{"vulnerability": "CVE-2019-2215", "sightings": [{"uuid": "f5af9261-28f1-496a-a094-2b9a3e29954f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html", "content": "", "creation_timestamp": "2022-11-04T15:50:00.000000Z"}, {"uuid": "07d06295-af53-4648-9e7d-05bc8a49e81d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/5e1343da-fac8-4558-a459-07670a3b4631", "content": "", "creation_timestamp": "2020-01-06T14:29:02.000000Z"}, {"uuid": "1dcf619e-0059-4181-9eae-185b165b133e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/6133782e-8869-430d-ac0f-9a161f6dca52", "content": "", "creation_timestamp": "2020-12-09T17:20:33.000000Z"}, {"uuid": "12bc9f03-bdfa-4567-ad6b-c91a30b32acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:16.000000Z"}, {"uuid": "2763a275-3670-435a-969a-243e0998f373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "296e0126-dce1-415b-84bb-80314e83946c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/f6a84ed8-143b-4c4c-a232-4529f4878764", "content": "", "creation_timestamp": "2020-10-09T14:06:38.000000Z"}, {"uuid": "c383d985-67ba-430f-bb7e-692b27ca1791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/3c9fa790-f4b2-44e5-bd3c-593bd7113bef", "content": "", "creation_timestamp": "2024-02-28T11:10:03.000000Z"}, {"uuid": "eaeb7394-4ad2-4e35-951b-b15fd3778846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://www.exploit-db.com/exploits/47463", "content": "", "creation_timestamp": "2019-10-04T00:00:00.000000Z"}, {"uuid": "0d8d4857-2011-416e-8a6f-cd410094e87e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://www.exploit-db.com/exploits/48129", "content": "", "creation_timestamp": "2020-02-24T00:00:00.000000Z"}, {"uuid": "6eafea1c-2a66-4599-8127-a4729d7bc343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971159", "content": "", "creation_timestamp": "2024-12-24T20:25:08.478237Z"}, {"uuid": "5059480c-abac-4547-b1b1-43f3dff0f355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971160", "content": "", "creation_timestamp": "2024-12-24T20:25:09.438610Z"}, {"uuid": "0b4a5845-48c6-4d21-9d9c-344e8b6ac40e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971161", "content": "", "creation_timestamp": "2024-12-24T20:25:10.300438Z"}, {"uuid": "21d32145-c4e1-4b27-9f40-4cc7496a9e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "bfeffe15-15f7-4f3f-9c3d-564ca44eb487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:43.000000Z"}, {"uuid": "0e4067dd-78a6-4ab0-9262-a4009f6c6cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:15.000000Z"}, {"uuid": "5eb21c9f-e5fb-4275-aa6f-e67f6f08d394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/android/local/binder_uaf.rb", "content": "", "creation_timestamp": "2020-02-23T09:15:48.000000Z"}, {"uuid": "3935a5ca-6744-4d54-a305-b14fe04e7757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://gist.github.com/bernielampe1/9e1b0221f50120ee61fc17977dc046bb", "content": "", "creation_timestamp": "2025-04-18T02:19:21.000000Z"}, {"uuid": "464024a6-c6cf-4316-b7ec-7dfc0f8f10ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:56.000000Z"}, {"uuid": "2947ed74-14b3-43da-9a15-63789f9d523e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://gist.github.com/prof-hac/76f2a4b0a2937cff2ca4b95dc94a2d2c", "content": "", "creation_timestamp": "2026-03-27T23:02:22.000000Z"}, {"uuid": "11f755ad-642b-4202-80ba-3d75bb7dc325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fd98c742-c296-4f75-878c-9671726e5bf1", "content": "", "creation_timestamp": "2026-02-02T12:28:34.488868Z"}, {"uuid": "2c12a72c-d9cf-46f4-b28e-38930d28aac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10167", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Kernel exploitation - CVE-2019-2215\n\nhttps://github.com/ameetsaahu/Kernel-exploitation/blob/main/CVE-2019-2215/exploit.c", "creation_timestamp": "2022-09-08T08:03:41.000000Z"}, {"uuid": "2f5879ab-eac4-4dda-8ec7-31af6d424a0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/novitoll_ch/68", "content": "\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u043b \u043d\u0430 \u042e\u0442\u0443\u0431 \u0441\u0442\u0430\u0440\u044b\u0439 \u043c\u043e\u0439 \u0441\u0442\u0440\u0438\u043c (\u0414\u0435\u043a\u0430\u0431\u0440\u044c 29, 2019) \u043f\u0440\u043e CVE-2019-2215.\nhttps://www.youtube.com/watch?v=iu6xPThoHZ8\n\n\u0418 \u043c\u043e\u0438 \u043d\u043e\u0432\u044b\u0435 \u0432\u0438\u0434\u043e\u0441\u044b \u043d\u0430 \u0430\u043d\u0433\u043b\u0438\u0439\u0441\u043a\u043e\u043c:\n\n-  CVE-2019-2215: TL;DR *no demo*\nhttps://www.youtube.com/watch?v=RT7BjSACrv0\n\n- Vulnserver KSTET (socket reuse)\nhttps://www.youtube.com/watch?v=6MFUR9J_gro", "creation_timestamp": "2020-05-03T10:48:24.000000Z"}, {"uuid": "1dfc8e83-28f3-4d97-9fab-cdfa54a3bc49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/novitoll_ch/43", "content": "\u041e\u0442 \u0430\u0432\u0442\u043e\u0440\u0430 CVE-2019-2215 \u0441 Google p0\nhttps://maddiestone.github.io/AndroidAppRE/", "creation_timestamp": "2019-12-05T18:57:27.000000Z"}, {"uuid": "849e2057-88c7-4447-a934-a874e5327a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "Telegram/Z22ddpILY-yeUUVWiXwyxi9IfQjGUAfHXsS4qd56wYck-To", "content": "", "creation_timestamp": "2025-11-07T03:00:06.000000Z"}, {"uuid": "3b4a28db-42d0-4218-b78d-e4416879dab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "Telegram/UcOXFA8nSOttq6tnEv5GYCOJTlyoQN894TbAmd-Usu-nlPU", "content": "", "creation_timestamp": "2026-04-22T15:00:07.000000Z"}, {"uuid": "d14371cb-087d-4b7a-9cc0-bedcb80cf9ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/2717", "content": "\u200b\u200b\u0410\u043d\u0430\u043b\u0438\u0437 CVE-2019-2215(/dev/binder UAF)\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c, \u044f \u043f\u044b\u0442\u0430\u043b\u0441\u044f \u043f\u043e\u043d\u044f\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 Android Binder Use-After-Free (UAF), \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u041f\u0440\u043e\u0435\u043a\u0442\u043e\u043c Google Project Zero (p0). \u042d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043d\u0435 \u043d\u043e\u0432\u044b\u0439, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044f\u0434\u0440\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2018 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e, p0 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b, \u0447\u0442\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043f\u0430\u0442\u0447\n\n\u0427\u0438\u0442\u0430\u0442\u044c \u0441\u0442\u0430\u0442\u044c\u044e \u043d\u0430 \u043a\u043e\u0434\u0435\u0431\u0430\u0439: https://codeby.net/threads/analiz-cve-2019-2215-dev-binder-uaf.69977/\n\n#android #cve #java #kernelleak", "creation_timestamp": "2020-01-31T20:38:28.000000Z"}, {"uuid": "9a7863f7-351a-44f0-a5cc-7ce5e27bca11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/antichat/7563", "content": "https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group", "creation_timestamp": "2020-01-06T19:10:31.000000Z"}, {"uuid": "269f1ab8-2031-4e96-9e47-59659afeb360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/novitoll_ch/69", "content": "RnD \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 \u0426\u0410\u0420\u041a\u0410, \u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0446\u0435\u043b\u044f\u0445, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0432 \u0432\u0438\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u043e\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Android. