In September 2021, the Trend Micro Managed XDR (MDR) team looked into suspicious activity related to a PurpleFox operator. Our findings led us to investigate an updated PurpleFox arsenal, which included an added vulnerability (CVE-2021-1732) and optimized rootkit capabilities leveraged in their attacks.

prion 1

threatpost 3

cisa 1

githubexploit 11

cve 1

checkpoint_advisories 1

securelist 6

trendmicroblog 1

seebug 1

cisa_kev 1

mscve 1

thn 5

attackerkb 3

packetstorm 2

malwarebytes 2

zdt 1

metasploit 1

hivepro 1

krebs 1

rapid7blog 3

qualysblog 3

wallarmlab 1

googleprojectzero 2

nessus 4

mskb 4

openvas 4

avleonov 1

kaspersky 1

prion

Privilege escalation

2021-02-25 23:15:00

threatpost

Microsoft Pulls Bad Windows Update After Patch Issue

2021-02-16 16:47:36

Public Exploit Released for Windows 10 Bug

2022-01-31 21:59:35

Actively Exploited Windows Kernel Bug Allows Takeover

2021-02-09 22:33:08

cisa

Microsoft Warns of Windows Win32k Privilege Escalation

2021-02-09 00:00:00

githubexploit

Exploit for Out-of-bounds Write in Microsoft

2022-02-15 16:55:31

Exploit for Out-of-bounds Write in Microsoft

2023-07-11 09:29:18

Exploit for Improper Privilege Management in Microsoft

2021-04-02 01:35:41

cve

CVE-2021-1732

2021-02-25 23:15:00

checkpoint_advisories

Microsoft Win32k Elevation of Privilege (CVE-2021-1732)

2021-02-09 00:00:00

securelist

APT trends report Q1 2021

2021-04-27 10:00:26

Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild

2021-04-13 17:35:50

APT annual review 2021

2021-11-30 10:00:31

trendmicroblog

PurpleFox Adds New Backdoor That Uses WebSockets

2021-10-19 00:00:00

seebug

Microsoft Windows本地提权漏洞（CVE-2021-1732）

2021-03-26 00:00:00

cisa_kev

Microsoft Win32k Privilege Escalation Vulnerability

2021-11-03 00:00:00

mscve

Windows Win32k Elevation of Privilege Vulnerability

2021-02-09 08:00:00

thn

CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability

2022-02-07 05:03:00

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

2024-02-09 16:32:00

Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia

2022-05-11 12:37:00

attackerkb

CVE-2021-1732

2021-02-25 00:00:00

CVE-2022-21882

2022-01-11 00:00:00

CVE-2021-28310

2021-04-13 00:00:00

packetstorm

Win32k ConsoleControl Offset Confusion

2021-03-19 00:00:00

Win32k ConsoleControl Offset Confusion / Privilege Escalation

2022-02-28 00:00:00

malwarebytes

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

2022-02-01 11:07:29

Big Patch Tuesday: Microsoft and Adobe fix in-the-wild exploits

2021-02-10 17:26:33

zdt

Win32k ConsoleControl Offset Confusion / Privilege Escalation Exploit

2022-02-28 00:00:00

metasploit

Win32k ConsoleControl Offset Confusion

2022-02-18 20:23:38

hivepro

Vulnerabilities & Threats that Matter 08 – 14th Aug

2022-08-16 05:00:49

krebs

Microsoft Patch Tuesday, February 2021 Edition

2021-02-09 22:37:19

rapid7blog

Metasploit Wrap-Up

2021-03-26 17:36:13

Metasploit Weekly Wrap-Up

2022-03-04 21:52:42

Patch Tuesday - February 2021

2021-02-09 23:51:27

qualysblog

February 2021 Patch Tuesday – 56 Vulnerabilities, 11 Critical, Adobe

2021-02-09 20:22:38

Qualys Response to CISA Alert: Binding Operational Directive 22-01

2021-11-09 06:15:01

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

wallarmlab

Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API

2021-03-21 13:09:00

googleprojectzero

2022 0-day In-the-Wild Exploitation…so far

2022-06-30 00:00:00

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

nessus

KB4601354: Windows 10 Version 1803 February 2021 Security Update

2021-02-09 00:00:00

KB4601315: Windows 10 Version 1909 February 2021 Security Update

2021-02-09 00:00:00

KB4601345: Windows 10 Version 1809 and Windows Server 2019 February 2021 Security Update

2021-02-09 00:00:00

mskb

February 9, 2021—KB4601354 (OS Build 17134.2026) - EXPIRED

2021-02-09 08:00:00

February 9, 2021—KB4601345 (OS Build 17763.1757) - EXPIRED

2021-02-09 08:00:00

February 9, 2021—KB4601315 (OS Build 18363.1377) - EXPIRED

2021-02-09 08:00:00

openvas

Microsoft Windows Multiple Vulnerabilities (KB4601354)

2021-02-10 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4601315)

2021-02-10 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4601319)

2021-02-10 00:00:00

avleonov

Vulristics: Microsoft Patch Tuesdays Q1 2021

2021-03-26 02:47:52

kaspersky

KLA12071 Multiple vulnerabilities in Microsoft Windows

2021-02-09 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for TRENDMICROBLOG:B5EA1F5E613C3A15D832147CF064EC78