{"vulnerability": "cve-2024-3708", "sightings": [{"uuid": "33df7441-796f-4a4d-97ff-eacf83160e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lunfgbbb3q26", "content": "", "creation_timestamp": "2025-07-23T16:03:12.086188Z"}, {"uuid": "832f07c9-ac89-44b6-bfc7-2d7075af55ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "290dfd38-9572-4240-b4d6-7ad0c0f9b07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3luxf4se5ft2p", "content": "", "creation_timestamp": "2025-07-27T15:24:32.191711Z"}, {"uuid": "8a0abc83-21e8-4da3-b393-f89a9d60a550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv7ljgdcb22e", "content": "", "creation_timestamp": "2025-07-30T21:40:15.502467Z"}, {"uuid": "bab2d1b5-8f40-4009-be39-70dc2a6683c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/7/kritische-sicherheitslucke-in-vmware-esxi-aktiv-ausgenutzt-update-verfugbar", "content": "", "creation_timestamp": "2024-07-30T08:10:29.000000Z"}, {"uuid": "7b1fa160-3c31-453b-b8cc-4af8bb39399d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37086", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/7/kritische-sicherheitslucke-in-vmware-esxi-aktiv-ausgenutzt-update-verfugbar", "content": "", "creation_timestamp": "2024-07-30T08:10:29.000000Z"}, {"uuid": "16ef095a-5e50-4582-a68e-af0ba9a26753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3m2mzrqk2uz2q", "content": "", "creation_timestamp": "2025-10-07T21:06:02.982431Z"}, {"uuid": "ede7cbe2-f12a-46d7-98d4-bc77c1e5ad9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3lylniiglj62i", "content": "", "creation_timestamp": "2025-09-11T21:03:03.843689Z"}, {"uuid": "020e5d2f-d945-4853-99a8-3fb70321c315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:32.000000Z"}, {"uuid": "230e8879-c57e-4ba0-8152-0113a5bc3831", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3ly3pzzfqcn2s", "content": "", "creation_timestamp": "2025-09-05T13:06:03.260524Z"}, {"uuid": "e620da98-83f6-4b97-b4ee-dc1b45dac57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/08dccffe-9ce0-49c5-b0df-5c1b2f91d794", "content": "", "creation_timestamp": "2026-02-02T12:26:32.529442Z"}, {"uuid": "70c27cdd-df7c-44e2-919e-be5325953ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mfjo6asd322e", "content": "", "creation_timestamp": "2026-02-23T12:37:25.912650Z"}, {"uuid": "642a7b33-52da-483d-af6a-4b9232c05cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mfjo6asd322e", "content": "", "creation_timestamp": "2026-02-23T12:37:25.813578Z"}, {"uuid": "8505a2c2-b852-4e83-997d-1e6e6a316f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8743", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aSpring Cloud Data Flow CVE-2024-37084 exp\nURL\uff1ahttps://github.com/Ly4j/CVE-2024-37084-Exp\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-15T07:00:06.000000Z"}, {"uuid": "fc0d8572-00b2-4d93-a87f-a650d5904857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/ptescalator/274", "content": "Net group \"babyk\" /add\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0444\u0430\u043a\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-37085. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u043e\u043c VMware ESXi, \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u043c \u043a \u0434\u043e\u043c\u0435\u043d\u0443 \ud83d\ude20\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0432 \u0433\u0440\u0443\u043f\u043f\u0443 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c ESX Admins, \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0438\u043c\u0435\u044e\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0443. \u042d\u0442\u0430 \u0433\u0440\u0443\u043f\u043f\u0430 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0434\u043e\u043c\u0435\u043d\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0437\u0430\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e, \u0438\u043c\u0435\u044e\u0449\u0435\u0439 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043d\u0435\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u270f\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-37085 \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Microsoft \u0432 \u0438\u044e\u043b\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0441\u0442\u0430\u0442\u044c\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432 Akira \u0438 Black Basta. \u0412 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0442\u0447\u0435\u0442\u0430\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0435\u0442.\n\n\ud83d\udc64 \u0412 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u043c\u043e\u043c \u043d\u0430\u043c\u0438 \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430 \u0438 \u0437\u0430\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0441 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438. \u041f\u043e\u0441\u043b\u0435 \u043e\u043d\u0438 \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0433\u0440\u0443\u043f\u043f\u0443 ESX Admins \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u0432 \u043d\u0435\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b:\n\nnet group \"ESX Admins\" /add /domain\nnet group \"ESX Admins\" superuser /add /do\n\n\n\u041e\u0442 \u0438\u043c\u0435\u043d\u0438 \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u0438 \u0432\u043e\u0448\u043b\u0438 \u043d\u0430 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440 \u0438 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u0438 \u0444\u0430\u0439\u043b\u044b \u0438 \u0434\u0438\u0441\u043a\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u0441 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c Babyk.\n\n\u0412 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-37085 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043c\u043e\u0447\u044c \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430 Security:\n\n\u2022 4727 \u2014 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Active Directory \u0441 \u0438\u043c\u0435\u043d\u0435\u043c ESX Admins;\n\u2022 4737 \u2014 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Active Directory (\u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0432 ESX Admins);\n\u2022 4728 \u2014 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0433\u0440\u0443\u043f\u043f\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Active Directory \u0441 \u0438\u043c\u0435\u043d\u0435\u043c ESX Admins.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f VMware ESXi.\n\n#dfir #cve #detect #win\n@ptescalator", "creation_timestamp": "2025-03-04T12:58:41.000000Z"}, {"uuid": "10d3966a-88ad-4991-a1e1-c90fb2791379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "Telegram/h1D9PfwREVtrT2yeF8KxwAs_vnX1LlWg5byKhpIexuZjzT0", "content": "", "creation_timestamp": "2024-07-31T19:11:54.000000Z"}, {"uuid": "3838430f-6cff-4cae-b1d0-1522320443eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/HackingInsights/7955", "content": "Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085\nhttps://ift.tt/hmqjCFg", "creation_timestamp": "2024-07-30T12:38:01.000000Z"}, {"uuid": "0980ff58-4ddb-4fa9-8d4b-b17e50fc208e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/15163", "content": "https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/#mitigation-and-protection-guidance\n\nRansomware operators exploit ESXi hypervisor vulnerability for mass encryption\n\nhttps://github.com/rapid7/Rapid7-Labs/blob/main/Vql/CVE-2024-37085.yaml\n#github #exploit #\u5206\u6790", "creation_timestamp": "2024-07-31T23:37:52.000000Z"}, {"uuid": "1949134c-4d9e-4237-967b-2ccddbf0ebc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/4053", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:39:20.000000Z"}, {"uuid": "9a50a53c-6284-4ea2-a11f-f6875063347f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/YW9EaYTF9L2sm1nyLBoDji7AvQgIe7AAwPTmb0-n18moCg", "content": "", "creation_timestamp": "2024-07-11T01:34:00.000000Z"}, {"uuid": "4c153ae9-9065-4a2d-b46a-0af894a68a2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "seen", "source": "https://t.me/cvedetector/1622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37084 - Spring Cloud Data Flow File System Write Enable Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-37084 \nPublished : July 25, 2024, 10:15 a.m. | 18\u00a0minutes ago \nDescription : In Spring Cloud Data Flow versions prior to 2.11.4,\u00a0\u00a0a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T12:43:59.000000Z"}, {"uuid": "502a93ba-3baf-4618-b47e-8ba8d091da6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/CyberBulletin/242", "content": "\u26a1Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085.\n\n#CyberBulletin", "creation_timestamp": "2024-08-02T14:29:17.000000Z"}, {"uuid": "e564cd10-48c8-4fe1-a86c-463d04ede18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/4053", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:39:20.000000Z"}, {"uuid": "66e61b99-21d9-4bf7-8f36-b0595a161f54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "Telegram/T0L2qoE3g7bZ7uebznwh8TeJ-spc6YzSi52rzunmaddsJ1rv", "content": "", "creation_timestamp": "2024-08-31T12:47:17.000000Z"}, {"uuid": "1f8150d8-2c6c-4e9c-bf47-002394b4c9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/1036", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T14:26:37.000000Z"}, {"uuid": "d1467c3d-a550-4257-84f4-d4ad5ad2a87a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/1036", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T14:26:37.000000Z"}, {"uuid": "a6f49ead-780f-416e-8fcd-5527005b161c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/309", "content": "\ud83d\udd25 VMware vCenter Server RCE + PrivEsc\n\nMultiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n\u2014 CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance. (CVSS v3.1 score: 7.8 \"high\").