP, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443. \u041e\u0442\u0432\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 CLDAP \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u0431\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u044b LSASS \u0437\u0430 \u0441\u0447\u0435\u0442 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f. \u041e\u043d, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0441\u0442\u043e\u044f\u043c, \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u0435\u043d \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e Active Directory.\n\n\u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u041f\u041e, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 Microsoft . \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0440 \u0437\u0430\u0449\u0438\u0442\u044b \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c RPC \u0438 LDAP \u0432\u043d\u0435\u0448\u043d\u0435 \u0447\u0435\u0440\u0435\u0437 SSL \u0438 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u0443\u0437\u043b\u0430\u043c\u0438 \u041e\u0421 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0442\u0438\u043f\u0430 Hyper-V NT Kernel Integration VSP\n\nCVE-2025-21333 , CVE-2025-21334 , CVE-2025-21335 (CVSS \u2014 7,8)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Hyper-V NT Kernel Integration, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u0443\u0437\u0434\u0430\u043c\u0438 \u041e\u0421 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0442\u0438\u043f\u0430, \u0442\u0430\u043a\u0438\u043c\u0438 \u043a\u0430\u043a Windows Sandbox \u0438 Microsoft Defender Application Guard. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-21333 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u0443\u0447\u0438, \u0430 CVE-2025-21334 \u0438 CVE-2025-21335 \u2014 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0443\u0440\u043e\u0432\u043d\u044f SYSTEM \u2014 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u0430 \u0443\u0437\u043b\u0430\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u043f\u043e \u0441\u0435\u0442\u0438, \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 OLE\n\nCVE-2025-21298 (CVSS \u2014 9,8)\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 RTF-\u0444\u0430\u0439\u043b. \u041f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0444\u0430\u0439\u043b\u0430 \u0436\u0435\u0440\u0442\u0432\u0430 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0442\u0435\u0440\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 Microsoft Configuration Manager\n\nCVE-2024-43468 (CVSS \u2014 9,8)\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e SQL-\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 (\u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u043e\u0442 \u043b\u0438\u0446\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430, \u0432\u043d\u0435\u0434\u0440\u0438\u0432 \u0432 \u044d\u0442\u043e\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442). \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0431\u0443\u0434\u0443\u0447\u0438 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0437\u043b\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. \u041f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438, \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043b\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Synacktiv \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043f\u0440\u0438\u0431\u0435\u0433\u043d\u0443\u0442\u044c \u043a \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u0430\u043f\u043a\u0438 C:\\Program Files\\SMS_CCM\\Logs\\MP_Location.log \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0435 \u0434\u043b\u044f UpdateSFRequest, XML-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 getMachineID().\n\n\u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u0445 Microsoft: CVE-2024-49112 , CVE-2025-21333 , CVE-2025-21334 , CVE-2025-21335 , CVE-2024-43468 , CVE-2025-21298 .\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-02-11T15:33:56.000000Z"}, {"uuid": "9d71ead8-1a8a-4a3d-a7c2-3e7e28834029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "exploited", "source": "https://t.me/itsec_news/4946", "content": "\u200b\u26a1\ufe0f72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b: Microsoft \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0433\u043e\u0434 \u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u043e\u0442\u0435\n\n\ud83d\udcac \nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 2024 \u0433\u043e\u0434\u0430, \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0432 72 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0434\u043d\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 17 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 54 \u0432\u0430\u0436\u043d\u044b\u0445 \u0438 \u043e\u0434\u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0418\u0437 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430, 31 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u0430 27 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-49138 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c CVSS 7.8. \u041e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows Common Log File System (CLFS) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. Microsoft \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 CrowdStrike \u0437\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\nCVE-2024-49138 \u2014 \u043f\u044f\u0442\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 CLFS \u0441 2022 \u0433\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0438\u0442\u0430\u044e\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u0442\u044c \u0432 \u0441\u0435\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.\n\nMicrosoft \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 CLFS, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0445\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u0434\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (HMAC) \u043a \u043b\u043e\u0433-\u0444\u0430\u0439\u043b\u0430\u043c. \u042d\u0442\u0430 \u043c\u0435\u0440\u0430 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u0435\u043c-\u043b\u0438\u0431\u043e, \u043a\u0440\u043e\u043c\u0435 \u0441\u0430\u043c\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 CLFS.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-49112 (CVSS 9.8), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c LDAP, \u0438 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 Windows Hyper-V \u0438 Remote Desktop Client.\n\n\u041d\u0430 \u0444\u043e\u043d\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a Microsoft \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 NTLM, \u0437\u0430\u043c\u0435\u043d\u044f\u044f \u0435\u0433\u043e \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 Kerberos. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 Extended Protection for Authentication (EPA) \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f Exchange Server, AD CS \u0438 LDAP.