{"vulnerability": "CVE-2021-2408", "sightings": [{"uuid": "cedfaed4-b5a2-41e1-ab70-7e31f06b39aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24085", "type": "seen", "source": "MISP/2380fc03-4823-4fdc-a6c3-7e74a783d8c4", "content": "", "creation_timestamp": "2024-11-14T06:08:11.000000Z"}, {"uuid": "2ba4b4b7-2c3e-4976-8c4b-1f50eaaaf52d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/02/multiple-security-updates-affecting-tcp-ip/", "content": "", "creation_timestamp": "2021-02-09T07:00:00.000000Z"}, {"uuid": "665db9c9-d39f-4ba0-88f9-0bab0a1e415b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://vulnerability.circl.lu/comment/e58954bd-8b24-451b-9853-c16202937347", "content": "", "creation_timestamp": "2024-08-28T09:53:22.190586Z"}, {"uuid": "5556b899-9486-4c7c-8b97-16bdafb33a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:52.000000Z"}, {"uuid": "5bf2fbc8-f4c4-4914-bddc-ea2c6d469d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/true_secator/6095", "content": "Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Zero-click TCP/IP RCE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e IPv6 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\nCVE-2024-38063 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0421\u044f\u043e\u0412\u044d\u0435\u043c\u00a0\u0438\u0437 Kunlun Lab \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e Integer Underflow, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows 10, Windows 11 \u0438 Windows Server.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u043a\u0440\u0430\u0442\u043a\u043e\u0441\u0440\u043e\u0447\u043d\u043e\u0439 \u043f\u0435\u0440\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u0435, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0449\u0435\u0440\u0431, \u0434\u043e\u0431\u0430\u0432\u0438\u0432, \u0447\u0442\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 IPv6 \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0435 Windows \u043d\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0434\u043e \u0435\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0430 Microsoft, \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043c\u043d\u043e\u0433\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u043f\u0430\u043a\u0435\u0442\u044b IPv6, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0442\u043a\u043e\u0439 \u00ab\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430\u00bb.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows, Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c IPv6, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438.\u00a0\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0442\u0435\u043a \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 IPv6 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e Windows Vista \u0438 Windows Server 2008 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0438 \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c IPv6, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows.\n\n\u0412 ZDI Trend Micro \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0437\u0432\u0430\u043b\u0438 CVE-2024-38063 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 Microsoft \u0432 \u043c\u0435\u0441\u044f\u0447\u043d\u043e\u043c \u043f\u0430\u0442\u0447\u0435, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u0435\u0451 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c \u0447\u0435\u0440\u0432\u0435\u043c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u0442\u043e \u0443\u0436\u0435 \u043d\u0435 \u043f\u0435\u0440\u0432\u0430\u044f \u0438, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043d\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0430\u043a\u0435\u0442\u043e\u0432 IPv6.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b IPv6, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2020-16898/9 (Ping of Death), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f RCE \u0438 \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 ICMPv6.