\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a\n\nNmap Script (PoC):\n\ud83d\udd17 https://github.com/nmap/nmap/blob/4b28defac6e3eb8b8eb4704f506949806d784f73/scripts/vmware-version.nse\n\nShodan\nproduct:\"VMware vCenter Server\"\nFOFA\napp=\"vmware-vCenter\"\n\n#vmware #vcenter #rce #lpe #cve", "creation_timestamp": "2024-06-20T12:00:07.000000Z"}, {"uuid": "20a8546b-8ef7-4890-b370-32c9552e56bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/309", "content": "\ud83d\udd25 VMware vCenter Server RCE + PrivEsc\n\nMultiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n\u2014 CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance. (CVSS v3.1 score: 7.8 \"high\").\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a\n\nNmap Script (PoC):\n\ud83d\udd17 https://github.com/nmap/nmap/blob/4b28defac6e3eb8b8eb4704f506949806d784f73/scripts/vmware-version.nse\n\nShodan\nproduct:\"VMware vCenter Server\"\nFOFA\napp=\"vmware-vCenter\"\n\n#vmware #vcenter #rce #lpe #cve", "creation_timestamp": "2024-06-20T12:00:07.000000Z"}, {"uuid": "6fdbdd97-3fc5-4ea2-988d-c8b512bb718a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1123", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:35:41.000000Z"}, {"uuid": "608ff86e-f59e-4463-9e88-f94b74adddef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1123", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:35:41.000000Z"}, {"uuid": "d25d0fa2-bee1-4054-9cc2-61d646633f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/zUsRWt3Wq7-Ohylg0lIat3q_zhXnMZf3Ssuf6Q7NZ3JiF_o", "content": "", "creation_timestamp": "2024-08-28T15:37:05.000000Z"}, {"uuid": "28da99f0-bb36-401b-bbe0-f0d345b8a743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3179", "content": "The Hacker News\nVMware ESXi Flaw Exploited by Ransomware Groups for Admin Access\n\nA recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by \"several\" ransomware groups to gain elevated permissions and deploy file-encrypting malware.\nThe attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host.\n\"A", "creation_timestamp": "2024-07-30T11:58:47.000000Z"}, {"uuid": "bc9aaf33-e7f0-4453-9508-0ad0585dd73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/GrayHatsHack/8037", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\nThey could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-25T10:24:26.000000Z"}, {"uuid": "64957d83-3fad-45c7-a3a6-608a5a05c07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/dilagrafie/3599", "content": "\u26a1Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085.\n\n#CyberBulletin", "creation_timestamp": "2024-08-02T14:50:27.000000Z"}, {"uuid": "1e25d9dd-3690-4c28-92cf-06d130376628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "Telegram/InC9ykp30kkGfhiYdl0JO-8FjhrnZj9ZHpQO0myY9Q5Qr4I", "content": "", "creation_timestamp": "2024-07-19T00:41:28.000000Z"}, {"uuid": "b956223c-cc05-49da-9495-d86ccd118f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/tiZuomN0bxbgk-d5QMLq9OZ6vPtC2T8f4lT-xXEWGZBsW-k", "content": "", "creation_timestamp": "2024-07-19T00:41:28.000000Z"}, {"uuid": "2ef7d47b-13ca-4a9e-88e4-48c1a7793b21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/zer0day1ab/31", "content": "CVE-2024-37081: VMware vCenter Server Multiple LPE\n\nCVE-2024-22274: VMware vCenter Server RCE\n\n#exploit #pentest #redteam", "creation_timestamp": "2024-07-07T20:50:43.000000Z"}, {"uuid": "e2170994-501e-4c89-846b-28c60ea5237d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3lz2qzccvcy2u", "content": "", "creation_timestamp": "2025-09-17T21:16:05.110698Z"}, {"uuid": "66c37010-8e3c-4f9a-b923-96cf79d05090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3lwzfffh7vl25", "content": "", "creation_timestamp": "2025-08-22T21:25:03.030646Z"}, {"uuid": "b46bb366-c12e-4b10-a5bc-90fd9dbbb5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3m3afk26kyo2h", "content": "", "creation_timestamp": "2025-10-15T13:57:03.609017Z"}, {"uuid": "76f86120-b023-401e-b999-d57e128f7f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3m23gjdlis42q", "content": "", "creation_timestamp": "2025-09-30T21:06:03.924242Z"}, {"uuid": "820fe250-2b22-417c-b21d-adc8c42706e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3md7i4aibt22j", "content": "", "creation_timestamp": "2026-01-25T00:31:58.081853Z"}, {"uuid": "897f421d-c4c7-43e7-8439-12a9977ea143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://www.acn.gov.it/portale/w/akira-campagne-di-sfruttamento-sistematico-di-vulnerabilita-perimetrali-e-accessi-vpn", "content": "", "creation_timestamp": "2026-04-13T03:29:00.000000Z"}, {"uuid": "daae1ac6-d916-406f-8c57-8b68f19a2307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "cve-2024-37081", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116129911417527349", "content": "", "creation_timestamp": "2026-02-25T06:43:43.275487Z"}, {"uuid": "0ad3ff02-8de6-49d0-b1b4-ab3c80a8906e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "cve-2024-37080", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116129911417527349", "content": "", "creation_timestamp": "2026-02-25T06:43:43.187833Z"}, {"uuid": "40a5569e-fc93-43da-ad86-759f7411ead2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://vulnerability.circl.lu/comment/501e7a04-3a1e-4ac4-b24b-6ff22b0b554d", "content": "", "creation_timestamp": "2024-08-01T20:57:15.091620Z"}, {"uuid": "5ee7aaad-ca65-405a-a19c-335f5d4b42b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/08dccffe-9ce0-49c5-b0df-5c1b2f91d794", "content": "", "creation_timestamp": "2026-02-02T12:26:32.529442Z"}, {"uuid": "f1f4376d-8bcb-43a0-9ddf-2389e626f28e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/itsec_news/4525", "content": "\u200b\u26a1\ufe0fCheck Point \u0438 Veeam \u043d\u0435 \u0443\u0441\u0442\u043e\u044f\u043b\u0438: \u043e\u0431\u0437\u043e\u0440 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u0438\u044e\u043d\u044c\n\n\ud83d\udcac\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Positive Technologies \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u043f\u0438\u0441\u043e\u043a \u0434\u0435\u0432\u044f\u0442\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft, VMware, Linux, VPN-\u0448\u043b\u044e\u0437\u0435 \u043e\u0442 Check Point Software Technologies \u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Veeam Backup Enterprise Manager. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u0438\u044f \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440.\n\n\u0422\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u0442\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \u0414\u043b\u044f \u0438\u0445 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432: \u0431\u0430\u0437\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438, \u0431\u043b\u043e\u0433\u0438 \u0438 \u0442\u0435\u043b\u0435\u0433\u0440\u0430\u043c-\u043a\u0430\u043d\u0430\u043b\u044b, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 Windows. \u041e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u043e\u043a\u043e\u043b\u043e \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n1. CVE-2024-26229: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Client-Side Caching (CSC) Windows. \u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043a\u0443\u0447\u0435 (\u043e\u0442\u043d\u0435\u0441\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-122 ). ). \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f CSC. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n2. CVE-2024-26169: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 (Windows Error Reporting). \u041e\u043d\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a Windows \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-269 . \u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0438\u0437\u043c\u0435\u043d\u044f\u0435\u0442, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0438\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0438\u0437-\u0437\u0430 \u0447\u0435\u0433\u043e \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n3. CVE-2024-30088: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0434\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b NtQueryInformationToken. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043d\u0430\u0434 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,0.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: CVE-2024-26229 , CVE-2024-26169 , CVE-2024-30088 .\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Linux \u0438 VMware\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u044f\u0434\u0440\u0435 Linux, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u0442\u043e\u0440\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n4. CVE-2024-1086: \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 netfilter \u044f\u0434\u0440\u0430 Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 kernel.org .