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c Windows Server 2025 NTLM \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043a\u043b\u044e\u0447\u0451\u043d, \u0430 LDAP \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043a\u0430\u043d\u0430\u043b \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438. \u042d\u0442\u0438 \u0448\u0430\u0433\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u0412 \u043f\u0440\u0435\u0434\u0434\u0432\u0435\u0440\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0433\u043e\u0434\u0430 Microsoft \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 2024-\u044b\u0439, \u0443\u043a\u0440\u0435\u043f\u043b\u044f\u044f \u0437\u0430\u0449\u0438\u0442\u0443 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0438 \u043f\u043e\u0434\u0430\u0432\u0430\u044f \u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u0430\u043a \u0432\u0430\u0436\u043d\u044b \u043f\u0440\u043e\u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0432 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u042d\u0442\u0438\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c, \u0441\u043b\u043e\u0432\u043d\u043e \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u044b\u043c \u043f\u043e\u0434\u0430\u0440\u043a\u043e\u043c, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0434\u0435\u043b\u0430\u0435\u0442 \u0448\u0430\u0433\u0438 \u043a \u0431\u043e\u043b\u0435\u0435 \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u043c\u0443 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u043c\u0443 \u0431\u0443\u0434\u0443\u0449\u0435\u043c\u0443.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-11T17:57:38.000000Z"}, {"uuid": "8199f8c9-24f6-400f-a24e-222d1c052d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/793", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49112\n\ud83d\udd39 Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2024-12-10T17:49:44.679Z\n\ud83d\udccf Modified: 2025-01-08T18:54:27.202Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49112", "creation_timestamp": "2025-01-08T19:16:03.000000Z"}, {"uuid": "e6163b3c-bcff-4282-a13c-13a760dfe48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/kasperskyb2b/1536", "content": "\ud83d\ude97 \u0414\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0439 Patch Tuesday: \u0432 \u043f\u043e\u0434\u0430\u0440\u043e\u043a \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0431\u043e\u043b\u0438 (\u043d\u043e \u044d\u0442\u043e \u043d\u0435 \u0442\u043e\u0447\u043d\u043e)\n\n\u0412\u0441\u0435\u0433\u043e \u043e\u0434\u0438\u043d \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u2014 Microsoft \u0434\u0430\u0440\u0438\u0442 \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043f\u043e\u0447\u0442\u0438 \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u044b\u0439 \u043c\u0435\u0441\u044f\u0446, \u0437\u0430 \u0447\u0442\u043e \u0438\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0441\u043f\u0430\u0441\u0438\u0431\u043e. \u0412\u0441\u0435\u0433\u043e \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 70 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 16 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, \u0432\u0441\u0435 \u043e\u043d\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE. \u041e\u0431\u0449\u0438\u0439 \u043f\u043e\u0434\u0441\u0447\u0451\u0442 \u0432\u043b\u0438\u044f\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: 30 \u2014 RCE, 27 \u2014 EoP, 5 \u2014 DoS, 7 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0417\u0438\u0440\u043e\u0434\u0435\u0439 CVE-2024-49138 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 EoP \u0432 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u043e\u043c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows CLFS. \u041e \u0442\u043e\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0442\u0430\u043a \u0431\u043e\u0433\u0430\u0442\u0430 \u043d\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0438 \u0443\u0434\u043e\u0431\u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c, \u043c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434. \u041f\u0440\u043e \u0442\u043e, \u0433\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u043d\u043e\u0432\u044b\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439, \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043d\u043e \u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0430\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 CLFS \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0431\u0430\u043d\u0434\u044b ransomware. \n\n\u0421\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u044e\u0442:\n\n\ud83d\udd35\u0442\u0440\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 LDAP, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-49112 \u0441 CVSS 9.8. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0436\u0435 \u043d\u0430\u043a\u043e\u043d\u0435\u0446 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0438 \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u0442\u044c \u0438\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c RPC-\u0432\u044b\u0437\u043e\u0432\u044b \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u0434\u0441\u0435\u0442\u0435\u0439;\n\n\ud83d\udd35RCE \u0432 LSASS, CVE-2024-49126, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c;\n\n\ud83d\udd358 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0430\u0445 remote desktop. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0441\u043b\u043e\u0436\u043d\u0430\u044f, \u043d\u0443\u0436\u043d\u043e \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f race condition, \u043d\u043e CVSS 8.1 \u043d\u0430\u043c\u0435\u043a\u0430\u0435\u0442;\n\n\ud83d\udd35\u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 Hyper-V, CVE-2024-49117\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0441\u043e\u0432\u0435\u0442\u044b @\u041f2\u0422", "creation_timestamp": "2024-12-11T12:26:56.000000Z"}, {"uuid": "cd4f2f18-16da-4792-873d-f9f1a90f2d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/infoinspect/935", "content": "\u267b\ufe0f \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u043a \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e 72 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 (CVE). \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, Office, SharePoint, Edge \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \n\n\ud83d\udc7e \u0421\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows LDAP (CVE-2024-49112). CVE-2024-49138 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Common Log File System (CLFS) Windows. \u0422\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 Microsoft Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-43600, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows Mobile Broadband \u0438 Remote Desktop Services \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b.\n\n\ud83d\udee1 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0438 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a defense-in-depth. \u041f\u0440\u0430\u0432\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows Server 2008 \u0438 2008 R2 \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0441\u0442\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (Extended Security Update) \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043a\u0430\u043d\u0430\u043b \u2705", "creation_timestamp": "2024-12-14T09:12:53.000000Z"}, {"uuid": "cb704973-fa61-44c2-86b0-d2a983a92c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49112", "type": "seen", "source": "https://t.me/cybersecs/3400", "content": "- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49112\n\nWindows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability\n\n\u041c\u043c\u043c\u043c, \u0432\u043a\u0443\u0441\u043d\u044f\u0442\u0438\u043d\u0430 )", "creation_timestamp": "2024-12-12T03:47:58.000000Z"}]}