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Android \u2013 CVE-2019-2215 Android Bad Binder Use-After-Free [1]. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 (root) \u043d\u0430 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u0435 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043f\u043e\u0434 \u043b\u044e\u0431\u044b\u043c \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u044e\u0437\u0435\u0440\u043e\u043c. \u041e\u0448\u0438\u0431\u043a\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 Google Project Zero (Maddie Stone) 27 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2019 \u0433\u043e\u0434\u0430 [2]. \n\n\u0414\u043b\u044f \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u043f\u043e\u044f\u0441\u043d\u0438\u043c, \u0430\u043d\u0430\u043b\u043e\u0433 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u043a\u0430\u043a \u043a\u0438\u0431\u0435\u0440\u043e\u0440\u0443\u0436\u0438\u0435, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c, \u0441 2017 \u0433\u043e\u0434\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Google \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Android, \u041d\u041e \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u0441\u0442\u0430\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043d\u0435 \u0432\u044b\u0439\u0434\u0435\u0442, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0443\u0436\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d.\n\n\u041f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0447\u0435\u043d\u044c \u0440\u0435\u0434\u043a\u043e \u043f\u0440\u043e\u0432\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u041a\u0430\u0437\u0430\u0445\u0441\u0442\u0430\u043d\u0435 \u0432\u0432\u0438\u0434\u0443 \u043a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0435\u0444\u0438\u0446\u0438\u0442\u0430 \u043a\u043e\u043c\u043f\u0435\u0442\u0435\u043d\u0446\u0438\u0438. \u041c\u044b \u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u0435\u0440\u0435\u0434 \u0441\u043e\u0431\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0443 \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u043b\u044b \u0432 \u0442\u0430\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0435 \u043a\u0430\u043a \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Android \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0446\u0435\u043d\u043d\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u0430\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0430 \u043f\u0440\u0438\u0440\u043e\u0434\u0430 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Android.\n\n\u041d\u0430\u0448\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0443\u0436\u0435 \u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u043c\u0438 \u043d\u0430\u0440\u0430\u0431\u043e\u0442\u043a\u0430\u043c\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0437\u043d\u0430\u043d\u0438\u044f\u043c\u0438 \u043d\u0430 \u0432\u0441\u0442\u0440\u0435\u0447\u0435 \u00abR0 crew KZ\u00bb (https://t.me/r0crewKZ) \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2019 \u0433\u043e\u0434\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0432\u0435\u043b\u0430 \u043e\u0431\u0443\u0447\u0430\u044e\u0449\u0438\u0439 \u0441\u0442\u0440\u0438\u043c [3].\n\n\u0412 \u0441\u0435\u0442\u0438 \u0443\u0436\u0435 \u0438\u043c\u0435\u044e\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0440\u0430\u0437\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043d\u043e \u0434\u043b\u044f \u043a\u0430\u0437\u0430\u0445\u0441\u0442\u0430\u043d\u0441\u043a\u0438\u0445 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u044d\u0442\u043e \u043d\u043e\u0432\u044b\u0439 \u043e\u043f\u044b\u0442. \u042d\u0442\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u043e\u0439 \u043c\u044b \u0440\u0435\u0448\u0430\u043b\u0438 \u0437\u0430\u0434\u0430\u0447\u0443 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u043f\u043e\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435\u0442 \u0433\u043e\u0442\u043e\u0432\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432. \u0414\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043c\u044b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0434\u0432\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u2013 Xiaomi Redmi 5 \u0438 Samsung A520F (Galaxy A5).\n\n\u041d\u0430 \u0432\u0438\u0434\u0435\u043e \u043c\u043e\u0436\u043d\u043e \u0432\u0438\u0434\u0435\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0430 \u043d\u0435\u043c \u043f\u0440\u0430\u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435. \u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0443\u0440\u043e\u0432\u043d\u044f \u0437\u0430\u0440\u044f\u0434\u0430 \u0431\u0430\u0442\u0430\u0440\u0435\u0438 \u043d\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 1 000 000 %.\n\n\u041f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435, \u0432 \u0445\u043e\u0434\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u0437\u043d\u0430\u043d\u0438\u044f \u043e \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u0438 \u0442\u0435\u0445\u043d\u0438\u043a\u0435 \u0430\u0442\u0430\u043a, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0442 \u043d\u0430\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u0435\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u043e\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u0426\u0410\u0420\u041a\u0410 \u043f\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u044b BULAQ, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0435\u0439 \u0432 \u0441\u0435\u0431\u044f \u0446\u0435\u043b\u0443\u044e \u043b\u0438\u043d\u0435\u0439\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438. \u041e\u0434\u043d\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u2013 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0439 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d.