\nVMware \u0442\u0430\u043a\u0436\u0435 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c.\n\n5 \u0438 6. CVE-2024-37080 \u0438 CVE-2024-37079: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware vCenter, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 VMware vCenter \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438. \u042d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u044b \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440 DCE (RPC). CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 9,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 VMware.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0435 Check Point\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0430\u0445 Check Point Software Technologies.\n\n7. CVE-2024-4577: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 Apache \u0438 PHP CGI \u0432 Windows. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 (remote code execution, RCE) \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043d\u0435\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-07-11T09:12:24.000000Z"}, {"uuid": "0ca3a3c5-80db-450e-9c77-762433c3f615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8747", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aSpring Cloud Data Flow CVE-2024-37084 exp\nURL\uff1ahttps://github.com/A0be/CVE-2024-37084-Exp\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-15T19:10:28.000000Z"}, {"uuid": "b2090b43-068c-4a79-a43a-73f7d23bb893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/kasperskyb2b/1308", "content": "\ud83d\udd14 \u0422\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 VMWare: \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0439\u0442\u0435 \u043f\u0430\u0442\u0447\u0438\n\n\u041d\u043e\u0432\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c VMWare VMSA-2024-0012 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 vCenter Server (CVE-2024-37079 \u0438  -37080, CVSS 9.8), \u0438 \u043e\u0434\u0438\u043d \u0434\u0435\u0444\u0435\u043a\u0442 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root \u0432 vCenter Server (CVE-2024-37081, CVSS 7.8). \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043f\u043b\u0430\u043d\u043e\u0432\u043e, \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0432 FAQ.  \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u043d\u0443\u0436\u043d\u043e \u0438 VMware Cloud Foundation, \u0430 \u0432\u043e\u0442 \u0445\u043e\u0441\u0442\u044b ESXi \u0442\u0440\u043e\u0433\u0430\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f.\n\u041d\u043e \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u043e\u043f\u044b\u0442\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 vCenter, \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043d\u0430\u0434\u043e\u043b\u0433\u043e \u043d\u0435\u043b\u044c\u0437\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-06-19T16:47:35.000000Z"}, {"uuid": "1a13bba9-cc2d-4b9a-82b3-e8c4235fb6f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/Kelvinseccommunity/662", "content": "#hardening\n#Blue_Team_Techniques\nESXi Security-hardening:\nchange the default \"ESX Admins\" AD group\nhttps://mosnotes.com/2018/12/05/esxi-security-hardening-change-the-default-esx-admins-ad-group\n]-> CVE-2024-37085: https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/#mitigation-and-protection-guidance\n]-> https://github.com/rapid7/Rapid7-Labs/blob/main/Vql/CVE-2024-37085.yaml", "creation_timestamp": "2024-07-31T12:00:33.000000Z"}, {"uuid": "d40cfba1-a7cc-4ece-baeb-e46c64b0fe79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1607", "content": "https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/#mitigation-and-protection-guidance\n\nRansomware operators exploit ESXi hypervisor vulnerability for mass encryption\n\nhttps://github.com/rapid7/Rapid7-Labs/blob/main/Vql/CVE-2024-37085.yaml\n#github #exploit #\u5206\u6790", "creation_timestamp": "2024-07-31T23:37:52.000000Z"}, {"uuid": "4d4808b7-b585-445a-8f08-0c4f39ed636f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5826", "content": "\u200aVMware vCenter : CVE-2024-37081 Proof Of Concept\n\nhttps://kalilinuxtutorials.com/vmware-vcenter/", "creation_timestamp": "2024-07-12T13:28:16.000000Z"}, {"uuid": "ee69294c-427b-40eb-a2bd-f515cf8d0dc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/2178", "content": "https://github.com/Florian-Hoth/CVE-2024-37085-RCE-POC", "creation_timestamp": "2024-08-10T22:47:02.000000Z"}, {"uuid": "02515051-a370-441c-ae7d-cf56f5a6ce5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "Telegram/7TmeLhBEwGZ4R6H7RLJZ_TUPR9TuN_dX3tdoe0qvNiQQVg", "content": "", "creation_timestamp": "2024-06-20T18:49:32.000000Z"}, {"uuid": "9b5ad13f-c0ea-4882-a7ad-79a8d121d124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/HackingInsights/2896", "content": "\u200aCVE-2024-37079, CVE-2024-37080: Critical VMware vCenter Server Vulnerabilities Demand Immediate Action\n\nhttps://securityonline.info/cve-2024-37079-cve-2024-37080-critical-vmware-vcenter-server-vulnerabilities-demand-immediate-action/", "creation_timestamp": "2024-06-18T20:43:17.000000Z"}, {"uuid": "98988d2a-f045-42d6-888f-9d2c9fd61b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/T0L2qoE3g7bZ7uebznwh8TeJ-spc6YzSi52rzunmaddsJ1rv", "content": "", "creation_timestamp": "2024-08-31T12:47:17.000000Z"}, {"uuid": "d4f456a0-c56a-43d7-82c2-8de5f04200cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/12100", "content": "The Hacker News\nVMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi\n\nVMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could", "creation_timestamp": "2024-06-18T12:12:57.000000Z"}, {"uuid": "8c8fe6a3-1adf-4fe0-b8b6-b9fa106d0aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/16411", "content": "The Hacker News\nVMware ESXi Flaw Exploited by Ransomware Groups for Admin Access\n\nA recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by \"several\" ransomware groups to gain elevated permissions and deploy file-encrypting malware.\nThe attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host.\n\"A", "creation_timestamp": "2024-07-30T11:58:47.000000Z"}, {"uuid": "8c75b550-9ba0-4303-a8db-2d5ffbf71c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/CyberDilara/227", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\n\u26a0They could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-20T18:53:14.000000Z"}, {"uuid": "ea08a5f5-9175-4607-be24-a8ea5cee92a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/396", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T02:46:52.000000Z"}, {"uuid": "84f21320-36b5-4a49-8b1a-ac12a0edfde0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/KomunitiSiber/2122", "content": "VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi\nhttps://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html\n\nVMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could", "creation_timestamp": "2024-06-18T11:00:18.000000Z"}, {"uuid": "28924392-a32d-47f0-8c04-a97a62b9e922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/KomunitiSiber/2321", "content": "VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access\nhttps://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.html\n\nA recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by \"several\" ransomware groups to gain elevated permissions and deploy file-encrypting malware.\nThe attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host.\n\"A", "creation_timestamp": "2024-07-30T11:29:56.000000Z"}, {"uuid": "e2c2cc11-2050-4a0e-8d9c-12e397552220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/GrayHatsHack/8458", "content": "\u26a1Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085.\n\n#CyberBulletin", "creation_timestamp": "2024-08-02T14:37:46.000000Z"}, {"uuid": "a0cd716d-6c43-4bd0-806b-dd6580873ca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8212", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "9adeeda0-5e2a-461b-8b0a-64c0e9138688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/dilagrafie/3346", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\n\u26a0They could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-20T18:53:24.000000Z"}, {"uuid": "b08660f2-6eab-46b5-8a17-4a77adfedd9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3405", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:42.000000Z"}, {"uuid": "4980d70a-d9b6-4df8-aff8-9a810ebac2cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/GrayHatsHack/7145", "content": "\u26a1Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085.