{"vulnerability": "CVE-2020-0787", "sightings": [{"uuid": "45de7016-88d9-4796-a6d7-781ebf7b254d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/8be28751-7296-4d14-8717-86e418d6851a", "content": "", "creation_timestamp": "2021-02-26T14:14:29.000000Z"}, {"uuid": "51fd5018-14c9-4ebd-a6de-03c9f4877ac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/fbff27c0-f30f-445c-92af-76781df1856d", "content": "", "creation_timestamp": "2020-10-09T13:20:02.000000Z"}, {"uuid": "093bacc9-4f13-4a63-93ae-2d88ac5d5a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "9ed368e7-4af8-4b59-929a-ee9f67b9d7df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2024-10-15T11:39:21.000000Z"}, {"uuid": "8824a7e7-c846-438d-beb6-7613da145569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971232", "content": "", "creation_timestamp": "2024-12-24T20:26:15.028216Z"}, {"uuid": "631bdaa7-155c-482b-a94b-1c1bc2330b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "269bd457-32b3-4ff1-a632-112398c094ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:20.000000Z"}, {"uuid": "5f144dad-3c3a-410b-baa2-8528ebe15caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2020_0787_bits_arbitrary_file_move.rb", "content": "", "creation_timestamp": "2020-06-11T06:14:52.000000Z"}, {"uuid": "d4b7f0c6-48fc-44ca-82db-847a40d780f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:25.000000Z"}, {"uuid": "43e1d97e-4b75-44f8-8b1a-65c94497cb27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:05.000000Z"}, {"uuid": "31964a63-edb8-46ad-9c99-d802ba3420b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://gist.github.com/garagon/85a72cafb243e1a793677270ca7fad6d", "content": "", "creation_timestamp": "2026-02-17T13:27:58.000000Z"}, {"uuid": "77d0407b-0019-4168-aedc-187d7b0d6b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-0787", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c0b7ff50-0a0e-4188-883b-7a8ed93231ee", "content": "", "creation_timestamp": "2026-02-02T12:25:28.081212Z"}, {"uuid": "c83460e6-8a1b-4315-a586-decf12dc283c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://gist.github.com/josephb4224/1d49fcfaa37fb1523b5451314f37b669", "content": "", "creation_timestamp": "2026-03-16T13:31:31.000000Z"}, {"uuid": "ffbc86df-1a6d-4092-ad98-e7cb178c7511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2026-01-09T20:17:31.000000Z"}, {"uuid": "e45e4658-4c9e-4b68-a9bb-c4a9cb893e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-0787", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c34a93a2-b769-43ce-9cc6-95a9ff332f9b", "content": "", "creation_timestamp": "2026-02-02T12:28:25.974590Z"}, {"uuid": "6eb4f54c-0eeb-419f-aeef-a4d3aac7e74b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "published-proof-of-concept", "source": "https://t.me/hybgl/146", "content": "#article #windows #privesc #bits #cve\n\nhttps://itm4n.github.io/cve-2020-0787-windows-bits-eop/", "creation_timestamp": "2020-04-12T20:36:33.000000Z"}, {"uuid": "ec2e32f7-0b06-4472-ba63-ad6b492054b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://t.me/poxek/2939", "content": "\u200b\u200bMicrosoft: Windows Privilege Escalation \nCVE-2020-0787\n\nCVE-2020-0787 - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0443 Background Intelligent Transfer Service (BITS). BITS - \u044d\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043f\u043e \u0441\u0435\u0442\u0438 \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0442\u043e\u043c, \u043a\u0430\u043a BITS \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0441\u044b\u043b\u043a\u0438. \u0421\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0441\u044b\u043b\u043a\u0430 - \u044d\u0442\u043e \u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0444\u0430\u0439\u043b. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043e\u0437\u0434\u0430\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Jonas Lykkegaard. Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 10 \u043c\u0430\u0440\u0442\u0430 2020 \u0433\u043e\u0434\u0430. \u0427\u0442\u043e\u0431\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438. \u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n#CVE #PrivEsc", "creation_timestamp": "2023-05-30T09:26:20.000000Z"}, {"uuid": "7a10d56b-1d2a-4cf4-9be3-563449361243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://t.me/Russian_OSINT/875", "content": "\u200b\u200b\ud83d\ude94 \u0424\u0411\u0420 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u043f\u0438\u0441\u043e\u043a 30 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 2 \u0433\u043e\u0434\u0430\n\nCVE-2021-26855: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-26857: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-26858: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-27065: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-22893: It is an Improper Authentication vulnerability that is marked as critical\nCVE-2021-22894: It is a buffer overflow vulnerability that enables an attacker to execute arbitrary code\nCVE-2021-22899: It is a command injection vulnerability that enables an attacker to execute remote code\nCVE-2021-22900: It is an Improper Control of Generation of Code vulnerability\nCVE-2021-27101: It is an Improper Neutralization of Special Elements used in an SQL Command\nCVE-2021-27102: It is an Improper Neutralization of Special Elements used in an OS Command\nCVE-2021-27103: It is a Server-Side Request Forgery (SSRF) vulnerability\nCVE-2021-27104: It is an Improper Neutralization of Special Elements used in an OS Command vulnerability\nCVE-2021-21985: It is an Improper Input Validation vulnerability\nCVE-2018-13379: It is an Improper Limitation of a Pathname to a Restricted Directory (\u2018Path Traversal\u2019)\nCVE-2020-12812: It is an Improper Authentication vulnerability\nCVE-2019-5591: It is a Missing Authentication for Critical Function vulnerability\nCVE-2019-19781: It is an Improper Limitation of a Pathname to a Restricted Directory \nCVE 2019-11510: It is an Improper Limitation of a Pathname to a Restricted Directory\nCVE 2018-13379: It is an Improper Limitation of a Pathname to a Restricted Directory \nCVE 2020-5902: It is an Inclusion of Functionality from Untrusted Control Sphere and Improper Limitation of a Pathname to a Restricted Directory vulnerability \nCVE 2020-15505: It is an Insufficient Information vulnerability\nCVE-2017-11882: It is a Microsoft Office Memory Corruption vulnerability that enables an attacker to execute arbitrary code.\nCVE-2019-11580: It is an Insufficient Information vulnerability\nCVE-2018-7600: It is an Improper Input Validation vulnerability\nCVE 2019-18935: It is a Deserialization of Untrusted Data vulnerability\nCVE-2019-0604: It is a Microsoft SharePoint Remote Code Execution Vulnerability\nCVE-2020-0787: It is a Windows Background Intelligent Transfer Service Elevation of Privilege vulnerability\nCVE-2020-1472: It is a Netlogon Elevation of Privilege vulnerability \nCVE-2020-15505: It is an Insufficient Information vulnerability\nCVE-2020-0688: It is a Use of Hard-coded Credentials vulnerability", "creation_timestamp": "2021-07-29T17:59:02.000000Z"}, {"uuid": "ade7351f-b36b-4a06-b4fb-f02e28dc12e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/803", "content": "https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION/releases\n\nin educational purposes", "creation_timestamp": "2021-12-08T21:09:42.000000Z"}, {"uuid": "1123377f-717c-4e45-94cc-a6f90a710808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "seen", "source": "https://t.me/true_secator/1084", "content": "Check Point \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0439 \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u043f\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u0445 fingerprints.\n\n\u041c\u044b \u0443\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u043f\u0440\u043e \u044d\u0442\u0443 \u043c\u0435\u0442\u043e\u0434\u0438\u043a\u0443 - \u043f\u0435\u0440\u0432\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0437\u0434\u0435\u0441\u044c. \n\n\u0412 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0442\u044f\u043d\u0435 \u0440\u0435\u0448\u0438\u043b\u0438 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c 1-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 CVE-2018-8453, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (LPE) \u0432 Windows \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 ransomware Sodinokibi, Maze \u0438 \u0434\u0440.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 fingerprint \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0438 \u0441\u0440\u0430\u0432\u043d\u0438\u0432 \u0435\u0433\u043e \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 5 \u043e\u0434\u043d\u043e\u0434\u043d\u0435\u0432\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 (CVE-2013-3660, CVE-2015-0057, CVE-2015-1701, CVE-2016-7255 \u0438, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, CVE-2018-8453), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u044b \u043e\u0434\u043d\u0438\u043c \u0438 \u0442\u0435\u043c \u0436\u0435 \u0430\u0432\u0442\u043e\u0440\u043e\u043c (\u0433\u0440\u0443\u043f\u043f\u043e\u0439) \u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 LPE.\n\n\u041a\u0430\u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 Check Point, \u0437\u0430 \u0432\u0441\u0435\u043c\u0438 \u044d\u0442\u0438\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0441\u0442\u043e\u0438\u0442 \u0430\u043a\u0442\u043e\u0440 PlayBit aka luxor2008. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0440\u044f\u0434 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u0432 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0438\u0445 \u0430\u0432\u0442\u043e\u0440\u0430. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 \u043a\u0430\u0436\u0434\u043e\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043c\u0430\u043b\u0435\u043d\u044c\u043a\u0430\u044f \u043e\u0431\u0435\u0440\u0442\u043a\u0430 \u0432\u043e\u043a\u0440\u0443\u0433 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0445\u043e\u0441\u0442  \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0427\u0442\u043e \u0436\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0437\u043d\u0430\u0442\u044c \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0442\u044f\u043d\u0430\u043c \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 PlayBit. \u041d\u0443, \u0432\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0430\u043a\u0442\u043e\u0440 - \u0440\u0443\u0441\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0439 (\u043d\u0435 \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e) \u0438 \u0440\u0435\u043a\u043b\u0430\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0436\u0435 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445. \u0412\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, \u0443 PlayBit \u0435\u0441\u0442\u044c \u0441\u0432\u043e\u0439 \u043e\u0434\u043d\u043e\u0438\u043c\u0435\u043d\u043d\u044b\u0439 YouTube-\u043a\u0430\u043d\u0430\u043b \u0441 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u044f\u043c\u0438 \u0440\u0430\u0431\u043e\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0438 \u043e\u043d \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d (!).\n\nPlayBit \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 2012 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0438\u0437\u0433\u043e\u0442\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0430\u0436\u0443 \u043f\u043e \u043e\u0434\u043d\u043e\u043c\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0443 \u0432 \u0433\u043e\u0434. \u0422\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u0441\u043e\u0432\u0441\u0435\u043c \u0441\u0432\u0435\u0436\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043e\u0442 \u044d\u0442\u043e\u0433\u043e \u0430\u0432\u0442\u043e\u0440\u0430 - CVE-2019-1069 \u0438 CVE-2020-0787.\n\n\u0426\u0435\u043d\u044b \u043d\u0430 \u043e\u0434\u043d\u043e\u0434\u043d\u0435\u0432\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u0441\u0430\u043c\u043e \u0441\u043e\u0431\u043e\u0439, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u043d\u0438\u0436\u0435 0-day \u0438 \u0443 PlayBit \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043e\u0442 5 \u0434\u043e 10 \u0442\u044b\u0441. \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432, \u043f\u0440\u0438\u0447\u0435\u043c \u0446\u0435\u043d\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u0438\u0431\u043b\u0438\u0437\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0434\u043d\u0430 \u0438 \u0442\u0430 \u0436\u0435 \u0438\u0437 \u0433\u043e\u0434\u0430 \u0432 \u0433\u043e\u0434.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c, \u043c\u0435\u0442\u043e\u0434\u0438\u043a\u0430 fingerprint's \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432\u043f\u043e\u043b\u043d\u0435 \u0440\u0430\u0431\u043e\u0447\u0430\u044f \u0438 \u0434\u0430\u0435\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b. \u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0435\u0435 Check Point \u0432\u043f\u043e\u043b\u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0447\u0442\u043e, \u0431\u0435\u0437 \u0441\u043e\u043c\u043d\u0435\u043d\u0438\u044f, \u0441\u0434\u0435\u043b\u0430\u0435\u0442 \u043a\u0430\u0440\u0442\u0438\u043d\u0443 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e \u043c\u0438\u0440\u0430 \u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u043e\u0439 \u0438 \u043f\u043e\u043d\u044f\u0442\u043d\u043e\u0439.", "creation_timestamp": "2020-10-26T14:14:23.000000Z"}, {"uuid": "f24e2b72-09a5-44aa-9218-3bbbb171d7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0787", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/951", "content": "#exploit\nCVE-2020-0787: \nWindows BITS (Background Intelligent Transfer Service) - An EoP Bug Hidden in an Undocumented RPC Function\nhttps://itm4n.github.io/cve-2020-0787-windows-bits-eop/\n]-&gt; PoC: https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION", "creation_timestamp": "2024-10-14T20:50:11.000000Z"}]}