{"vulnerability": "cve-2022-2454", "sightings": [{"uuid": "db051d47-bf4b-4ac4-8524-29f74bbf6615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24548", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1770", "content": "#Fuzzing\n1. Fuzzing ping(8)\u2026 and finding a 24 year old bug\nhttps://tlakh.xyz/fuzzing-ping.html\n2. Finding JIT Optimizer Bugs using SMT Solvers and Fuzzing\nhttps://www.pypy.org/posts/2022/12/jit-bug-finding-smt-fuzzing.html\n3. Fuzzing the Shield: CVE-2022-24548\nhttps://medium.com/s2wblog/fuzzing-the-shield-cve-2022-24548-96f568980c0", "creation_timestamp": "2022-12-14T16:39:07.000000Z"}, {"uuid": "74fe85b8-4e97-4353-8eb9-fa31a7f5e064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24548", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3053", "content": "\u0432\u043e\u0442 \u043d\u0435\u043e\u0442\u0441\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0438\u0441\u0435\u0440\u0447\u0435\u0439 \u0438 \u0441\u0442\u0430\u0442\u0435\u0439 \u043f\u043e \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430\u043c \nhttps://www.usenix.org/system/files/conference/woot16/woot16-paper-blackthorne_update.pdf\nhttps://www.sentinelone.com/labs/cve-2021-24092-12-years-in-hiding-a-privilege-escalation-vulnerability-in-windows-defender/\nhttps://habr.com/ru/company/skillfactory/blog/527512/\nhttps://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2018\nhttps://palant.info/2020/06/22/exploiting-bitdefender-antivirus-rce-from-any-website/\nhttps://www.accenture.com/us-en/blogs/cyber-defense/exploiting-arbitrary-file-move-in-symantec-endpoint-protection\nhttps://n4r1b.netlify.com/posts/2020/03/dissecting-the-windows-defender-driver-wdfilter-part-3/\nhttps://medium.com/s2wblog/fuzzing-the-shield-cve-2022-24548-96f568980c0", "creation_timestamp": "2023-04-28T05:52:17.000000Z"}, {"uuid": "a3a7c2c7-9e2d-402f-85bf-3cda67755d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24546", "type": "seen", "source": "https://t.me/cibsecurity/40912", "content": "\u203c CVE-2022-24546 \u203c\n\nWindows DWM Core Library Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:26:22.000000Z"}, {"uuid": "0af652f1-3f22-4154-b5f7-ea994fc8d8e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24545", "type": "seen", "source": "https://t.me/cibsecurity/40897", "content": "\u203c CVE-2022-24545 \u203c\n\nWindows Kerberos Remote Code Execution Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:20:25.000000Z"}, {"uuid": "fe689c09-37cc-486d-9c80-6f793ce78b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24541", "type": "seen", "source": "https://t.me/cibsecurity/40893", "content": "\u203c CVE-2022-24541 \u203c\n\nWindows Server Service Remote Code Execution Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:20:20.000000Z"}, {"uuid": "ea273073-0302-4ab9-a528-45b7e7f676ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24548", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7353", "content": "#Fuzzing\n1. Fuzzing ping(8)\u2026 and finding a 24 year old bug\nhttps://tlakh.xyz/fuzzing-ping.html\n2. Finding JIT Optimizer Bugs using SMT Solvers and Fuzzing\nhttps://www.pypy.org/posts/2022/12/jit-bug-finding-smt-fuzzing.html\n3. Fuzzing the Shield: CVE-2022-24548\nhttps://medium.com/s2wblog/fuzzing-the-shield-cve-2022-24548-96f568980c0", "creation_timestamp": "2022-12-14T11:03:01.000000Z"}, {"uuid": "56b5c006-74cd-48d9-9bc4-c1684e9709b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24545", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6344", "content": "#exploit\n1. CVE-2022-24545, CVE-2022-30165:\nKerberos Redirected Logon Buffer EoP (Windows Srv 2022)\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2271\n\n2. CVE-2022-29455:\nWordpress XSS\nhttps://github.com/GULL2100/Wordpress_xss-CVE-2022-29455", "creation_timestamp": "2022-07-06T21:55:00.000000Z"}, {"uuid": "f989b462-2633-4829-9a3c-c7db73750fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24548", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/1766", "content": "In this post, we analyze Windows Defender and the root cause of the bug that we found through fuzz testing.\n\nhttps://medium.com/s2wblog/fuzzing-the-shield-cve-2022-24548-96f568980c0", "creation_timestamp": "2022-12-13T11:51:06.000000Z"}, {"uuid": "34eb08b2-325b-4a84-91e6-c9a44bcd00a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2454", "type": "seen", "source": "https://t.me/cibsecurity/46550", "content": "\u203c CVE-2022-2454 \u203c\n\nInteger Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-19T18:40:51.000000Z"}, {"uuid": "4e5af361-7c28-431f-9e86-47f629ec30bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24540", "type": "seen", "source": "https://t.me/cibsecurity/40916", "content": "\u203c CVE-2022-24540 \u203c\n\nWindows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24482.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:26:27.000000Z"}, {"uuid": "59d62aa3-32be-46d5-ad9f-5e8d610f363c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24540", "type": "seen", "source": "https://t.me/cibsecurity/40923", "content": "\u203c CVE-2022-24482 \u203c\n\nWindows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24540.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:26:37.000000Z"}, {"uuid": "cf70d673-8fcc-43d0-a901-1e469c6565bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24548", "type": "seen", "source": "https://t.me/cibsecurity/40917", "content": "\u203c CVE-2022-24548 \u203c\n\nMicrosoft Defender Denial of Service Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:26:28.000000Z"}, {"uuid": "c20e7b74-a91c-4711-abae-aede43047c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24541", "type": "seen", "source": "https://t.me/itsec_news/474", "content": "\u200b\u2705 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\ud83d\udcac \u0412\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a, 12-\u0433\u043e \u0430\u043f\u0440\u0435\u043b\u044f, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0435 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Windows, \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0435, Office, Exchange Server, Visual Studio, \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 \u0438 \u043f\u0440.\n\n\u0414\u0435\u0441\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. 115 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043a\u0430\u043a \u043e\u043f\u0430\u0441\u043d\u044b\u0435, \u0438 3 \u2014 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041e\u0434\u043d\u0430 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438. \u0420\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Common Log File System, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 \u0438 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 CrowdStrike. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-24521 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 7,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0440\u0430\u043d\u0435\u0435. CVE-2022-26904 (7.0 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows User Profile Service.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 Runtime Library (CVE-2022-26809), Windows Network File System (CVE-2022-24491 \u0438 CVE-2022-24497), Windows Server Service (CVE-2022-24541), Windows SMB (CVE-2022-24500) \u0438 Microsoft Dynamics 365 (CVE-2022-23259).\n\nMicrosoft \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Windows DNS Server, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u0434\u043d\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 17 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \u0415\u0449\u0451 15 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438.\n\n#Microsoft #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-04-13T08:18:48.000000Z"}]}