\n\n#CyberBulletin", "creation_timestamp": "2024-08-02T14:37:46.000000Z"}, {"uuid": "213b0b26-e1d1-4f5f-867a-b58336490c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6918", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "069754b1-7225-478d-ac0b-e4d130b1931d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/ctinow/222548", "content": "BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085\nhttps://ift.tt/U8q2mjF", "creation_timestamp": "2024-08-28T17:19:41.000000Z"}, {"uuid": "1eb0aeb3-ba13-4c88-9a2f-2d2a9e7f7a8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1508", "content": "\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\n\nCVE-2024-37081: VMware vCenter Server Multiple LPE\n\nCVE-2024-22274: VMware vCenter Server RCE\n\n#exploit #pentest #redteam", "creation_timestamp": "2024-07-07T00:00:38.000000Z"}, {"uuid": "a765785d-2c6e-4d04-a779-735de6102331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/information_security_channel/52639", "content": "Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw\nhttps://www.securityweek.com/microsoft-says-ransomware-gangs-exploiting-just-patched-vmware-esxi-flaw/\n\nVMware did not mention in-the-wild exploitation for CVE-2024-37085 but Microsoft says ransomware gangs are abusing the just-patched flaw.\nThe post Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw (https://www.securityweek.com/microsoft-says-ransomware-gangs-exploiting-just-patched-vmware-esxi-flaw/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-07-29T20:58:17.000000Z"}, {"uuid": "540b1170-a671-4555-94b9-a4d0b0f39d8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/thehackernews/5132", "content": "VMware has released patches for Cloud Foundation, vCenter Server, and vSphere ESXi to fix critical flaws that could allow RCE and privilege escalation. \n \nLearn more about CVE-2024-37079, CVE-2024-37080 & CVE-2024-37081\u2014and secure your infrastructure now. \n \nhttps://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html", "creation_timestamp": "2024-06-18T10:56:22.000000Z"}, {"uuid": "f0f37fba-fe1a-4d53-9e31-0fbf4f85f16a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/thehackernews/5487", "content": "\ud83d\udea8 Alert: BlackByte ransomware is exploiting a recently patched VMware ESXi vulnerability (CVE-2024-37085) to escalate privileges and compromise systems. \n \nBut that's not all... they're also using vulnerable drivers to disable security measures, making this attack especially dangerous. \n \nRead: https://thehackernews.com/2024/08/blackbyte-ransomware-exploits-vmware.html \n \n \nP.S. If this was helpful, consider resharing \u267b\ufe0f to help others stay protected!", "creation_timestamp": "2024-08-28T12:41:22.000000Z"}, {"uuid": "0ebc64c6-c1df-4f14-832b-b5dcaa7f558d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25267", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:50.000000Z"}, {"uuid": "e9dcde7f-a4e7-4039-bf7a-a40af45128a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "seen", "source": "https://t.me/CNArsenal/3307", "content": "https://blog.securelayer7.net/spring-cloud-skipper-vulnerability/\n\nCVE-2024-37084: Spring Cloud Remote Code Execution\n#\u5206\u6790 #exploit", "creation_timestamp": "2024-10-11T17:55:10.000000Z"}, {"uuid": "e9ff7d25-6e10-4140-b2ce-858f36a82684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37087", "type": "seen", "source": "https://www.cert.at/de/warnungen/2024/7/kritische-sicherheitslucke-in-vmware-esxi-aktiv-ausgenutzt-update-verfugbar", "content": "", "creation_timestamp": "2024-07-30T08:10:29.000000Z"}, {"uuid": "03951b06-e686-4fed-87fc-dd70952713ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3lw4udfrzwq23", "content": "", "creation_timestamp": "2025-08-11T13:05:10.436096Z"}, {"uuid": "183d793f-5b14-4ac4-98f5-e550069a123f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://gist.github.com/emadshanab/34522c81b12208711193e3838a7ca04d", "content": "", "creation_timestamp": "2025-10-12T00:45:20.000000Z"}, {"uuid": "a22caa82-5a2b-4540-a9ba-e46adfe1de10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://gist.github.com/emadshanab/34522c81b12208711193e3838a7ca04d", "content": "", "creation_timestamp": "2025-10-12T00:45:20.000000Z"}, {"uuid": "dbfb670a-7945-4685-96b2-579577bfdd20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vcenter_sudo_lpe.rb", "content": "", "creation_timestamp": "2024-12-05T02:32:04.000000Z"}, {"uuid": "9eda3e5a-63a6-4343-8e57-52ff59869823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mdddudnt4k23", "content": "", "creation_timestamp": "2026-01-26T13:26:36.151587Z"}, {"uuid": "eac4c7a3-d9f6-4711-917f-99a8d02d5456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mdddudnt4k23", "content": "", "creation_timestamp": "2026-01-26T13:26:36.231732Z"}, {"uuid": "b87a3c42-6a9a-4007-8075-08355bff7de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1319", "content": "", "creation_timestamp": "2024-06-28T04:00:00.000000Z"}, {"uuid": "599a69ee-1a1d-4c45-8a97-0461156d9d32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1313", "content": "", "creation_timestamp": "2024-06-19T04:00:00.000000Z"}, {"uuid": "e7bd16df-40b0-4f43-95b4-1a43ad925a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1313", "content": "", "creation_timestamp": "2024-06-19T04:00:00.000000Z"}, {"uuid": "c59ad219-caf7-4902-b8bb-df57f7869191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8506", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAnalysis , Demo exploit and poc about CVE-2024-37084\nURL\uff1ahttps://github.com/Kayiyan/CVE-2024-37084-Poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-10T17:04:07.000000Z"}, {"uuid": "ef78396f-486b-4d52-ae44-fba75ea1beb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8151", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aVulnerability Scanner for CVE-2024-37085 and Exploits ( For Educational Purpose only)\nURL\uff1ahttps://github.com/mahmutaymahmutay/CVE-2024-37085\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-02T13:47:53.000000Z"}, {"uuid": "0626af7d-530b-40bb-bbe4-3e33a8a4c66e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8248", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-37085 unauthenticated shell upload to full administrator on domain-joined esxi hypervisors.\nURL\uff1ahttps://github.com/WTN-arny/Vmware-ESXI\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-12T17:48:42.000000Z"}, {"uuid": "7282fc6a-5273-4523-ae38-eb67049f0dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/7TmeLhBEwGZ4R6H7RLJZ_TUPR9TuN_dX3tdoe0qvNiQQVg", "content": "", "creation_timestamp": "2024-06-20T18:49:32.000000Z"}, {"uuid": "58f083b2-e91f-46da-a200-059ddc0359fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9131", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAnalysis , Demo exploit and poc about CVE-2024-37084\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-37084-Poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-22T13:58:46.000000Z"}, {"uuid": "7d2baead-51e6-4523-997b-49a78fc74bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/itsec_news/4734", "content": "\u200b\u26a1\ufe0fCVE-2024-38812: \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0432\u0430\u0448\u0435\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Broadcom \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware vCenter Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2024-38812 , \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 DCE/RPC.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 vCenter.\n\n\u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441\u0445\u043e\u0436 \u0441 \u0434\u0432\u0443\u043c\u044f \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u2014 CVE-2024-37079 \u0438 CVE-2024-37080, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430. \u041e\u0446\u0435\u043d\u043a\u0430 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9.8 \u043f\u043e CVSS.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 CVE-2024-38813 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 7.5, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root. \u0410\u0442\u0430\u043a\u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u043f\u0440\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b TZL \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u0440\u0435\u0432\u043d\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Matrix Cup, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0432 \u041a\u0438\u0442\u0430\u0435 \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439:\n\nvCenter Server 8.0 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 8.0 U3b);\nvCenter Server 7.0 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.0 U3s);\nVMware Cloud Foundation 5.x (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0438 8.0 U3b);\nVMware Cloud Foundation 4.x (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.0 U3s).\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Broadcom \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043b\u0443\u0436\u0431 VMware vCenter.