\n\n[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215\n[2] https://bugs.chromium.org/p/project-zero/issues/detail?id=1942\n[3] https://youtu.be/iu6xPThoHZ8?t=2459, https://youtu.be/RT7BjSACrv0?t=33", "creation_timestamp": "2020-05-18T18:34:25.000000Z"}, {"uuid": "9cc78efb-ad13-4ea5-a0be-55bdd99f16b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/DaleelCyberSecurity/80", "content": "\u0645\u0627 \u0647\u064a \u062b\u063a\u0631\u0629 \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631 (Zero-Day Exploit)\u061f\n\n\u0647\u064a \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641\u0629 \u0644\u0644\u0645\u0637\u0648\u0631\u064a\u0646 \u0623\u0648 \u0627\u0644\u0634\u0631\u0643\u0627\u062a \u0627\u0644\u0645\u0633\u0624\u0648\u0644\u0629 \u0639\u0646 \u0627\u0644\u0646\u0638\u0627\u0645\u060c \u0645\u0645\u0627 \u064a\u0639\u0646\u064a \u0623\u0646\u0647\u0627 \u0644\u0645 \u062a\u064f\u0635\u0644\u062d \u0628\u0639\u062f \u0648\u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0642\u0628\u0644 \u0623\u0646 \u064a\u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627 \u0623\u0648 \u0625\u0635\u062f\u0627\u0631 \u062a\u062d\u062f\u064a\u062b \u0644\u0647\u0627.\n\n\n---\n\n\u0643\u064a\u0641 \u062a\u0639\u0645\u0644\u061f\n\n\u0639\u0646\u062f \u0627\u0643\u062a\u0634\u0627\u0641 \u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629\u060c \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0642\u0628\u0644 \u0623\u0646 \u062a\u0635\u062f\u0631 \u0627\u0644\u0634\u0631\u0643\u0629 \u062a\u0635\u062d\u064a\u062d\u064b\u0627 \u0623\u0645\u0646\u064a\u064b\u0627. \u064a\u062a\u0645 \u0630\u0644\u0643 \u0639\u0627\u062f\u0629\u064b \u0645\u0646 \u062e\u0644\u0627\u0644:\n\n\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0623\u062e\u0637\u0627\u0621 \u0628\u0631\u0645\u062c\u064a\u0629 \u0641\u064a \u0627\u0644\u0646\u0638\u0627\u0645 \u0623\u0648 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a.\n\n\u062a\u062c\u0627\u0648\u0632 \u0622\u0644\u064a\u0627\u062a \u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u062b\u0644 SELinux \u0623\u0648 Google Play Protect.\n\n\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u062e\u0628\u064a\u062b\u0629 \u0644\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0645\u0631\u062a\u0641\u0639\u0629 (Root \u0623\u0648 SYSTEM).\n\n\n\n---\n\n\u0643\u064a\u0641 \u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0641\u064a \u0623\u0646\u062f\u0631\u0648\u064a\u062f\u061f\n\n\u062b\u063a\u0631\u0627\u062a \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631 \u0641\u064a \u0623\u0646\u062f\u0631\u0648\u064a\u062f \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0643\u0648\u0646 \u0641\u064a \u0639\u062f\u0629 \u0623\u0645\u0627\u0643\u0646:\n\n1. \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0627\u0644\u0646\u0638\u0627\u0645 (Kernel Exploits):\n\n\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0623\u062e\u0637\u0627\u0621 \u0641\u064a \u0646\u0648\u0627\u0629 \u0627\u0644\u0646\u0638\u0627\u0645 \u0644\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0645\u0631\u062a\u0641\u0639\u0629.\n\n\u0623\u0645\u062b\u0644\u0629: \u062b\u063a\u0631\u0629 Dirty Cow (CVE-2016-5195)\u060c \u0648\u062b\u063a\u0631\u0627\u062a \u062a\u062c\u0627\u0648\u0632 SELinux.\n\n\n\n2. \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0623\u0633\u0627\u0633\u064a\u0629 (Framework Exploits):\n\n\u0627\u0633\u062a\u0647\u062f\u0627\u0641 \u0645\u0643\u0648\u0646\u0627\u062a \u0627\u0644\u0646\u0638\u0627\u0645 \u0645\u062b\u0644 MediaServer \u0623\u0648 WebView.\n\n\u062a\u0646\u0641\u064a\u0630 \u0623\u0643\u0648\u0627\u062f \u062e\u0628\u064a\u062b\u0629 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0645\u0644\u0641\u0627\u062a PDF \u0623\u0648 MP4 \u0623\u0648 \u0635\u0648\u0631 \u0645\u0634\u0648\u0647\u0629.\n\n\n\n3. \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0627\u0644\u0645\u062a\u0635\u0641\u062d\u0627\u062a (Browser Exploits):\n\n\u062a\u0646\u0641\u064a\u0630 \u0623\u0643\u0648\u0627\u062f \u062c\u0627\u0641\u0627\u0633\u0643\u0631\u064a\u0628\u062a \u062e\u0628\u064a\u062b\u0629 \u0645\u0646 \u062e\u0644\u0627\u0644 WebView \u0623\u0648 Chrome.\n\n\u0627\u0633\u062a\u063a\u0644\u0627\u0644 JavaScript Engine \u0644\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u062a\u0646\u0641\u064a\u0630 \u0643\u0648\u062f \u0639\u0646 \u0628\u0639\u062f (RCE).\n\n\n\n4. \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u0630\u0627\u0643\u0631\u0629 (Heap / Stack Exploits):\n\n\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062a\u0642\u0646\u064a\u0627\u062a \u0645\u062b\u0644 Buffer Overflow \u0623\u0648 Use-After-Free \u0644\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u062a\u062d\u0643\u0645 \u0643\u0627\u0645\u0644 \u0628\u0627\u0644\u062c\u0647\u0627\u0632.\n\n\n\n5. \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u062e\u062f\u0645\u0627\u062a \u0627\u0644\u0646\u0638\u0627\u0645 (System Services Exploits):\n\n\u0645\u062b\u0644 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 ADB \u0641\u064a \u0627\u0644\u0623\u062c\u0647\u0632\u0629 \u0627\u0644\u062a\u064a \u062a\u062a\u0631\u0643\u0647 \u0645\u0641\u0639\u0651\u0644\u064b\u0627.\n\n\n\n\n\n---\n\n\u0643\u064a\u0641 \u064a\u062d\u0635\u0644 \u0627\u0644\u0647\u0627\u0643\u0631\u0632 \u0639\u0644\u0649 \u062b\u063a\u0631\u0627\u062a \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631\u061f\n\n\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u062a\u062d\u062f\u064a\u062b\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0644\u0644\u0628\u062d\u062b \u0639\u0646 \u062a\u063a\u064a\u064a\u0631\u0627\u062a \u064a\u0645\u0643\u0646 \u0639\u0643\u0633\u0647\u0627 \u0644\u0627\u0633\u062a\u0646\u062a\u0627\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n\u0645\u0631\u0627\u062c\u0639\u0629 \u0627\u0644\u0643\u0648\u062f \u0627\u0644\u0645\u0635\u062f\u0631\u064a \u0644\u0623\u0646\u0638\u0645\u0629 \u0623\u0646\u062f\u0631\u0648\u064a\u062f \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631 (AOSP).\n\n\u0627\u0633\u062a\u062e\u062f\u0627\u0645 Fuzzing \u0644\u0625\u0631\u0633\u0627\u0644 \u0628\u064a\u0627\u0646\u0627\u062a \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0644\u0627\u062e\u062a\u0628\u0627\u0631 \u0633\u0644\u0648\u0643 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a.