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0448\u0438\u0431\u043a\u0430 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 IPv6 (CVE-2021-24086) \u0441\u0434\u0435\u043b\u0430\u043b\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f DoS-\u0430\u0442\u0430\u043a, \u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c DHCPv6 (CVE-2023-28231) - \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 RCE \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0438\u0445 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Windows \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 IPv6, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2024-08-15T10:18:55.000000Z"}, {"uuid": "3f7e8418-d826-4158-b59f-dc87f66b4893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4780", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2021-24086 - Denial of Service. \n\nhttps://blog.quarkslab.com/analysis-of-a-windows-ipv6-fragmentation-vulnerability-cve-2021-24086.html", "creation_timestamp": "2021-04-11T07:24:00.000000Z"}, {"uuid": "4d33867a-2238-48e0-b1d9-16f005df6b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/27", "content": "Windows non-interactive remote BSOD via NULL dereference in tcpip!Ipv6pReassembleDatagram (CVE-2021-24086), from patch diffing and reversing tcpip.sys to PoC, by @doar_e.\n\nContents:\n\u2022 Introduction\n\u2022 TL;DR\n\u2022 Recon\n\u2022 Diffing Microsoft patches in 2021\n\u2022 Reverse-engineering tcpip.sys\n\u2022 Baby steps\n\u2022 High level overview\n\u2022 Zooming out\n\u2022 NET_BUFFER &amp; NET_BUFFER_LIST\n\u2022 The mechanics of parsing an IPv6 packet\n\u2022 The mechanics of IPv6 fragmentation\n\u2022 Theory vs practice: Ipv6pReceiveFragment\n\u2022 Hiding in plain sight\n\u2022 Manufacturing a packet of the death: chasing phantoms\n\u2022 Manufacturing a packet of the death: leap of faith\n\u2022 Conclusion\n\u2022 Bonus: CVE-2021-24074\n\nhttps://doar-e.github.io/blog/2021/04/15/reverse-engineering-tcpipsys-mechanics-of-a-packet-of-the-death-cve-2021-24086/", "creation_timestamp": "2021-04-16T09:26:06.000000Z"}, {"uuid": "d46b0dcc-0906-4f18-b799-1b53335407de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://t.me/ctinow/43023", "content": "0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day\n\nhttps://ift.tt/3E3c4rY", "creation_timestamp": "2021-11-28T12:01:28.000000Z"}, {"uuid": "08dc93bf-41f8-44a9-bd3a-c12ab9e49e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://t.me/cKure/8269", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Unpatched Windows Zero-Day Allows Privileged File Access\n\nA temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.\n\nhttps://threatpost.com/unpatched-windows-zero-day-privileged-file-access/176609/", "creation_timestamp": "2021-11-29T18:15:41.000000Z"}, {"uuid": "2918542a-aac4-4cf7-90c6-e30c5f565d8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24085", "type": "exploited", "source": "https://t.me/bizone_channel/213", "content": "\u041f\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 \u0437\u043d\u0430\u043d\u0438\u0439 \u0434\u043b\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 Cyber Polygon\n\n\ud83d\udce9\u041c\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0446\u0438\u043a\u043b, \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434\u0430\u043c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 Microsoft Exchange.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u0433\u0430\u0439\u0434\u0435 \u043c\u044b \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043e \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 MS Exchange, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e CVE-2020-0688, CVE-2020-16875 \u0438 CVE-2021-24085.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e \u0447\u0442\u043e \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0442\u0430\u043a\u0438\u0435 \u0441\u0432\u0435\u0436\u0438\u0435, \u043a\u0430\u043a ProxyLogon, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. \u0410 \u0435\u0441\u043b\u0438 \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c \u0438\u0445 \u0432\u043e\u0432\u0440\u0435\u043c\u044f, \u043c\u043e\u0436\u043d\u043e \u0441\u0432\u0435\u0441\u0442\u0438 \u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c\u0443 \u043d\u0435\u0433\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043e\u0442 \u0430\u0442\u0430\u043a\u0438 \u2014 \u0438\u043b\u0438 \u0432\u043e\u0432\u0441\u0435 \u0438\u0445 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c. \u0412 \u0441\u0442\u0430\u0442\u044c\u0435 \u043c\u044b \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u043a\u0430\u043a \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0442\u0438\u043b\u0438\u0442 \u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 Exchange \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043b\u0435\u0434\u044b \u0430\u0442\u0430\u043a, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c.