\n\n\u042d\u0442\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0441\u043e\u0432\u043f\u0430\u043b\u0438 \u0441 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043e\u0442 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 (CISA) \u0438 \u0424\u0411\u0420. \u0412 \u043d\u0451\u043c \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 cross-site scripting (XSS), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-09-19T13:23:48.000000Z"}, {"uuid": "492f4cd2-8e8c-4c6e-b602-805a9fbbb89c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "Telegram/v546fKl79y1sfcdaU9NpE9FOqkGwS4h43wi_wda2uiJjmw", "content": "", "creation_timestamp": "2024-07-30T11:59:02.000000Z"}, {"uuid": "bc3791a4-9e5b-49dd-aba5-11fca82065a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/12344", "content": "https://github.com/Mr-r00t11/CVE-2024-37081\n\nVMware vCenter - CVE-2024-37081 Proof of Concept", "creation_timestamp": "2024-07-10T15:43:09.000000Z"}, {"uuid": "0277fe4b-7336-4c03-9727-2c66f630e975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "Telegram/OFGdwMEYUgUZmDtHQPbxu6i5ogYjek-rrvpVAvSm5DBLLQ", "content": "", "creation_timestamp": "2024-06-18T12:12:55.000000Z"}, {"uuid": "499c52ad-875f-4a93-90a7-fc6dcfc4c55c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/8239", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-21T02:31:47.000000Z"}, {"uuid": "0000e6c7-ef03-432f-9f2d-8c3fd2c4501f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/8239", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-21T02:31:47.000000Z"}, {"uuid": "8e542c21-f0e3-4dbf-b305-a2e5c0123df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1220", "content": "https://github.com/Mr-r00t11/CVE-2024-37081\n\nVMware vCenter - CVE-2024-37081 Proof of Concept", "creation_timestamp": "2024-07-10T15:43:09.000000Z"}, {"uuid": "8df21edf-971b-441c-b452-2acb700f5222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/HackingInsights/11571", "content": "BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085\nhttps://ift.tt/U8q2mjF", "creation_timestamp": "2024-08-30T10:27:57.000000Z"}, {"uuid": "f512916f-d0fb-4ef7-8870-10ce94811242", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/HackingInsights/11529", "content": "\u200aBlackByte Ransomware Group Exploits VMware CVE-2024-37085 Flaw, Shifts Tactics\n\nhttps://securityonline.info/blackbyte-ransomware-group-exploits-vmware-cve-2024-37085-flaw-shifts-tactics/", "creation_timestamp": "2024-08-29T09:08:13.000000Z"}, {"uuid": "25300556-b5c6-4942-89ef-c1914c8dc37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/HackingInsights/7893", "content": "\u200aRansomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085\n\nhttps://securityaffairs.com/166295/cyber-crime/ransomware-gangs-exploit-cve-2024-37085-vmware-esxi.html", "creation_timestamp": "2024-07-30T12:37:31.000000Z"}, {"uuid": "aeb1c82a-6485-4ba7-aba6-f962d426a945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7884", "content": "\u200aCVE-2024-37085: VMware ESXi Vulnerability Exploited by Ransomware Gangs\n\nhttps://securityonline.info/cve-2024-37085-vmware-esxi-vulnerability-exploited-by-ransomware-gangs/", "creation_timestamp": "2024-07-30T12:37:31.000000Z"}, {"uuid": "1c8cf2d5-386b-4c16-89f6-0f8517cc935b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7457", "content": "\u200aCVE-2024-37084 (CVSS 9.8): Remote code execution in Spring Cloud Data Flow\n\nhttps://securityonline.info/cve-2024-37084-cvss-9-8-remote-code-execution-in-spring-cloud-data-flow/", "creation_timestamp": "2024-07-25T18:59:12.000000Z"}, {"uuid": "b08bbf7c-6d04-4c43-82c9-4d3269ed323c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "Telegram/9FpOrb1S7mX2aiTQCTQiFBIhh0KINNHaHAEMZwqFYsdGnw", "content": "", "creation_timestamp": "2024-07-30T10:19:05.000000Z"}, {"uuid": "e1d29b94-fdcf-421c-b980-8e983b823180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/CyberDilara/244", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\nThey could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-25T17:20:25.000000Z"}, {"uuid": "c67c76e7-b1c2-4539-ba33-19dffb8643c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "Telegram/JY3Tdlm-rK7NW97WMF3BzzCxel998rP3WdZdhbgiL7lEqg", "content": "", "creation_timestamp": "2024-06-18T11:45:57.000000Z"}, {"uuid": "0c755d80-d86c-4321-b164-27f597b8122e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/RDeyg-FQrZfaj0SSJGqmtH-VEEWXqOFSVXNSHmynkr7cI_k", "content": "", "creation_timestamp": "2024-08-09T14:42:09.000000Z"}, {"uuid": "a0477737-a977-4414-b157-5e3c4ae19d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "Telegram/zUsRWt3Wq7-Ohylg0lIat3q_zhXnMZf3Ssuf6Q7NZ3JiF_o", "content": "", "creation_timestamp": "2024-08-28T15:37:05.000000Z"}, {"uuid": "9171e7e0-cb3b-423d-b53b-986066918393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2369", "content": "The Hacker News\nVMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi\n\nVMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could", "creation_timestamp": "2024-06-18T12:12:57.000000Z"}, {"uuid": "19181901-c63a-41cf-bf4c-869c1823402b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/GrayHatsHack/6797", "content": "CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!\n\nThey could allow a hacker with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n#CyberDilara", "creation_timestamp": "2024-06-25T10:24:26.000000Z"}, {"uuid": "083c5bf9-db48-4259-980a-db5e43b68e8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/MrVGunz/1230", "content": "\ud83d\udccd #\u0647\u0634\u062f\u0627\u0631_\u0627\u0645\u0646\u06cc\u062a\u06cc: \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a #VMware\n\n\u0645\u062d\u0635\u0648\u0644\u0627\u062a #VMware \u0637\u06cc \u0631\u0648\u0632\u0647\u0627\u06cc \u0627\u062e\u06cc\u0631\u060c \u0628\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0686\u0646\u062f\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc \u0645\u0648\u0627\u062c\u0647 \u0634\u062f\u0647\u200c\u0627\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u0628\u0647\u200c\u0648\u06cc\u0698\u0647 CVE-2024-37085\u060c \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u062f\u0648\u0631 \u0632\u062f\u0646 \u0645\u06a9\u0627\u0646\u06cc\u0632\u0645\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u062d\u0645\u0644\u0627\u062a \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 (#DoS) \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0627\u062f\u0647 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0645\u062c\u0627\u0632\u06cc \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u0646\u062f.\n\n#\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2024-37085:\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0648\u062c\u0648\u062f \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0627\u0632 \u062f\u0627\u0645\u0646\u0647\u200c\u0647\u0627\u06cc \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0628\u0627 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a\u06cc \u06a9\u0627\u0645\u0644 \u0648 \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0645\u0646\u0627\u0633\u0628\u060c \u0628\u0633\u06cc\u0627\u0631 \u062e\u0637\u0631\u0646\u0627\u06a9 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627 \u062f\u0631 \u0645\u062d\u06cc\u0637\u200c\u0647\u0627\u06cc \u0645\u062c\u0627\u0632\u06cc \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n#\u0645\u062d\u0635\u0648\u0644\u0627\u062a_\u062a\u062d\u062a_\u062a\u0623\u062b\u06cc\u0631:\n\n- #VMware_ESXi \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc 7.0 \u0648 8.0\n- #VMware_vCenter_Server \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc 7.0 \u0648 8.0\n- #VMware_Cloud_Foundation \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc 4.x \u0648 5.x\n\n#\u0627\u0642\u062f\u0627\u0645\u0627\u062a_\u0636\u0631\u0648\u0631\u06cc:\n\u0628\u0647\u200c\u0634\u062f\u062a \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u06a9\u0647 \u062a\u0645\u0627\u0645\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0648 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc VMware\u060c \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0631\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f. \u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0648 \u062f\u0627\u0646\u0644\u0648\u062f \u067e\u0686\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u0628\u0647 \u0644\u06cc\u0646\u06a9 \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u0646\u0645\u0627\u06cc\u06cc\u062f:\n\n\ud83c\udf10 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505\n\n#\u062a\u0648\u062c\u0647: \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0628\u062d\u0631\u0627\u0646\u06cc \u0628\u0648\u062f\u0646 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u0647\u0631\u06af\u0648\u0646\u0647 \u062a\u0623\u062e\u06cc\u0631 \u062f\u0631 \u0627\u0639\u0645\u0627\u0644 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0639\u0648\u0627\u0642\u0628 \u062c\u0628\u0631\u0627\u0646\u200c\u0646\u0627\u067e\u0630\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0634\u0645\u0627 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/vmware-products-multiple-vulnerabilities_20240730\n\n\n\ud83d\udccd #SecurityAlert: Critical Vulnerabilities in #VMware Products\n\nIn recent days, several serious security vulnerabilities have been identified in VMware products. These vulnerabilities, particularly CVE-2024-37085, allow attackers to bypass security mechanisms, perform denial-of-service attacks (#DoS), and gain full control over virtual systems.\n\nVulnerability CVE-2024-37085:\n\nThis vulnerability is extremely dangerous due to the presence of a set of default domains with full administrative access and inadequate authentication. This security flaw enables attackers to execute arbitrary code in virtual environments.