\n\n\u0627\u0644\u0628\u062d\u062b \u0641\u064a \u0627\u0644\u062a\u0633\u0631\u064a\u0628\u0627\u062a \u0648\u0627\u0644\u0645\u0646\u062a\u062f\u064a\u0627\u062a \u0627\u0644\u0633\u0631\u064a\u0629 \u062d\u064a\u062b \u064a\u062a\u0645 \u0628\u064a\u0639 \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n\n\n---\n\n\u0647\u0644 \u064a\u0645\u0643\u0646\u0646\u064a \u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631\u061f\n\n\u0625\u0630\u0627 \u0643\u0646\u062a \u0628\u0627\u062d\u062b\u064b\u0627 \u0623\u0645\u0646\u064a\u064b\u0627\u060c \u064a\u0645\u0643\u0646\u0643 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0623\u062f\u0648\u0627\u062a \u0645\u062b\u0644 AFL\u060c Frida\u060c Ghidra\u060c IDA Pro \u0644\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0648\u0627\u0643\u062a\u0634\u0627\u0641 \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n\u0625\u0630\u0627 \u0643\u0646\u062a \u062a\u0631\u064a\u062f \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0641\u0642\u0637\u060c \u0641\u0645\u0639\u0638\u0645 \u062b\u063a\u0631\u0627\u062a Zero-Day \u062a\u0643\u0648\u0646 \u062e\u0627\u0635\u0629 \u0648\u064a\u062a\u0645 \u0628\u064a\u0639\u0647\u0627 \u0641\u064a \u0627\u0644\u0633\u0648\u0642 \u0627\u0644\u0633\u0648\u062f\u0627\u0621 \u0628\u0623\u0633\u0639\u0627\u0631 \u062a\u0628\u062f\u0623 \u0645\u0646 10,000$ \u0648\u0642\u062f \u062a\u0635\u0644 \u0625\u0644\u0649 \u0645\u0644\u064a\u0648\u0646 \u062f\u0648\u0644\u0627\u0631 (\u062e\u0627\u0635\u0629 \u062b\u063a\u0631\u0627\u062a iOS \u0648\u0623\u0646\u062f\u0631\u0648\u064a\u062f).\n\n\n\n---\n\n\u0623\u0634\u0647\u0631 \u062b\u063a\u0631\u0627\u062a \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631 \u0641\u064a \u0623\u0646\u062f\u0631\u0648\u064a\u062f\n\nCVE-2019-2215: \u062b\u063a\u0631\u0629 \u062a\u062c\u0627\u0648\u0632 Kernel Sandbox.\n\nCVE-2020-0022: \u062b\u063a\u0631\u0629 Bluetooth RCE \u062a\u062a\u064a\u062d \u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0639\u0646 \u0628\u0639\u062f.\n\nCVE-2023-20963: \u0627\u0633\u062a\u063a\u0644\u0627\u0644 Intent \u0644\u0644\u0647\u0631\u0648\u0628 \u0645\u0646 \u0627\u0644\u062d\u0645\u0627\u064a\u0629.\n\nCVE-2024-XXXX (\u062a\u064f\u0643\u062a\u0634\u0641 \u0628\u0627\u0633\u062a\u0645\u0631\u0627\u0631).\n\n\n\n---\n\n\u0643\u064a\u0641 \u062a\u062d\u0645\u064a \u0646\u0641\u0633\u0643\u061f\n\n\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0646\u0638\u0627\u0645 \u0648\u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0628\u0627\u0633\u062a\u0645\u0631\u0627\u0631.\n\n\u062a\u0639\u0637\u064a\u0644 ADB \u0648 Debugging \u0639\u0646\u062f \u0639\u062f\u0645 \u0627\u0644\u062d\u0627\u062c\u0629 \u0625\u0644\u064a\u0647.\n\n\u062a\u062c\u0646\u0628 \u062a\u062d\u0645\u064a\u0644 \u062a\u0637\u0628\u064a\u0642\u0627\u062a APK \u0645\u0646 \u0645\u0635\u0627\u062f\u0631 \u063a\u064a\u0631 \u0645\u0648\u062b\u0648\u0642\u0629.\n\n\u0627\u0633\u062a\u062e\u062f\u0627\u0645 ROMs \u0645\u0639\u062f\u0644\u0629 \u0628\u0645\u064a\u0632\u0627\u062a \u0623\u0645\u0627\u0646 \u0625\u0636\u0627\u0641\u064a\u0629 \u0645\u062b\u0644 GrapheneOS \u0623\u0648 CalyxOS.\n\n\n\u0625\u0630\u0627 \u0643\u0646\u062a \u062a\u0631\u064a\u062f \u062a\u0639\u0644\u0645 \u0627\u0643\u062a\u0634\u0627\u0641 \u0623\u0648 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631\u060c \u0623\u0646\u0635\u062d\u0643 \u0628\u062f\u0631\u0627\u0633\u0629 \u0647\u0646\u062f\u0633\u0629 \u0639\u0643\u0633\u064a\u0629 (Reverse Engineering) \u0648\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a \u0627\u0644\u062e\u0628\u064a\u062b\u0629 (Malware Analysis).", "creation_timestamp": "2025-01-30T18:05:01.000000Z"}, {"uuid": "a55cd109-2f55-4664-8bc7-dc7c381f0b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "Telegram/63BYuvlMwmvtLowrCF3MHX2SuwSGWGBYchele8q3SvC5U-Q", "content": "", "creation_timestamp": "2025-03-30T12:50:01.000000Z"}, {"uuid": "d95ee6ef-55fb-4175-9384-af849616b704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/40", "content": "\u0421\u043b\u0435\u0434\u043e\u043c \u0438\u0434\u0435\u0442, \u0442\u0430\u043a \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u043c\u044b\u0439 0-day \u0432 Android. \u0427\u0442\u043e \u043c\u044b \u0438\u043c\u0435\u0435\u043c \u043d\u0430 \u0434\u0435\u043b\u0435? \n\n\u0418\u043c\u0435\u0435\u043c \u043d\u043e\u0432\u043e\u0441\u0442\u044c:\nhttps://xakep.ru/2019/10/17/qu1ckr00t/\n\n\u0411\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0432\u0437\u0438\u043c\u043e\u0441\u0442\u044c Use-After-Free (https://bugs.chromium.org/p/project-zero/issues/detail?id=1942), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u0435\u043b\u0430 \u043a privlege escalation. \u0422\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043e\u043d\u0430 \u0434\u0430\u0432\u0430\u043b\u0430 \u043f\u043e\u043b\u043d\u044b\u0439 Read Write \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u044f\u0434\u0440\u0443 \u0438 \u0432 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0435 \u0438 \u0432\u0441\u0451. \u0414\u0430\u043b\u0435\u0435 \u0447\u0443\u0432\u0430\u043a \u0432\u0437\u044f\u043b \u044d\u0442\u0443 \u0434\u0438\u0447\u044c, \u0438 \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d \u0438\u043c\u0435\u0435\u0442 \u043f\u043e\u043b\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043a kernel, \u043d\u0430\u0448\u0435\u043b \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 task_struct \u0432 \u044f\u0434\u0435\u0440\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0438 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0435 \u0437\u0430 SECCOMP, SELinux \u0438 \u0442.\u0434, \u0438 \u0442\u0443\u043f\u043e \u043f\u043e\u043e\u0442\u043a\u043b\u044e\u0447\u0430\u043b \u0432\u0441\u0451. (https://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root/). \n\n\u0422\u043e \u0435\u0441\u0442\u044c, \u0441\u0430\u043c\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 \u0441\u043f\u0438\u0441\u043a\u0435, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u0440\u0443\u0442\u043e\u0432\u0430\u043d\u0438\u044e \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0442\u043e\u043b\u044c\u043a\u043e Pixel 2 \u0438 \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u043e\u0439 \u0441\u0431\u043e\u0440\u043a\u0438 \u044f\u0434\u0440\u0430, \u0447\u0442\u043e \u0432 \u0441\u0442\u0430\u0442\u044c\u0435.\n\n\u0422\u0430\u043a \u0447\u0442\u043e, \u043d\u0435 \u0442\u0430\u043a\u043e\u0439 \u0443\u0436 \u0438 \u0446\u0435\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442, \u0431\u0435\u0437 \u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u0438 *(", "creation_timestamp": "2019-10-21T19:41:28.000000Z"}, {"uuid": "32d5023e-b436-49e6-bfe1-e56ca651f400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/alexmakus/3223", "content": "\u041f\u0440\u0438\u0432\u0435\u0442. \u0411\u0443\u0434\u0435\u043c \u043f\u043e\u0442\u0438\u0445\u043e\u043d\u044c\u043a\u0443 \u0432\u044b\u0445\u043e\u0434\u0438\u0442\u044c \u0438\u0437 \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u043e\u0439 \u043a\u043e\u043c\u044b, \u0442\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e \u0432 \u043c\u0438\u0440\u0435 \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430 \u0436\u0438\u0437\u043d\u044c \u043d\u0435 \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0441\u044c, \u0430 \u0434\u0430\u0436\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u0431\u0443\u0440\u043b\u0438\u0442. \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430, \u043a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u0441\u0442\u0430\u043b\u0430 \u043d\u0435\u043e\u0442\u0434\u0435\u043b\u0438\u043c\u0430 \u043e\u0442 \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430, \u0438, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043c\u044b \u0443\u0432\u0438\u0434\u0438\u043c \u043c\u043d\u043e\u0433\u043e \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439, \u0433\u0434\u0435 \u0431\u0443\u0434\u0443\u0442 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0421\u0428\u0410 \u0438 \u0418\u0440\u0430\u043d. \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u0430\u0440\u0443 \u0434\u043d\u0435\u0439 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u043c\u043d\u043e\u0433\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u043e\u0432 \u0441 \u0434\u0435\u0444\u0435\u0439\u0441\u0430\u043c\u0438 \u0441\u0430\u0439\u0442\u043e\u0432, \u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u044d\u043a\u0448\u0435\u043d\u043e\u0432. \n\n\u043d\u043e \u043f\u043e\u043a\u0430 \u0447\u0442\u043e \u043f\u043e\u043f\u0440\u043e\u0449\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u2014\u00a0\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0432 Google Play (Camero, FileCrypt \u0438 callCam) \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 NSO Group. \u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u0438\u0445\u0430\u0440\u044f \u0440\u0443\u0442\u044f\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0438 \u043f\u043e\u0442\u043e\u043c \u0432\u044b\u0433\u0440\u0435\u0431\u0430\u044e\u0442 \u0432\u0441\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0441 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043e\u0432 \n\nhttps://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/", "creation_timestamp": "2020-01-09T14:07:21.000000Z"}, {"uuid": "f80f8395-0305-487c-bf35-dfff8c67a18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/110", "content": "\u203c\ufe0f\u203c\ufe0f \n21-\u0433\u043e \u0434\u0435\u043a\u0430\u0431\u0440\u044f (\u0441\u0443\u0431\u0431\u043e\u0442\u0430), \u0432 \u0410\u0441\u0442\u0430\u043d\u0435, \u0432 18:00, \u0431\u0443\u0434\u0435\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0432\u0441\u0442\u0440\u0435\u0447\u0430 r0crewKZ! \u041f\u0440\u043e\u0445\u043e\u0434\u0438\u0442\u044c \u0432\u0441\u0451 \u0431\u0443\u0434\u0435\u0442 \u0432 \u0442\u043e\u043c \u0436\u0435 \u043c\u0435\u0441\u0442\u0435, \u0432 Burger Shop! + \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e\u0435 \u043f\u0438\u0432\u043e \u043e\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 (\u0432 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0435)\n\n\u0422\u0435\u043c\u044b \u0434\u043e\u043a\u043b\u0430\u0434\u043e\u0432:\n\n1) CVE-2019-2215: Android Binder UAF exploitation research\n2) \u0421\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u044f: \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u044f\n3) cat web gsm &gt; khs_cyberpolygon_2019.ppt\n4) RFID raw spoofing\n5) SDR \u0434\u043b\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0449\u0438\u0445\n\n\u041c\u0435\u0441\u0442\u043e: Burger shop (http://burgershop.kz/). \u041d\u0430 \u0441\u0430\u0439\u0442\u0435 \u043d\u0430\u0439\u0434\u0435\u0442\u0435 \u043c\u0435\u043d\u044e \u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\n\u041d\u0430 \u043a\u0430\u0440\u0442\u0435: https://2gis.kz/nur_sultan/firm/70000001028880208\n\u0418\u043d\u0441\u0442\u0430\u0433\u0440\u0430\u043c: https://www.instagram.com/burgershop.astana/", "creation_timestamp": "2019-12-10T19:38:44.000000Z"}, {"uuid": "b0444f19-b10b-4079-9248-20e4ede18f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/orderofsixangles/212", "content": "\ud83d\udc7e CVE-2019-2215 \ud83d\udc7e\n\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Google Project Zero \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432 \u044f\u0434\u0440\u0435 Android \u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0431\u0430\u0433, \u043f\u0435\u0440\u0435\u0434 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043c\u043d\u043e\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Android. \u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0443\u0436\u0435 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043c\u043e\u0447\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443.\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Google \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0438\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f CVE-2019-2215 \u2013 \u0434\u0435\u043b\u043e \u0440\u0443\u043a \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 NSO Group. \n\n\u261d\ud83c\udffb \u041d\u0430\u043f\u043e\u043c\u043d\u044e, \u0447\u0442\u043e NSO Group \u0431\u044b\u043b\u0430 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0430 \u0432 2010 \u0433\u043e\u0434\u0443 \u0438 \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440 \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u043e\u0439 \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u043b\u0432\u0430\u0440\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e, \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 \u044d\u043a\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 0-day, \u043f\u0440\u043e\u0434\u0430\u0435\u0442 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u043c \u0438 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u0430\u043c \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0420\u0430\u0437\u0431\u043e\u0440 \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u0420\u0443\u0441\u0441\u043a\u043e\u043c \u044f\u0437\u044b\u043a\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043d\u0430 \u0422\u0432\u0438\u0447\u0435.\n\n\ud83d\udccc https://www.twitch.tv/videos/527925171\n\n\ud83d\ude0e \u0410\u0432\u0442\u043e\u0440 @novitoll_ch | @novitoll\n\n\ud83d\udc68\ud83c\udffb\u200d\ud83d\udcbb \u0422\u0432\u0438\u0447 \u0430\u0432\u0442\u043e\u0440\u0430: https://www.twitch.tv/novitoll\n\n\u203c\ufe0f \u041f\u043e \u0440\u0435\u0433\u043b\u0430\u043c\u0435\u043d\u0442\u0430\u043c \u0442\u0432\u0438\u0447\u0430 \u0432\u0438\u0434\u0435\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e 14 \u0434\u043d\u0435\u0439 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438. \u0414\u0430\u043d\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d 10 \u0434\u043d\u0435\u0439 \u043d\u0430\u0437\u0430\u0434. \u0423 \u0412\u0430\u0441 \u0435\u0441\u0442\u044c \u0432\u0440\u0435\u043c\u044f 4-5 \u0434\u043d\u0435\u0439 \u0434\u043b\u044f \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u043b\u0435\u043d\u0438\u044f\u203c\ufe0f\n\n\u041f\u043e\u0441\u0442\u0430\u0440\u0430\u0435\u043c\u0441\u044f \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u0438 \u0437\u0430\u043b\u0438\u0442\u044c \u0432 \u043f\u0440\u0438\u0432\u0430\u0442 \u043a\u0430\u043d\u0430\u043b. \u0427\u0442\u043e \u0431\u044b \u0432\u0438\u0434\u0435\u043e \u043d\u0435 \u043f\u0440\u043e\u043f\u0430\u043b\u043e. \u041e\u0447\u0435\u043d\u044c \u0446\u0435\u043d\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f. \u0418\u0437\u0443\u0447\u0430\u0439\u0442\u0435.