\n\n\u0415\u0449\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u0437\u043d\u0430\u043d\u0438\u0439 \u0438 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0430\u0432\u044b\u043a\u043e\u0432 \u2014 \u043d\u0430 \u043c\u0435\u0436\u0434\u0443\u043d\u0430\u0440\u043e\u0434\u043d\u043e\u043c \u0442\u0440\u0435\u043d\u0438\u043d\u0433\u0435 Cyber Polygon 9 \u0438\u044e\u043b\u044f. \n\u0412\u0430\u0441 \u0436\u0434\u0443\u0442 \u0432\u044b\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0432\u0435\u0434\u0443\u0449\u0438\u0445 \u043c\u0438\u0440\u043e\u0432\u044b\u0445 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0440\u0435\u043d\u0438\u043d\u0433 \u0434\u043b\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0432\u0438\u0434\u0435\u043e\u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u044b.\n\n\ud83d\udc49\u0417\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443\n\n#msexchange", "creation_timestamp": "2021-06-23T13:27:52.000000Z"}, {"uuid": "e84e0521-f16f-40a3-893b-f12edcb2bc13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "Telegram/lJ8esi6TNRPeiOWrUA4nbsPGAq5gVpJsskx3jtMDxnrl69c", "content": "", "creation_timestamp": "2024-04-09T14:47:25.000000Z"}, {"uuid": "3c67086f-d22d-4bd8-9690-846b778816cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "Telegram/a9MlObRwbvLFC7kC3igmEhfJuDL6yiSNnf86sOt8LEMflA", "content": "", "creation_timestamp": "2021-04-14T17:15:36.000000Z"}, {"uuid": "afcbb952-a135-49ee-80fa-9031a5557a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24089", "type": "seen", "source": "https://t.me/cibsecurity/24776", "content": "\u203c CVE-2021-27048 \u203c\n\nHEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27047, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-11T18:54:52.000000Z"}, {"uuid": "3ae71072-d5ec-4e84-bbce-acbe724e8a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/646", "content": "Windows TCP/IP Denial of Service Vulnerability\n\n#DOS #Vulnerability #Windows #CVE-2021-24086 #DenialofService\n\nhttps://reconshell.com/windows-tcp-ip-denial-of-service-vulnerability/", "creation_timestamp": "2021-04-11T07:41:56.000000Z"}, {"uuid": "f693419b-7b6e-4342-b21f-77cca0d85f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/10352", "content": "https://github.com/exploitblizzard/WindowsMDM-LPE-0Day  CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day", "creation_timestamp": "2022-03-08T12:04:56.000000Z"}, {"uuid": "5da2c6e1-d351-4e33-9cb6-be4b895a091f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2385", "content": "\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0438\u0433\u0440\u0430 \u0432 \u0434\u043e\u0433\u043e\u043d\u044f\u043b\u043a\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u0438\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Windows 10.\n \n\u041d\u0430\u0434\u0435\u043b\u0430\u0432\u0448\u0438\u0439 \u043c\u043d\u043e\u0433\u043e \u0433\u043e\u043b\u043e\u0432\u043d\u043e\u0439 \u0431\u043e\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0410\u0431\u0434\u0435\u043b\u044c\u0445\u0430\u043c\u0438\u0434 \u041d\u0430\u0441\u0435\u0440\u0438 \u0432\u043d\u043e\u0432\u044c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u043b \u043f\u0440\u0438\u0437\u0430\u0434\u0443\u043c\u0430\u0442\u044c\u0441\u044f \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432, \u0447\u0442\u043e 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (LPE) CVE-2021-24084 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u043d\u0430 Windows 10 \u0432\u0435\u0440\u0441\u0438\u0438 1809 (\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439) \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u044d\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u043e\u0434 \u043d\u0435\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u043f\u0430\u0442\u0447 \u043e\u0442 Microsoft.\n \n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438 \u0441\u043e\u0443\u0447\u0440\u0435\u0434\u0438\u0442\u0435\u043b\u044c 0patch \u041c\u0438\u0442\u044f \u041a\u043e\u043b\u0441\u0435\u043a \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u0434\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0435\u0441\u043b\u0438 \u0447\u0435\u0442\u043a\u043e \u0437\u043d\u0430\u0442\u044c, \u043a\u0430\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438 \u0447\u0442\u043e \u0441 \u043d\u0438\u043c\u0438 \u0434\u0435\u043b\u0430\u0442\u044c.