\n\nAffected Products:\n\n- #VMware_ESXi versions 7.0 and 8.0\n- #VMware_vCenter_Server versions 7.0 and 8.0\n- #VMware_Cloud_Foundation versions 4.x and 5.x\n\nNecessary Actions:\n\nIt is highly recommended that all VMware system users and administrators apply the related security updates as soon as possible. For more information and to download security patches, visit the link below:\n\n\ud83c\udf10 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505\n\nNote: Due to the critical nature of these vulnerabilities, any delay in applying updates could have severe consequences for the security of your systems.\n\n\ud83d\udd17 To read the full article, visit:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/vmware-products-multiple-vulnerabilities_20240730", "creation_timestamp": "2024-08-05T16:02:15.000000Z"}, {"uuid": "550885a5-f8e9-48fc-907e-143abe5fed06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/MrVGunz/1189", "content": "\u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062d\u06cc\u0627\u062a\u06cc \u062f\u0631 VMware vCenter Server \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u062e\u06cc\u0631 \u0642\u0627\u0628\u0644 \u0628\u0631\u0637\u0631\u0641\u06cc \u0647\u0633\u062a\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0634\u0627\u0645\u0644 heap overflow \u0648 privilege escalation \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-37079\u060c CVE-2024-37080 \u0648 CVE-2024-37081 \u0647\u0633\u062a\u0646\u062f \u0648 \u0646\u0645\u0631\u0647 CVSSv3 \u0622\u0646\u200c\u0647\u0627 \u0628\u06cc\u0646 7.8 \u062a\u0627 9.8 \u0627\u0633\u062a. \u0628\u0631\u0627\u06cc \u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0648 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0644\u0627\u0632\u0645\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0647 \u0644\u06cc\u0646\u06a9 \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83d\udd17 \u0644\u06cc\u0646\u06a9 \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\n\nA series of critical vulnerabilities has been identified in VMware vCenter Server, which can be mitigated by installing recent security updates. These vulnerabilities include heap overflow and privilege escalation identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, with CVSSv3 scores ranging from 7.8 to 9.8. For more details and to install the necessary updates, please visit the following link:\n\n\ud83d\udd17 Link to More Information", "creation_timestamp": "2024-07-03T08:32:23.000000Z"}, {"uuid": "fd49c555-1114-4a64-854f-a268b13496ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/30", "content": "", "creation_timestamp": "2024-07-07T20:50:42.000000Z"}, {"uuid": "c567fee1-97d9-4bbd-b591-85c2585b69f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/MrVGunz/1189", "content": "\u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062d\u06cc\u0627\u062a\u06cc \u062f\u0631 VMware vCenter Server \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u062e\u06cc\u0631 \u0642\u0627\u0628\u0644 \u0628\u0631\u0637\u0631\u0641\u06cc \u0647\u0633\u062a\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0634\u0627\u0645\u0644 heap overflow \u0648 privilege escalation \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-37079\u060c CVE-2024-37080 \u0648 CVE-2024-37081 \u0647\u0633\u062a\u0646\u062f \u0648 \u0646\u0645\u0631\u0647 CVSSv3 \u0622\u0646\u200c\u0647\u0627 \u0628\u06cc\u0646 7.8 \u062a\u0627 9.8 \u0627\u0633\u062a. \u0628\u0631\u0627\u06cc \u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0648 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0644\u0627\u0632\u0645\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0647 \u0644\u06cc\u0646\u06a9 \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83d\udd17 \u0644\u06cc\u0646\u06a9 \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\n\nA series of critical vulnerabilities has been identified in VMware vCenter Server, which can be mitigated by installing recent security updates. These vulnerabilities include heap overflow and privilege escalation identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, with CVSSv3 scores ranging from 7.8 to 9.8. For more details and to install the necessary updates, please visit the following link:\n\n\ud83d\udd17 Link to More Information", "creation_timestamp": "2024-07-03T08:32:23.000000Z"}, {"uuid": "bcd7952c-f3ce-4dc0-9302-b443fbc6eca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/true_secator/6041", "content": "\u0412\u043a\u0440\u0430\u0442\u0446\u0435 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c, \u043a\u043e\u0438\u0445 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043d\u0435 \u043c\u0430\u043b\u043e \u043d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435.\n\nZoho \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u041f\u041e ManageEngine \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 SQL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Exchange Reporter Plus.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-38871 \u0438 CVE-2024-38872 (\u043e\u0431\u0435 \u0441 CVSS 8,3), \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0435\u0449\u0435 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c, \u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430.\n\n\u041c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u0430\u044f Progress \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u043e\u0433\u043e MOVEit Transfer.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2024-6576 \u0432 \u043c\u043e\u0434\u0443\u043b\u044c SFTP \u0438\u043c\u0435\u0435\u0442 CVSS 7.3 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0423\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0439 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0442, \u043d\u043e \u0437\u043d\u0430\u044f MOVEit - \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442.\n\nSalt Security \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 Hotjar, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u043d\u043b\u0430\u0439\u043d-\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0430\u0439\u0442\u044b \u043c\u0438\u0440\u043e\u0432\u044b\u0445 \u0431\u0440\u0435\u043d\u0434\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Adobe, Microsoft, Panasonic, Columbia, RyanAir, Decathlon, T-Mobile, Nintendo \u0438 \u0434\u0440.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CosmicSting Magento \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0430\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e  \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0435\u0449\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430.\n\nCloudSEK \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c LFI \u0432 Jenkins, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043a\u0430\u043a CVE-2024-23897, \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 Github.\n\nMicrosoft\u00a0\u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430\u00a0\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0438 0-day VMware ESXi (CVE-2024-37085) \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Akira \u0438 Black Basta.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (CVE-2024-37085) \u043d\u0430\u0445\u043e\u0434\u0438\u043b\u0430\u0441\u044c \u0432 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 ESXi Active Directory. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 ESXi, \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u0445 \u043a \u0434\u043e\u043c\u0435\u043d\u0443.", "creation_timestamp": "2024-07-31T15:33:16.000000Z"}, {"uuid": "af02b7db-a7bb-4ffd-b224-36dd3f56e4cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/ctinow/221181", "content": "Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085\nhttps://ift.tt/fWIZTG8", "creation_timestamp": "2024-08-01T22:59:55.000000Z"}, {"uuid": "86d6f837-9bf6-49a7-9869-411244645a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://t.me/ctinow/220983", "content": "Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085\nhttps://ift.tt/hmqjCFg", "creation_timestamp": "2024-07-30T00:00:05.000000Z"}, {"uuid": "e4b543eb-9c4a-4f64-87f6-faa8bf73ec0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/thehackernews/5132", "content": "VMware has released patches for Cloud Foundation, vCenter Server, and vSphere ESXi to fix critical flaws that could allow RCE and privilege escalation. \n \nLearn more about CVE-2024-37079, CVE-2024-37080 & CVE-2024-37081\u2014and secure your infrastructure now. \n \nhttps://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html", "creation_timestamp": "2024-06-18T10:56:22.000000Z"}, {"uuid": "b78eae3b-6f2a-49f4-a034-0f5837e2723d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9087", "content": "CVE-2024-37084: Spring Cloud Remote Code Execution\n\nhttps://blog.securelayer7.net/spring-cloud-skipper-vulnerability/", "creation_timestamp": "2024-09-03T22:47:28.000000Z"}, {"uuid": "428d8405-c4b4-4640-850e-f102a4b5a42f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3321", "content": "https://github.com/Ly4j/CVE-2024-37084-Exp\n\nSpring Cloud Data Flow CVE-2024-37084 exp\n#github #exploit", "creation_timestamp": "2024-10-15T17:18:19.000000Z"}, {"uuid": "54566fd8-8b66-4b35-9ece-de4921326e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11077", "content": "#exploit\n1. CVE-2024-43044:\nFrom