{"vulnerability": "CVE-2024-49132", "sightings": [{"uuid": "882c0b8f-cb3e-479b-85c2-35241d3d6d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49132", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review", "content": "", "creation_timestamp": "2024-12-10T17:33:56.000000Z"}, {"uuid": "bbbc0bad-15f4-4f57-9b6f-69449ce1fec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49132", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113630744569872163", "content": "", "creation_timestamp": "2024-12-10T21:52:43.098090Z"}, {"uuid": "edc0fd8f-44d1-49a4-9f28-69a73b32a4e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49132", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/113645234449739068", "content": "", "creation_timestamp": "2024-12-13T11:17:44.032641Z"}, {"uuid": "564472a9-4f56-4d73-a1d2-0cb3d5f23cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49132", "type": "seen", "source": "https://t.me/ViralCyber/9043", "content": "\ud83d\udd34\u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a 71 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u0631\u0627 \u0647\u0645\u0631\u0627\u0647 \u0628\u0627 \u06cc\u06a9 Zeroday \u062c\u062f\u06cc\u062f Patch \u06a9\u0631\u062f.\n\u25c0\ufe0f\u062e\u0644\u0627\u0635\u0647 Patch\u0647\u0627:\n\ud83d\udd3416 Critical Vulnerabilities: All involve remote code execution.\n\n\ud83d\udd34Vulnerability Categories:\n\u27a1\ufe0f27 Elevation of Privilege\n\u27a1\ufe0f30 Remote Code Execution (RCE)\n\u27a1\ufe0f7 Information Disclosure\n\u27a1\ufe0f5 Denial of Service\n\u27a1\ufe0f1 Spoofing\n\n\ud83d\udd34\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc Zeroday:\n\u27a1\ufe0fCVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability. This zero-day vulnerability enables attackers to gain SYSTEM privileges on Windows devices.\n\n\ud83d\udfe0\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u062f\u0631 Windows Remote Desktop Services\n\u25c0\ufe0f\u062f\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u06a9\u0634\u0641 \u0634\u062f\u0647\u060c \u062a\u0648\u062c\u0647 \u0628\u0647 \u062f\u0648 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc  \u062f\u0631 \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627\u06cc Remote Desktop (RDP) \u0636\u0631\u0648\u0631\u06cc \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u0647\u0627\u06cc CVE-2024-49115 \u0648 CVE-2024-49132 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u0648 \u062f\u0631 \u062f\u0633\u062a\u0647\u200c\u0628\u0646\u062f\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u0646\u062f.\n\u25c0\ufe0f\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-49115: \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE) \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647\u06cc \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\u25c0\ufe0f\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-49132 : \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0631\u062a\u0642\u0627\u0621 \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc (EoP) \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0631 \u0633\u0637\u062d Admin \u0631\u0627 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u067e\u0633 \u0627\u0632 \u0646\u0641\u0648\u0630 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\ud83d\udd34\u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a Patch \u06a9\u0646\u06cc\u062f...\n\n\u2709\ufe0f @PingChannel\n\u062e\u0628\u0631\u060c \u062a\u062d\u0644\u06cc\u0644\u060c \u0627\u0646\u062a\u0642\u0627\u062f - \u0641\u0646\u0627\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a\n\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\u00a0 \ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b", "creation_timestamp": "2024-12-12T08:16:06.000000Z"}]}