\n \n\u0418 \u0435\u0433\u043e \u0441\u043b\u043e\u0432\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0445\u043e\u0434\u0435 \u0430\u043f\u0440\u043e\u0431\u0430\u0446\u0438\u0438 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u041d\u0430\u0441\u0435\u0440\u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0439 \u0432 \u0431\u043b\u043e\u0433\u0435 \u0420\u0430\u0434\u0436\u0430 \u0427\u0430\u043d\u0434\u0435\u043b\u044f, \u0438\u043c\u0435\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u0434 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, Microsoft \u043d\u0435 \u0432\u0437\u0438\u0440\u0430\u044f \u043d\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0435\u0449\u0435 \u0432 \u0438\u044e\u043d\u0435, \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043c\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u043d\u0430\u0434 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n \n\u0418, \u043f\u043e \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0438 \u043d\u0430 \u043f\u043e\u043c\u043e\u0449\u044c \u0440\u044f\u0434\u043e\u0432\u044b\u043c \u044e\u0437\u0435\u0440\u0430\u043c \u043f\u0440\u0438\u0445\u043e\u0434\u044f\u0442 \u0447\u0430\u0441\u0442\u043d\u044b\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0438\u0437 0patch, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u0438\u0441\u0442\u0435\u043c Windows 10.", "creation_timestamp": "2021-11-29T16:57:01.000000Z"}, {"uuid": "2ed2e9df-8bf1-4caf-a4a1-84fe0b87f8b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/84", "content": "CVE-2021-24086 Windows TCP/IP\u62d2\u7d55\u670d\u52d9\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=6m8Lvl", "creation_timestamp": "2021-09-21T06:42:52.000000Z"}, {"uuid": "b6600f23-1791-470e-9342-6b651b7ca49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://t.me/cibsecurity/33047", "content": "\u274c Unpatched Windows Zero-Day Allows Privileged File Access \u274c\n\nA temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2021-11-29T18:56:12.000000Z"}, {"uuid": "f39ccf23-9e22-4c05-becd-db6ac6d5641b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24087", "type": "seen", "source": "https://t.me/cibsecurity/24165", "content": "\u203c CVE-2021-24087 \u203c\n\nAzure IoT CLI extension Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:38:25.000000Z"}, {"uuid": "ccc288b0-5526-438d-8130-bea2b587c22e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24085", "type": "seen", "source": "https://t.me/cibsecurity/24172", "content": "\u203c CVE-2021-1730 \u203c\n\nMicrosoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-24085.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:38:35.000000Z"}, {"uuid": "22a499eb-d5f4-407b-b70d-3223d421c1f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24080", "type": "seen", "source": "https://t.me/cibsecurity/24191", "content": "\u203c CVE-2021-24080 \u203c\n\nWindows Trust Verification API Denial of Service Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:44:33.000000Z"}, {"uuid": "49812f40-c59d-42de-bfcf-81942f624959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24083", "type": "seen", "source": "https://t.me/cibsecurity/24175", "content": "\u203c CVE-2021-24083 \u203c\n\nWindows Address Book Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:44:15.000000Z"}, {"uuid": "6cc85d01-1c3f-4f37-a423-f3643c66f515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://t.me/cibsecurity/24169", "content": "\u203c CVE-2021-24084 \u203c\n\nWindows Mobile Device Management Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:38:30.000000Z"}, {"uuid": "39e26b1a-5dc1-40c6-a0f7-821f3138469d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24082", "type": "seen", "source": "https://t.me/cibsecurity/24162", "content": "\u203c CVE-2021-24082 \u203c\n\nMicrosoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:38:21.000000Z"}, {"uuid": "badacab2-d2d1-4578-9942-566d6acf9134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24088", "type": "seen", "source": "https://t.me/cibsecurity/24160", "content": "\u203c CVE-2021-24088 \u203c\n\nWindows Local Spooler Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-26T02:38:19.000000Z"}, {"uuid": "f91c379c-5bad-4392-acde-3db7b99fd22e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2806", "content": "#exploit\n1. CVE-2021-24093:\nWindows