\n\n#cve #2019 #2215", "creation_timestamp": "2020-01-08T19:14:41.000000Z"}, {"uuid": "7a073b6f-90de-4c2b-a027-d26b3e66f20e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/207", "content": "29-\u0433\u043e \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0432 21:00 (GMT +6) \u0431\u0443\u0434\u0435\u0442 \u0441\u0442\u0440\u0438\u043c \u043f\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u0440\u0430\u0437\u0431\u043e\u0440\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 CVE-2019-2215: Android Binder UAF. \n\u0411\u0443\u0434\u0435\u043c \u0434\u0435\u0431\u0430\u0436\u0438\u0442\u044c, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 PoC \u0434\u043e r00t \u043d\u0430 Android-x86 VM, v4.14.150.\n\n\u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043d\u0430 2 \u0447\u0430\u0441\u0430.\n\nhttps://www.twitch.tv/novitoll", "creation_timestamp": "2019-12-26T09:42:22.000000Z"}, {"uuid": "c6bf4260-c1d5-48e3-bedb-b13d56d2a8d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "Telegram/zxnJoHkYAzFuvofYABqxZ_5eADQaz-T5A5RmEVwCQe508Eg", "content": "", "creation_timestamp": "2019-10-09T19:17:50.000000Z"}, {"uuid": "df913bf6-27a1-49d2-9676-18e59bbc6013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/Anonymous_TV_AR/5", "content": "\u062b\u063a\u0631\u0629 CVE-2019-2215 \u062a\u0639\u0648\u062f \u0645\u0633\u062a\u0647\u062f\u0641\u062a\u0627\u064b \u0627\u0644\u0627\u062c\u0647\u0632\u0629 \u0627\u0644\u062d\u062f\u064a\u062b\u0629 \n\n\u0623\u0648\u0636\u062d\u062a \u0634\u0631\u0643\u0629 \u063a\u0648\u063a\u0644 \u0623\u0646\u0647\u0627 \u0639\u062b\u0631\u062a \u0639\u0644\u0649 \u062f\u0644\u064a\u0644 \u0628\u0634\u0623\u0646 \u0648\u062c\u0648\u062f \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u063a\u064a\u0631 \u0645\u0635\u062d\u062d\u0629 \u0641\u064a \u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0623\u0646\u062f\u0631\u0648\u064a\u062f \u062a\u0633\u062a\u062e\u062f\u0645 \u0641\u064a \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0641\u064a \u0627\u0644\u0639\u0627\u0644\u0645 \u0627\u0644\u062d\u0642\u064a\u0642\u064a \u062a\u062d\u0645\u0644 \u062d\u0627\u0644\u064a\u0627 \u0627\u0644\u0627\u0633\u0645 (CVE-2019-2215).\n\u0648\u0623\u0634\u0627\u0631\u062a \u0627\u0644\u0649 \u0627\u0646\u0647 \u0628\u0627\u0644\u0631\u063a\u0645 \u0645\u0646 \u0623\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0642\u062f \u062c\u0631\u0649 \u0625\u0635\u0644\u0627\u062d\u0647\u0627 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0623\u0642\u062f\u0645 \u0645\u0646 \u0623\u0646\u062f\u0631\u0648\u064a\u062f\u060c \u0625\u0644\u0627 \u0623\u0646\u0647\u0627 \u0639\u0627\u0648\u062f\u062a \u0627\u0644\u0638\u0647\u0648\u0631 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0623\u062d\u062f\u062b.\n\u0648\u062a\u0648\u062c\u062f \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0646\u0648\u0627\u0629 \u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0623\u0646\u062f\u0631\u0648\u064a\u062f\u060c \u0648\u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627 \u0644\u0645\u0633\u0627\u0639\u062f\u0629 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0641\u064a \u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u062c\u0630\u0631 \u0644\u0644\u062c\u0647\u0627\u0632.\n\u0648\u0630\u0643\u0631\u062a \u0623\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 \u062a\u0645 \u062a\u0635\u062d\u064a\u062d\u0647\u0627 \u0641\u064a \u0634\u0647\u0631 \u0643\u0627\u0646\u0648\u0646 \u0627\u0644\u0627\u0648\u0644 2017 \u0641\u064a \u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0623\u0646\u062f\u0631\u0648\u064a\u062f 3.18 \u0648 4.14 \u0648 4.4 \u0648 4.9\u060c \u0644\u0643\u0646\u0647\u0627 \u0639\u062b\u0631\u062a \u0639\u0644\u064a\u0647\u0627 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0623\u062d\u062f\u062b \u0645\u0646 \u0646\u0638\u0627\u0645 \u0623\u0646\u062f\u0631\u0648\u064a\u062f.\n\u0648\u0627\u0634\u0627\u0631\u062a \u0627\u0644\u0634\u0631\u0643\u0629 \u0627\u0644\u0649 \u0627\u0646 \u0628\u0627\u062d\u062b\u064a \u063a\u0648\u063a\u0644 \u064a\u0639\u062a\u0642\u062f\u0648\u0646 \u0623\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u062a\u0624\u062b\u0631 \u0639\u0644\u0649 \u0646\u0645\u0627\u0630\u062c \u0647\u0648\u0627\u062a\u0641 \u0623\u0646\u062f\u0631\u0648\u064a\u062f \u0627\u0644\u062a\u0627\u0644\u064a\u0629 \u0627\u0644\u0639\u0627\u0645\u0644\u0629 \u0628\u0646\u0633\u062e\u0629 \u0623\u0646\u062f\u0631\u0648\u064a\u062f 8.0 \u0648\u0645\u0627 \u0628\u0639\u062f\u0647:\nGoogle Pixel.\nGoogle Pixel 1 XL.\nGoogle Pixel 2.\nGoogle Pixel 2 XL\nHuawei P20.\nXiaomi Redmi 5A.\nXiaomi Redmi Note 5.\nXiaomi A1.\nOppo A3.\nMoto Z3.\nSamsung Galaxy S7.\nSamsung Galaxy S8.\nSamsung Galaxy S9.\n+ \u0647\u0648\u0627\u062a\u0641 \u0634\u0631\u0643\u0629 \u0625\u0644 \u062c\u064a \u0627\u0644\u0639\u0627\u0645\u0644\u0629 \u0628\u0646\u0638\u0627\u0645 \u0623\u0646\u062f\u0631\u0648\u064a\u062f \u0623\u0648\u0631\u064a\u0648.", "creation_timestamp": "2019-12-18T17:12:23.000000Z"}, {"uuid": "36cc91b6-bca9-4526-a3ae-9758d7f26ce6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/ctinow/19103", "content": "Three Android Apps Have Been Exploiting CVE-2019-2215 Since March\n\nhttps://ift.tt/2usREdd", "creation_timestamp": "2020-01-07T18:12:11.000000Z"}, {"uuid": "9704c193-483f-4150-a74e-d0237bc4ba95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "Telegram/Zrldk8z1EwjpYU8Vg3CSH1QFx-z50lEQp2XdvPCkQk6RQ8I", "content": "", "creation_timestamp": "2025-02-04T16:00:09.000000Z"}, {"uuid": "8d66246b-28a6-44df-aa1b-8c939ae2f4a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/ctinow/19080", "content": "Malicious Google Play Apps Linked to SideWinder APT The active attack involving three malicious Android applications is the first exploiting CVE-2019-2215, Trend Micro researchers report. https://www.darkreading.com/application-security/malicious-google-play-apps-linked-to-sidewinder-apt/d/d-id/1336728?