file read to RCE in Jenkins through agents\nhttps://blog.convisoappsec.com/en/analysis-of-cve-2024-43044\n\n2. CVE-2024-42815:\nBuffer Overflow in TP-Link Routers\nhttps://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce\n\n3. CVE-2024-37084:\nSpring Cloud RCE\nhttps://blog.securelayer7.net/spring-cloud-skipper-vulnerability", "creation_timestamp": "2024-09-04T04:21:25.000000Z"}, {"uuid": "87b423df-c3c8-4cb1-a9e7-fea80c2b2ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3516", "content": "#hardening\n#Blue_Team_Techniques\nESXi Security-hardening:\nchange the default \"ESX Admins\" AD group\nhttps://mosnotes.com/2018/12/05/esxi-security-hardening-change-the-default-esx-admins-ad-group\n]-> CVE-2024-37085: https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/#mitigation-and-protection-guidance\n]-> https://github.com/rapid7/Rapid7-Labs/blob/main/Vql/CVE-2024-37085.yaml", "creation_timestamp": "2024-08-16T11:18:08.000000Z"}, {"uuid": "fe957865-aa4e-43ee-a9e3-21d6d0d7bab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-07-30T18:10:02.000000Z"}, {"uuid": "654897a7-394a-4a0d-b6bf-b5750eff51b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lgsdwgjvjk2c", "content": "", "creation_timestamp": "2025-01-28T11:27:05.474647Z"}, {"uuid": "5b201301-a0f0-4901-a5ac-53e09ce52293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "e50b2aab-e096-43d1-9aa6-a90d6a7f1cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/aimainainnu.bsky.social/post/3lidhjs3ps22s", "content": "", "creation_timestamp": "2025-02-17T00:12:06.601659Z"}, {"uuid": "7b924aca-d121-4848-bcf8-d0acc0a1c5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/CNArsenal/2931", "content": "https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/#mitigation-and-protection-guidance\n\nRansomware operators exploit ESXi hypervisor vulnerability for mass encryption\n\nhttps://github.com/rapid7/Rapid7-Labs/blob/main/Vql/CVE-2024-37085.yaml\n#github #exploit #\u5206\u6790", "creation_timestamp": "2024-07-31T18:10:20.000000Z"}, {"uuid": "9564054c-28e3-4687-a183-caf73fe04f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2771", "content": "https://github.com/Mr-r00t11/CVE-2024-37081\n\nVMware vCenter - CVE-2024-37081 Proof of Concept\n#github #poc", "creation_timestamp": "2024-07-16T15:54:20.000000Z"}, {"uuid": "0efd4528-64e4-44de-ad0e-accd0bc5438f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10908", "content": "#hardening\n#Blue_Team_Techniques\nESXi Security-hardening:\nchange the default \"ESX Admins\" AD group\nhttps://mosnotes.com/2018/12/05/esxi-security-hardening-change-the-default-esx-admins-ad-group\n]-> CVE-2024-37085: https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/#mitigation-and-protection-guidance\n]-> https://github.com/rapid7/Rapid7-Labs/blob/main/Vql/CVE-2024-37085.yaml", "creation_timestamp": "2024-07-31T13:28:44.000000Z"}, {"uuid": "865cc3b7-838a-4dd1-82fd-1a11019dd9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10710", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T19:11:41.000000Z"}, {"uuid": "f7265134-1cc8-4726-9e6a-536feec4b97e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10710", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T19:11:41.000000Z"}, {"uuid": "097bbc2b-8f56-4bb2-b336-112d6ce8f1eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "exploited", "source": "https://t.me/true_secator/6050", "content": "Shadowserver \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0431\u043e\u043b\u0435\u0435 20 000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 VMware ESXi, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2024-37085 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 6,8), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0443 ESXi.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u043c\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c\u0438 Active Directory (AD) \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0445\u043e\u0441\u0442\u0443 ESXi, \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 AD \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438, \u043f\u0443\u0442\u0435\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b AD (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u00ab\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b ESX\u00bb) \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0438\u0437 AD.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 24 \u0438\u044e\u043b\u044f, \u0430 \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e, \u043a\u0430\u043a \u043c\u044b \u0443\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, Microsoft \u0437\u0430\u043f\u0440\u0438\u043c\u0435\u0442\u0438\u043b\u0430 \u0440\u044f\u0434 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0431\u0430\u0433 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, Storm-0506, Storm-1175, Octo Tempest \u0438 Manatee Tempest \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u043d\u0430\u043a\u0430\u0442\u044b\u0432\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Akira \u0438 Black Basta.\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438 \u0433\u0440\u0443\u043f\u043f\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 ESX \u0438 \u0434\u043e\u0431\u0430\u0432\u044f\u043b\u0438 \u0441\u0435\u0431\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0447\u043b\u0435\u043d\u043e\u0432 \u0433\u0440\u0443\u043f\u043f\u044b, \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u043f\u043e\u043b\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u043e\u0432 VMware ESXi, \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0432\u0448\u0438\u0445\u0441\u044f \u043a \u0433\u0440\u0443\u043f\u043f\u0435.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0430 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430\u043c ESXi, \u0447\u0442\u043e \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0441\u0447\u0435\u0442\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 Shadowserver Foundation \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 CVE-2024-37085 \u0432 \u0441\u0432\u043e\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 CVE \u0438 \u0447\u0442\u043e \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 30 \u0438\u044e\u043b\u044f \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 20 000 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u0412 Shadowserver \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u044b, \u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0438 ESXi, \u043d\u043e \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0437 \u043d\u0438\u0445 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0425\u043e\u0442\u044f CVE-2024-37085 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0435\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0430\u044f\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u0435\u043b\u0430\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435\u043e\u0442\u043b\u043e\u0436\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0435\u0439 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439.", "creation_timestamp": "2024-08-02T10:24:28.000000Z"}, {"uuid": "c4f44b3b-6e94-468b-9c01-812cd8ae11ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37084", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6173", "content": "\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.\n\nGoogle \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Chrome 128 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f 8 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 6 \u0448\u0435\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 Chrome CVE-2024-7971 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a \u043d\u0443\u043b\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 Citrine Sleet, \u0447\u0442\u043e \u0434\u043b\u044f \u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0441\u0442\u0430\u043b\u043e \u0443\u0436\u0435 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0435\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, PixiePoint \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 CVE-2024-38106, \u043d\u0443\u043b\u0435 \u0432 \u044f\u0434\u0440\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c Citrine Sleet \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e.\n\nSecureLayer7 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 CVE-2024-37084 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Skipper Spring Cloud Data Flow, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u0438\u044e\u043b\u0435.\n\nRCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0442\u043e\u0440\u0430 Yaml, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0447\u0442\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 YAML.