Graphics Component RCE Vulnerability\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2123\n\n2. CVE-2021-26119:\nSmarty PHP Template Engine &lt;3.1.39 - Sandbox Escape\nhttps://github.com/Udyz/CVE-2021-26119\n\n3. CVE-2021-24086:\nWindows TCP/IP DoS Vulnerability/\na NULL dereference in tcpip.sys triggered remotely\nhttps://github.com/0vercl0k/CVE-2021-24086", "creation_timestamp": "2024-06-24T21:18:37.000000Z"}, {"uuid": "7f7231bd-d06a-4dbe-9884-fe14142edcbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "published-proof-of-concept", "source": "Telegram/ZgrYaKfoWxLUgzZDTo8G_aEF-rvAT9lk-J3ogZvhycztJVHH", "content": "", "creation_timestamp": "2021-11-26T20:17:37.000000Z"}, {"uuid": "ea2755dc-7428-44e5-b43c-0fe97f9ce182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/S_E_Reborn/5027", "content": "Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Zero-click TCP/IP RCE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e IPv6 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\nCVE-2024-38063 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0421\u044f\u043e\u0412\u044d\u0435\u043c\u00a0\u0438\u0437 Kunlun Lab \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e Integer Underflow, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows 10, Windows 11 \u0438 Windows Server.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u043a\u0440\u0430\u0442\u043a\u043e\u0441\u0440\u043e\u0447\u043d\u043e\u0439 \u043f\u0435\u0440\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u0435, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0449\u0435\u0440\u0431, \u0434\u043e\u0431\u0430\u0432\u0438\u0432, \u0447\u0442\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 IPv6 \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0435 Windows \u043d\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0434\u043e \u0435\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0430 Microsoft, \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043c\u043d\u043e\u0433\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u043f\u0430\u043a\u0435\u0442\u044b IPv6, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0442\u043a\u043e\u0439 \u00ab\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430\u00bb.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows, Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c IPv6, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438.\u00a0\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0442\u0435\u043a \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 IPv6 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e Windows Vista \u0438 Windows Server 2008 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0438 \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c IPv6, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows.\n\n\u0412 ZDI Trend Micro \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0437\u0432\u0430\u043b\u0438 CVE-2024-38063 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 Microsoft \u0432 \u043c\u0435\u0441\u044f\u0447\u043d\u043e\u043c \u043f\u0430\u0442\u0447\u0435, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u0435\u0451 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c \u0447\u0435\u0440\u0432\u0435\u043c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u0442\u043e \u0443\u0436\u0435 \u043d\u0435 \u043f\u0435\u0440\u0432\u0430\u044f \u0438, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043d\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0430\u043a\u0435\u0442\u043e\u0432 IPv6.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b IPv6, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2020-16898/9 (Ping of Death), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f RCE \u0438 \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 ICMPv6.