Stay connected

Trending News

A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated
Critical vulnerabiliities, Cyber Security, IoT Security, Vulnerabilities

Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability 

Summary A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability…

This paper will walk you through the proof-of-concept and technical details of exploitation for IOActive’s recent NFC relay attack on the newest Tesla vehicle, the Model Y.
White Papers

NFC RELAY ATTACK ON TESLA MODEL Y 

This paper will walk you through the proof-of-concept and technical details of exploitation forIOActive’s recent NFC relay attack on the newest Tesla vehicle, the Model Y.To successfully carry out the attack, IOActive reverse-engineered the NFC protocol Tesla usesbetween the NFC card and the vehicle, and…

The following products of Siemens are affected: Parasolid V35.0: all versions prior to V35.0.263 Parasolid V35.0: all versions prior to V35.0.251
ICS, News, Vulnerabilities

Siemens Parasolid 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the vulnerability to perform remote code execution in the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens are affected: 3.2…

The processing of responses coming from specially crafted DNSSEC-signed zones can cause CPU exhaustion on a DNSSEC-validating resolver.
News

CVE-2023-50387: KeyTrap – Extreme CPU consumption in DNSSEC validator 

CVE: CVE-2023-50387 Title: KeyTrap – Extreme CPU consumption in DNSSEC validator Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND (Versions prior to 9.11.37 were not assessed.) BIND Supported Preview Edition (Versions prior to 9.11.37-S1 were not assessed.) Severity: High Exploitable: Remotely Description: The processing of…