{"vulnerability": "CVE-2025-24064", "sightings": [{"uuid": "766ac1cb-229b-4775-9e3f-40a16ea889ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9811", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24064\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use after free in DNS Server allows an unauthorized attacker to execute code over a network.\n\ud83d\udccf Published: 2025-03-11T16:59:12.752Z\n\ud83d\udccf Modified: 2025-04-01T00:40:37.135Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064", "creation_timestamp": "2025-04-01T01:31:47.000000Z"}, {"uuid": "5fb3d327-9dbf-4b1b-bd6f-98b8cf4c9545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://t.me/SpiderCodeCommunity1/20", "content": "\u0645\u062a\u064a\u062c\u0648 \u0646\u0643\u0644\u0645 \u0639\u0646 \u062d\u0627\u062c\u0647 \u062e\u0637\u0631 \u0643\u062f \u2620\ufe0f\n\n\u062a\u062d\u0630\u064a\u0631 \u0627\u0644\u0645\u062d\u062a\u0648\u064a \u0644\u064a \u062d\u0642\u0648\u0642 \u0637\u0628\u0639 \u0648 \u0646\u0634\u0631 \u2b50\n\n\n\u0627\u0644\u0646\u0647\u0627\u0631\u062f\u0647 \u0647\u0646\u062a\u0643\u0644\u0645 \u0639\u0646 cve \u0642\u0631\u064a\u0628 \u062c\u062f\u0627 \u0645\u0646 \u0634\u0647\u0631 \u0645\u0627\u0631\u0633 \u064a\u0648\u0645 11 \u062a\u0645 \u062a\u0633\u062c\u064a\u0644 cve \u0628\u0639\u0646\u0648\u0627\u0646\n\nCVE-2025-24064\n\n\u0627\u0648\u0628\u0627\u0627\u0627 \u0628\u064a\u0639\u0645\u0644 \u0627\u064a \u062f\u0627 \u064a \u0633\u0628\u0627\u064a\u062f\u0631 \u061f\n\n\u0627\u0646\u0627 \u0647\u0642\u0648\u0644\u0643 \u064a\u0639\u0632\u064a\u0632\u064a \u0627\u0644cve \u062f\u0627 \u0627\u0648 \u0627\u0644\u062b\u063a\u0631\u0647 \u0644\u0627\u0645\u0646\u064a\u0647 \u0628\u0645\u0639\u0646\u064a \u0627\u0635\u062d \u0628\u062a\u0639\u0645\u0644 \n\nUse-After-Free\n\n\u064a\u0639\u0646\u064a \u0627\u064a \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0628\u0639\u062f \u062d\u0631 \u062f\u0627 \ud83e\udd14\n\n\u0627\u0646\u0627 \u0647\u0642\u0648\u0644\u0643 \u062f\u064a \u062b\u063a\u0631\u0647 \u0628\u062a\u0645 \u0641 data \u0628\u062a\u0627\u0639\u062a \u0627\u0644\u0634\u0628\u0643\u0647 \u0627\u0648 \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0648 \u0644\u063a\u0647 \u0639\u0644\u064a \u062d\u0633\u0628 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0643 \u0648 \u0628\u062a\u0645 \u0639\u0646 \u0637\u0631\u064a\u0642 \u0628\u0627\u064a\u0644\u0648\u062f \n(free())\n\n\u0646\u0631\u062c\u0639 \u0644 \u0645\u0648\u0636\u0648\u0639\u0646\u0627 \ud83d\ude01 \n\n\u0627\u0644cve \u0628\u064a\u062a\u0645 \u0641 \u0634\u0628\u0643\u0647 \u0639\u0646 \u0628\u0639\u062f \u062a\u062d\u062f\u064a\u062f\u0627 Windows DNS Server \u0648 \u0628\u064a\u062e\u0644\u064a \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u064a\u0646\u0641\u0630 \u0643\u0648\u062f uaf \u0648 \u064a\u0639\u0637\u0644 dns \u0639\u0646 \u0645\u0633\u062a\u062e\u062f\u0645 windows \u062f\u0631\u062c\u0647 \u062e\u0637\u0648\u0631\u0647 cve 8.1 \u064a\u0639\u0646\u064a \u0627\u0646\u0648 \u062e\u0637\u0631 \u0645\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u064a\u0639\u0645\u0644 \u0631\u064a\u0641\u064a\u0631\u0633 \u0634\u064a\u0644 \u0639\u0646 \u0637\u0631\u064a\u0642\u0647\u0627 \u0641 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u064a \u062d\u0635\u0644 \u0641\u064a \u0627\u0644\u062b\u063a\u0631\u0647 \u0648 \u062f\u064a \u0634\u063a\u0627\u0644\u0647\u0627 \u0639\u0644\u064a \u0644\u0627\u0646\u0638\u0645\u0647 \u0627\u0644\u062a\u0627\u0644\u064a\u0647\n\n\n\nWindows Server 2022\n\nWindows Server 2019\n\nWindows Server 2016\n\nWindows Server 2012\n\n\n\u062d\u0644\u0643 \u0627\u0646\u0643 \u062a\u062d\u062f\u062b \u0627\u0644\u0646\u0638\u0627\u0645 \u0628\u0634\u0643\u0644 \u0645\u0633\u062a\u0645\u0631 \u0648 \u062a\u0631\u0627\u0642\u0628 \u062d\u0631\u0643\u0627\u062a \u0645\u0631\u0648\u0631 dns\n\u0639\u0646 \u0637\u0631\u064a\u0642\nIDS\n\u0627\u0648\nIPS", "creation_timestamp": "2025-03-18T07:37:58.000000Z"}, {"uuid": "1641b419-17e3-4b31-bf89-02ad4543bd07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-a8b1f1f7-7544db6064fedc76", "content": "", "creation_timestamp": "2025-03-12T09:39:02.921070Z"}, {"uuid": "39031c23-880e-460c-b531-b017fdde4ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114145054976036421", "content": "", "creation_timestamp": "2025-03-11T17:48:39.467888Z"}, {"uuid": "4bd26e89-6f44-4105-b883-4fc82a18a721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review", "content": "", "creation_timestamp": "2025-03-11T16:39:36.000000Z"}, {"uuid": "69acd22b-2a39-40bf-97f1-f649d88208c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114145022545782390", "content": "", "creation_timestamp": "2025-03-11T17:40:22.647852Z"}, {"uuid": "8365de26-32ff-4057-815f-45b6270b206f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24064", "type": "seen", "source": "https://t.me/SpiderCodeCommunity1/21", "content": "Let\u2019s talk about something dangerous \u2620\ufe0f\n\n\u26a0 Content warning: This content is copyrighted. \u2b50\n\n\n---\n\nToday, we\u2019ll discuss a CVE that was recently registered on March 11, 2025, titled:\n\nCVE-2025-24064\n\nWhoa! What does this do, Spider?\n\nI\u2019ll tell you, my friend! This CVE or security vulnerability exploits a Use-After-Free (UAF) bug.\n\n\ud83e\udd14 What is Use-After-Free?\n\nIt\u2019s a vulnerability that occurs in data handling within a network, device, or programming language, depending on how it is used. It is triggered through a payload using free(), leading to unexpected behavior.\n\n\n---\n\n\ud83d\ude01 Back to our topic!\n\nThis CVE affects Windows DNS Server over a network.\nIt allows an attacker to execute UAF-based code, potentially disrupting DNS services for Windows users.\n\nIt has a severity score of 8.1, meaning it's highly dangerous.\nA successful attacker could execute a reverse shell, gaining access to the vulnerable system.\n\n\ud83d\udee0\ufe0f Affected systems:\n\nWindows Server 2022\n\nWindows Server 2019\n\nWindows Server 2016\n\nWindows Server 2012\n\n\n\n---\n\n\ud83d\udd12 How to protect yourself?\n\n\u2714 Update your system regularly to patch vulnerabilities.\n\u2714 Monitor DNS traffic using IDS (Intrusion Detection System) or IPS (Intrusion Prevention System) to detect and prevent exploit attempts.", "creation_timestamp": "2025-03-18T07:36:24.000000Z"}]}