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple", "creation_timestamp": "2020-01-06T23:48:14.000000Z"}, {"uuid": "01408dbf-5415-4cc7-86ce-268af2753acc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "Telegram/HJe9oA1GC8_YbmZuFCP-7wna5xe1Ce0txJlZSEsUniShhv3O", "content": "", "creation_timestamp": "2024-09-19T15:14:12.000000Z"}, {"uuid": "13f663d1-a433-4545-b6f1-722237aa84ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/arpsyndicate/940", "content": "#ExploitObserverAlert\n\nCVE-2019-2215\n\nDESCRIPTION: Exploit Observer has 65 entries related to CVE-2019-2215. A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095\n\nFIRST-EPSS: 0.003000000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T13:18:45.000000Z"}, {"uuid": "f10cb5c3-7a92-46ae-b22e-1110152fe70a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/arpsyndicate/629", "content": "#ExploitObserverAlert\n\nCVE-2019-2215\n\nDESCRIPTION: Exploit Observer has 66 entries related to CVE-2019-2215. A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095\n\nFIRST-EPSS: 0.003000000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-28T11:40:27.000000Z"}, {"uuid": "683b8791-fbae-4f82-9e31-626bec8952d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/429", "content": "https://github.com/grant-h/qu1ckr00t \u043f\u043e\u0434\u044c\u0435\u0445\u0430\u043b PoC  Android kernel arbitrary R/W (CVE-2019-2215)", "creation_timestamp": "2019-10-17T11:58:14.000000Z"}, {"uuid": "ed462b24-b415-4f07-ab43-b9ddb22dbd32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/5", "content": "Android\u5167\u6838\u63d0\u6b0a\u6f0f\u6d1eCVE-2019-2215 Binder UAF\nhttps://www.pwnwiki.org/index.php?title=Android%E5%85%A7%E6%A0%B8%E6%8F%90%E6%AC%8A%E6%BC%8F%E6%B4%9ECVE-2019-2215_Binder_UAF", "creation_timestamp": "2021-09-21T06:42:55.000000Z"}, {"uuid": "593b655d-d5a4-42e1-aa06-c638070bbb67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/681", "content": "The Android Binder PoC exploit (CVE-2019-2215)\nhttps://github.com/DimitriFourny/cve-2019-2215", "creation_timestamp": "2020-02-18T20:18:03.000000Z"}, {"uuid": "0e741af4-f9e5-420a-8930-129152ae234f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/768", "content": "Android workshop: kernel vulnerability analysis and exploitation (CVE-2019-2215 - Use after Free)\nhttps://cloudfuzz.github.io/android-kernel-exploitation/\nhttps://github.com/cloudfuzz/android-kernel-exploitation", "creation_timestamp": "2020-04-16T21:01:31.000000Z"}, {"uuid": "588ea9b0-2748-48dd-be71-b1ad76fca901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "Telegram/-_j8UgE87NOECrqZ3KDP0NkvSl22TTLP3GgkgXUff5a_hF4", "content": "", "creation_timestamp": "2019-10-06T19:14:11.000000Z"}, {"uuid": "6bb12abf-240b-4eeb-81d6-10b12c4ddbab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "Telegram/wnKxIqmrA6wsmUfM50aZ9f7ztSEFBAbywcwZbgixvq8y_T8", "content": "", "creation_timestamp": "2019-10-06T19:58:41.000000Z"}, {"uuid": "cc657e50-0da8-44de-acd6-8d4d89193794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/androidMalware/500", "content": "Analysis of use-after-free in Binder vulnerability - CVE-2019-2215\n\nThis exploit was used in-the-wild to install NSO group malware - Pegasus.\nThe bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device. If chained with a browser renderer exploit, this bug could fully compromise a device through a malicious website.\nhttps://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html", "creation_timestamp": "2019-11-22T09:12:16.000000Z"}, {"uuid": "24438e3e-5fa0-4118-bde6-48eaebc8c937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/androidMalware/422", "content": "Kernel privilege escalation bug in Android affecting fully patched Pixel 2 &amp; others\nThe bug was allegedly being used or sold by the NSO Group.\nLocal PoC exploit included. CVE-2019-2215\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1942", "creation_timestamp": "2019-10-04T05:41:24.000000Z"}, {"uuid": "3c52e970-9510-4261-8334-4efa0b312926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/androidMalware/588", "content": "First Attack Exploiting CVE-2019-2215 (use-after-free vulnerability) Found on Google Play #SideWinder\nhttps://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/", "creation_timestamp": "2020-01-06T18:40:26.000000Z"}, {"uuid": "d026946f-63ee-4cce-b35f-08b56c26cf6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/androidMalware/445", "content": "Qu1ckR00t - Exploit CVE-2019-2215 to Achieve Root\nBlog: https://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root/\nPoC exploit: https://github.com/grant-h/qu1ckr00t", "creation_timestamp": "2019-10-17T06:14:24.000000Z"}, {"uuid": "2bfe2322-26de-489d-bdb7-f9adeb28ecdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/2532", "content": "Researcher released PoC exploit code for CVE-2019-2215 Android zero-day flaw\nhttps://ift.tt/33Fa8TX", "creation_timestamp": "2019-10-18T18:03:17.000000Z"}, {"uuid": "b55d4dca-b762-4194-b34e-694191fb8758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/information_security_channel/33875", "content": "Security researchers from Trend Micro observed three malicious apps on Google play that aims to compromise victim\u2019s devices and to steal information. The three apps include \u201cCamero, FileCryptManager &amp; CallCam,\u201d among the three Camero is the one exploits use-after-free vulnerability CVE-2019-2215. This is the first attack spotted in wild using exploits CVE-2019-2215 that resides in [\u2026]\nThe post Hackers Exploit Android Vulnerability to Install Malware Without User Interaction Via Google Play (https://gbhackers.com/sidewinder-apt-group/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-01-07T01:06:59.000000Z"}, {"uuid": "eccb7bee-9c2d-42d5-8472-1b4af4649e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/information_security_channel/33872", "content": "Malicious Google Play Apps Linked to SideWinder APT\nhttps://www.darkreading.com/application-security/malicious-google-play-apps-linked-to-sidewinder-apt/d/d-id/1336728?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nThe active attack involving three malicious Android applications is the first exploiting CVE-2019-2215, Trend Micro researchers report.", "creation_timestamp": "2020-01-07T00:17:42.000000Z"}, {"uuid": "79f8ade1-c47a-4f6e-bf32-cdf9472483d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/thehackernews/572", "content": "3 Malicious apps distributed via Google Play Store were exploiting a critical Android rooting flaw (CVE-2019-2215) almost 6 months before it was discovered that Israeli surveillance firm NSO Group used the flaw as zero-day\n.