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0448\u0438\u0431\u043a\u0430 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 IPv6 (CVE-2021-24086) \u0441\u0434\u0435\u043b\u0430\u043b\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f DoS-\u0430\u0442\u0430\u043a, \u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c DHCPv6 (CVE-2023-28231) - \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 RCE \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0438\u0445 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Windows \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 IPv6, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2024-08-15T11:48:19.000000Z"}, {"uuid": "c59a89a5-5bd2-44d3-abe1-8ea5219f2e1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/777", "content": "Windows TCP/IP Denial of Service Vulnerability\n\n#DOS #Vulnerability #Windows #CVE-2021-24086 #DenialofService\n\nhttps://reconshell.com/windows-tcp-ip-denial-of-service-vulnerability/", "creation_timestamp": "2021-04-12T13:29:27.000000Z"}, {"uuid": "d6c492d9-9836-44a9-ad41-e277adc4fc4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://t.me/thehackernews/1691", "content": "Researcher disclose details of an unpatched vulnerability (CVE-2021-24084) in the Windows OS\u2014known to Microsoft since October 2020\u2014that could allow an attacker to gain unauthorized access to the file system and read arbitrary files.\n\nDetails: https://thehackernews.com/2021/11/unpatched-unauthorized-file-read.html", "creation_timestamp": "2021-11-30T10:12:58.000000Z"}, {"uuid": "1990c244-d682-45c5-a469-42f43f3ef302", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1253", "content": "#ecploit \nMicropatching Unpatched LPE in Mobile Device Management Service (CVE-2021-24084/0day)\nhttps://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html\n\n@BlueRedTeam", "creation_timestamp": "2021-12-01T09:38:52.000000Z"}, {"uuid": "031b829d-c68f-4192-a595-766240def961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2815", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (feb 1-28)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-21972 - VMware vCenter RCE\nhttps://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477\nhttps://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC\nhttps://github.com/NS-Sp4ce/CVE-2021-21972\nhttps://github.com/yaunsky/CVE-2021-21972\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-25646 - Apache Druid &lt;=0.20.1 RCE\nhttps://t.me/cybersecuritytechnologies/2639\nCVE-2020-27932 - A type confusion in MacOS 10.15.7\nhttps://t.me/cybersecuritytechnologies/2383\nCVE-2021-24074, CVE-2021-24094, CVE-2021-24086 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday", "creation_timestamp": "2021-03-03T05:37:03.000000Z"}, {"uuid": "e6af4a04-b403-4cfc-8482-4aead1eb7f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3104", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 5-11)\nCVE-2021-26855 - ProxyLogon MS Exchange Srv RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-26411 - IE mshtml UAF\nhttps://t.me/cybersecuritytechnologies/2908\nCVE-2021-3129 - Laravel debug RCE\nhttps://t.me/cybersecuritytechnologies/2557\nCVE-2021-26708 - LPE in the Linux kernel &lt;5.10.x\nhttps://github.com/jordan9001/vsock_poc\nCVE-2020-16040 - V8 JIT Compiler Bug\nhttps://t.me/cybersecuritytechnologies/2450\nCVE-2021-21982 - SSRF in VMWare\nhttps://t.me/cybersecuritytechnologies/3039\nCVE-2021-21402 - UAF read in Jellyfin\nhttps://t.me/cybersecuritytechnologies/3064\nCVE-2021-29154 - BPF JIT bug\nhttps://www.openwall.com/lists/oss-security/2021/04/08/1", "creation_timestamp": "2021-04-12T11:01:12.000000Z"}, {"uuid": "a3aeb146-3fa5-42c5-82d2-b58412fcca6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3279", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (April 1-30)\n\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-28310 - Win32k EoP Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-26411 - IE mshtml UAF\nhttps://t.me/cybersecuritytechnologies/2908\nCVE-2021-22204 - DjVu improper neutralization of user data\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156\nCVE-2021-28480/28482 - MS Exchange Server RCE\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange", "creation_timestamp": "2024-04-30T17:11:44.000000Z"}, {"uuid": "a0b77975-7447-4326-8912-5fe460430855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4876", "content": "#exploit\n1. CVE-2021-21234:\nSpring Boot Actuator Logview Directory Traversal\nhttps://pyn3rd.github.io/2021/10/25/CVE-2021-21234-Spring-Boot-Actuator-Logview-Directory-Traversal\n2. Micropatching Unpatched LPE in Mobile Device Management Service (CVE-2021-24084/0day)\nhttps://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html", "creation_timestamp": "2021-12-01T12:29:13.000000Z"}, {"uuid": "71619d48-cea3-486b-808a-537a196e53c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24085", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2717", "content": "#exploit\nCVE-2021-24085:\nMicrosoft