\n\nVMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Fusion, \u0430 \u0434\u043b\u044f \u043a\u0430\u043c\u0435\u0440 AVTech \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043d\u043e\u0432\u044b\u0439 PoC\u00a0(\u0441\u0442\u0430\u0440\u044b\u0439 \u0437\u0434\u0435\u0441\u044c), \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e 0-day CVE-2024-7029, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Fudgedotdotdot \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043e\u0431\u0437\u043e\u0440 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u043e\u0440\u0430\u0434\u043e\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0421\u0430\u0439\u0431\u0435\u0440\u041e\u041a \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0427\u0435\u0440\u043d\u0435\u043d\u044c\u043a\u043e\u0432 \u0438 \u0421\u0435\u0440\u0433\u0435\u0439 \u0413\u043e\u0440\u0434\u0435\u0439\u0447\u0438\u043a, \u043e\u043a\u0430\u0437\u0430\u0432\u0448\u0438\u0435 \u043f\u043e\u043c\u043e\u0449\u044c \u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Webmin, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 Loop DoS (CVE-2024-2169). \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Webmin - \u044d\u0442\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 1 000 000 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \n\nWebmin/Virtualmin \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 UDP, \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0435 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 UDP/10000.\n\n\u042d\u0442\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u043d\u0430 \u043b\u044e\u0431\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 UDP IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0438 \u043f\u043e\u0440\u0442\u043e\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n\u0422\u0430\u043a\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 Loop DoS \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 UDP \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c ip-\u043f\u043e\u0440\u0442\u043e\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430 Webmin, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c\u0443 \u043e\u0431\u043c\u0435\u043d\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0445\u043e\u0441\u0442\u0430\u043c\u0438, \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DOS) \u0438/\u0438\u043b\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438.", "creation_timestamp": "2024-09-05T19:00:06.000000Z"}, {"uuid": "0da1c87f-9fe6-4eae-90b1-0bce85b3b041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/true_secator/5867", "content": "VMware\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Cloud Foundation, vCenter Server \u0438 vSphere ESXi, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 CVE-2024-37079 \u0438 CVE-2024-37080\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8) \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u00a0DCE/RPC.\n\n\u041e\u0431\u0435 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0425\u0430\u043e \u0427\u0436\u044d\u043d\u0443 \u0438 \u0426\u0437\u044b\u0431\u043e \u041b\u0438 \u0438\u0437 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 QiAnXin.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 vCenter \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430.\n\n\u041c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f CVE-2024-37081\u00a0(CVSS: 7,8) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 EoP \u0432 VMware vCenter, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0438\u043c\u0438 \u0432 \u0432\u0438\u0434\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 sudo. \u0410\u0432\u0442\u043e\u0440\u0441\u0442\u0432\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0438\u0442 \u041c\u0430\u0442\u0435\u044e \u0411\u0430\u0434\u0430\u043d\u043e\u044e \u0438\u0437 Deloitte \u0432 \u0420\u0443\u043c\u044b\u043d\u0438\u0438.\n\n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u043d\u0435\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root-\u043f\u0440\u0430\u0432.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 vCenter Server 7.0 \u0438 8.0, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 7.0 U3r, 8.0 U1e \u0438 8.0 U2d.\n\n\u0421\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439\u00a0\u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e (\u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043f\u043e\u043a\u0430).", "creation_timestamp": "2024-06-18T13:10:05.000000Z"}, {"uuid": "626248f7-103e-42d1-9c13-0855053841c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "seen", "source": "https://t.me/true_secator/5867", "content": "VMware\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Cloud Foundation, vCenter Server \u0438 vSphere ESXi, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 CVE-2024-37079 \u0438 CVE-2024-37080\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8) \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u00a0DCE/RPC.\n\n\u041e\u0431\u0435 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0425\u0430\u043e \u0427\u0436\u044d\u043d\u0443 \u0438 \u0426\u0437\u044b\u0431\u043e \u041b\u0438 \u0438\u0437 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 QiAnXin.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 vCenter \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430.\n\n\u041c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f CVE-2024-37081\u00a0(CVSS: 7,8) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 EoP \u0432 VMware vCenter, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0438\u043c\u0438 \u0432 \u0432\u0438\u0434\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 sudo. \u0410\u0432\u0442\u043e\u0440\u0441\u0442\u0432\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0438\u0442 \u041c\u0430\u0442\u0435\u044e \u0411\u0430\u0434\u0430\u043d\u043e\u044e \u0438\u0437 Deloitte \u0432 \u0420\u0443\u043c\u044b\u043d\u0438\u0438.\n\n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u043d\u0435\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root-\u043f\u0440\u0430\u0432.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 vCenter Server 7.0 \u0438 8.0, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 7.0 U3r, 8.0 U1e \u0438 8.0 U2d.\n\n\u0421\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439\u00a0\u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e (\u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043f\u043e\u043a\u0430).", "creation_timestamp": "2024-06-18T13:10:05.000000Z"}, {"uuid": "661215df-cbca-46d1-a3de-6ecf79f12f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37080", "type": "exploited", "source": "https://t.me/true_secator/5960", "content": "\u0421\u043b\u0435\u0434\u0443\u044f \u0432\u044b\u0448\u0435\u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0443\u043c\u043e\u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u043c \u0413\u0440\u0438\u0431\u043e\u0432, \u041f\u043e\u0437\u0438\u0442\u0438\u0432\u044b \u043f\u0440\u043e\u0448\u0435\u0440\u0441\u0442\u0438\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0441\u0435\u0442\u0435\u0439, \u0431\u043b\u043e\u0433\u043e\u0432, \u0422\u0413-\u043a\u0430\u043d\u0430\u043b\u043e\u0432, \u0431\u0430\u0437 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u043a\u043e\u0434\u0430, \u0432\u044b\u0434\u0435\u043b\u0438\u0432 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u044e\u043d\u044f.\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u044d\u0442\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0438\u0431\u043e \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043b\u0438\u0431\u043e \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u2014 \u0434\u0435\u0432\u044f\u0442\u044c:\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439: \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 CSC (CVE-2024-26229), \u0441\u043b\u0443\u0436\u0431\u0435 Error Reporting (CVE-2024-26169) \u0438 \u044f\u0434\u0440\u0435 \u041e\u0421 (CVE-2024-30088);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u043c \u044f\u0437\u044b\u043a\u0435 PHP \u043d\u0430 \u0443\u0437\u043b\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows (CVE-2024-4577);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0432 \u044f\u0434\u0440\u0435 Linux (CVE-2024-1086);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432 Check Point Quantum Security Gateways (CVE-2024-24919);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VMware vCenter, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 (CVE-2024-37079, CVE-2024-37080);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Veeam Backup & Replication, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024-29849).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043f\u043e \u043a\u0430\u0436\u0434\u043e\u0439 \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432, \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 - \u0432 \u0431\u043b\u043e\u0433\u0435\u00a0Positive Technologies.", "creation_timestamp": "2024-07-11T18:50:01.000000Z"}, {"uuid": "68f2b980-84f7-4e6e-adda-107ce198d8c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lkre3zpwzo2t", "content": "", "creation_timestamp": "2025-03-19T23:38:17.724257Z"}, {"uuid": "a799e1ad-a636-4aeb-a837-b9e72d1425e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:03.000000Z"}, {"uuid": "fea1eccc-6f43-4008-9e4a-db0eedaa4a57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37085", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:56.000000Z"}]}