\n\nRead: https://thehackernews.com/2020/01/android-zero-day-malware-apps.html", "creation_timestamp": "2020-01-07T18:00:34.000000Z"}, {"uuid": "d6c7f8d6-3306-4db9-9daf-f581c6984fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/xakep_ru/7883", "content": "0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Android \u043e\u043f\u0430\u0441\u043d\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Samsung, Xiaomi, Pixel \u0438 \u0442\u0430\u043a \u0434\u0430\u043b\u0435\u0435\n\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Google Project Zero \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432 \u044f\u0434\u0440\u0435 Android \u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0431\u0430\u0433, \u043f\u0435\u0440\u0435\u0434 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043c\u043d\u043e\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Pixel 2, Samsung S7, S8, S9 \u0438 \u0442\u0430\u043a \u0434\u0430\u043b\u0435\u0435. \n\nhttps://xakep.ru/2019/10/07/cve-2019-2215/", "creation_timestamp": "2019-10-07T16:05:18.000000Z"}, {"uuid": "44075475-505d-47fd-9bdc-9bb3465f9b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/xakep_ru/7975", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0441\u0432\u0435\u0436\u0435\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Android\n\n\u041f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2019-2215, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u0436\u0435 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443. \n\nhttps://xakep.ru/2019/10/17/qu1ckr00t/", "creation_timestamp": "2019-10-17T10:35:15.000000Z"}, {"uuid": "3028668b-fce8-4f5d-81df-c0385527b9f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/424", "content": "#exploit\n1. Tailoring CVE-2019-2215 to Achieve Root\nhttps://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root\n]-&gt;  PoC1,  PoC2 \n\n2. CVE-2019-16663, CVE-2019-16662:\nrConfig v3.9.2 auth/unauth RCE\nhttps://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662", "creation_timestamp": "2024-10-11T21:29:41.000000Z"}, {"uuid": "b184a8cf-06db-4ba8-a689-e64ab5bc9ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6059", "content": "Tailoring CVE-2019-2215 to Achieve Root\nhttps://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root/", "creation_timestamp": "2019-10-16T22:00:00.000000Z"}, {"uuid": "c0eadd0f-5d08-40bb-ac74-f47b08daa973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1738", "content": "#exploit\nExploiting CVE-2019-2215:\nBrief introduction to binder, eventpoll subsystem and Vectored I/O\nhttps://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html\n]-&gt; PoC: https://github.com/cutesmilee/cutesmilee.github.io/blob/main/code/cve-2019-2215-exploit.c\n\n@BlueRedTeam", "creation_timestamp": "2022-02-19T10:18:40.000000Z"}, {"uuid": "380d5b33-35dc-4096-88ab-35eda97df67e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6122", "content": "Analyzing Android's CVE-2019-2215 (/dev/binder UAF)\nhttps://dayzerosec.com/posts/analyzing-androids-cve-2019-2215-dev-binder-uaf/", "creation_timestamp": "2019-11-09T21:28:10.000000Z"}, {"uuid": "ef82cc6b-55ab-431a-9352-3c4b2a803396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/secinfosex/23", "content": "\u0420\u0435\u0431\u044f\u0442\u0430 \u0438\u0437 Project Zero \u043e\u043f\u0438\u0441\u0430\u043b\u0438 CVE-2019-2215, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u0448\u043f\u0438\u043e\u043d\u0430 Pegasus \u043e\u0442 NSO Group. \n\n\u041a\u0440\u0430\u0442\u043a\u043e:\n\n\u0418\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u043e\u0432 NSO Group - \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0447\u0435\u0440\u0435\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440, \u0434\u0430\u0432\u043d\u043e. \u0424\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043f\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 Pegasus, \u043e\u0447\u0435\u043d\u044c \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e.\n\n\u0418\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0433\u0443\u0433\u043b\u0430 - UAF, \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Binder, \u044f\u0434\u0440\u043e, Linux kernel &gt;= 4.14, SELinux isolated_app \u043d\u0435 \u0441\u043f\u0430\u0441\u0430\u0435\u0442, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438\u0437 Chrome, \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0430 \u043d\u0435 \u0441\u043f\u0430\u0441\u0430\u0435\u0442.\n\n\u043e Pegasus:\n\u041c\u043e\u0434\u0443\u043b\u044c\u043d\u0430\u044f \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u043f\u0430\u0439\u0432\u0430\u0440\u044c \u043e\u0442 NSO Group. \n\u0427\u0438\u0442\u0430\u0435\u0442 sms, \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0443, \u0434\u0435\u043b\u0430\u0435\u0442 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b, \u043f\u0438\u0448\u0435\u0442 \u0437\u0432\u0443\u043a, \u043b\u043e\u0433\u0433\u0438\u0440\u0443\u0435\u0442 \u0432\u0432\u043e\u0434, \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u044b - \u043f\u043e\u043b\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u0434\u043b\u044f \u0441\u043e\u043b\u0438\u0434\u043d\u044b\u0445 \u0433\u043e\u0441\u043f\u043e\u0434.\n\n\u043e\u0431 NSO Group:\n\u0418\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f, \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0430\u044f  \u0438 \u043f\u0440\u043e\u0434\u0430\u044e\u0449\u0430\u044f \u043c\u0435\u0442\u043e\u0434\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u043b\u0435\u0436\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c Pegasus \u0438 Chrysaor.  \n\n# https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html\n# https://www.kaspersky.ru/blog/pegasus-spyware/14569/\n# https://en.wikipedia.org/wiki/NSO_Group", "creation_timestamp": "2019-11-22T05:31:17.000000Z"}, {"uuid": "0e63051f-ff85-459c-8a6a-f8bbaab367da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/512", "content": "#Threat_Research\n1. First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group\nhttps://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group\n2. Zero day vulnerabilities in Determine Selectica Contract Lifecycle Management (SCLM)\nhttps://www.n00py.io/2020/01/zero-day-exploit-in-determine-selectica-contract-lifecycle-management-sclm-v5-4", "creation_timestamp": "2022-02-01T04:44:53.000000Z"}, {"uuid": "2c0a9663-6717-4037-978a-bfcbf15b398f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5449", "content": "#exploit\nExploiting CVE-2019-2215:\nBrief introduction to binder, eventpoll subsystem and Vectored I/O\nhttps://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html\n]-&gt; PoC: https://github.com/cutesmilee/cutesmilee.github.io/blob/main/code/cve-2019-2215-exploit.c", "creation_timestamp": "2022-02-19T13:30:24.000000Z"}, {"uuid": "d4710a90-929f-4ec8-862e-c4526bd62433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "Telegram/jFjf8KlZQyyL5_1x0nAuLdWnAtEkx6djpi_LpaJNCl3ZBg", "content": "", "creation_timestamp": "2020-03-20T07:07:57.000000Z"}, {"uuid": "aa3d7c32-ea4e-4582-bbd5-f2d149db8420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2215", "type": "seen", "source": "https://t.me/cibsecurity/9009", "content": "\ud83d\udd74 Malicious Google Play Apps Linked to SideWinder APT \ud83d\udd74\n\nThe active attack involving three malicious Android applications is the first exploiting CVE-2019-2215, Trend Micro researchers report.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2020-01-06T23:56:41.000000Z"}]}