Exchange Server msExchEcpCanary Cross Site Request Forgery EoP Vulnerability [1-day]\nhttps://github.com/sourceincite/CVE-2021-24085", "creation_timestamp": "2025-03-01T01:43:20.000000Z"}, {"uuid": "66125d97-3692-407f-bcc2-2f0621465149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2708", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 8-14)\nCVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT in targeted attack\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2020-2037 - Palo Alto PAN-OS vulnerability\nhttps://t.me/cybersecuritytechnologies/2687\nCVE-2021-24074, CVE-2021-24086, CVE-2021-24094 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE vulnerability\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-21017 - Acrobat Reader DC\u00a0a heap-based buffer overflow vulnerability\nhttps://threatpost.com/critical-adobe-windows-flaw/163789\nCVE-2020-24581 - D-Link DSL-2888A AU_2.31_V1x - RCE\nhttps://t.me/cybersecuritytechnologies/2670", "creation_timestamp": "2021-02-15T11:00:19.000000Z"}, {"uuid": "7a9bf6e2-4e93-4464-b0cf-f053d1e80072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24086", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3159", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 12-18)\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1647 - MS Defender RCE Vulnerability\nhttps://www.anquanke.com/post/id/231625\nCVE-2021-28310 - Win32k Elevation of Privilege Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28480/28481/28482/28483 - MS Exchange Server RCE Vulnerability\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156", "creation_timestamp": "2021-04-19T11:01:18.000000Z"}, {"uuid": "ed682ced-d9b3-4795-9df2-f6a89a9d27e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4850", "content": "#exploit\n1. CVE-2021-40865:\nhttps://github.com/hktalent/CVE-2021-40865\n\n2. CVE-2021-24084:\nWindows MDM LPE\nhttps://github.com/ohnonoyesyes/CVE-2021-24084\n]-&gt; Micropatching Unpatched LPE in Mobile Device Management Service\nhttps://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html", "creation_timestamp": "2021-11-28T13:31:01.000000Z"}, {"uuid": "f33d590b-5326-4624-b0be-579335d04db6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4889", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Nov 1-30)\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-30883 - iOS IOMFB Vuln\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-3064 - Memory Corruption in PAN-OS GlobalProtect Portal/Gateway Interfaces\nhttps://t.me/cybersecuritytechnologies/4724\nCVE-2021-41379 - Windows Installer LPE\nhttps://t.me/cybersecuritytechnologies/4813\nCVE-2021-42321 - MS Exchange Post-Auth RCE\nhttps://t.me/cybersecuritytechnologies/4809\nCVE-2021-40539 - Zoho ManageEngine Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/4718\nCVE-2021-41277 - MetaBase Arbitrary File Read\nhttps://t.me/cybersecuritytechnologies/4802\nCVE-2021-43267 - Remote Kernel Heap Overflow in TIPC\nhttps://t.me/cybersecuritytechnologies/4678\nCVE-2021-42574 - Unicode Bidirectional override vuln\nhttps://github.com/js-on/CVE-2021-42574\nhttps://github.com/pierDipi/unicode-control-characters-action\nCVE-2021-24084 - Windows MDM LPE\nhttps://t.me/cybersecuritytechnologies/4850", "creation_timestamp": "2021-12-03T11:00:35.000000Z"}, {"uuid": "e59702f4-a5ce-49b3-a1b3-a231c8da3f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-24084", "type": "seen", "source": "https://infosec.exchange/users/briankrebs/statuses/116661298779426573", "content": "RE: https://c.im/@cdarwin/116660769695837565\nOne reason that Microsoft might be issuing such harshly worded language here to describe the researcher may be that, according to Nightmare Eclipse, they until recently worked as a security researcher at Microsoft.\nScroll back far enough through their Xitter account (to June 2020) and you will see they claimed CVE-2019-1385 was theirs. \nOn July 1, 2021, Nightmare Eclipse complained that Microsoft failed to fix one of the weaknesses they reported in CVE-2021-24084. Microsoft credits both of these flaws to the same researcher, whose LinkedIn account says they are in Germany and worked full time at Microsoft from Sept. 2022 to June 2025. \nFor the record, I think @GossiTheDog called it that this person was a former MS employee.\nhttps://x.com/ChaoticEclipse0/with_replies", "creation_timestamp": "2026-05-30T03:03:07.387540Z"}]}