GhostRace: Exploiting and Mitigating Speculative Race Conditions
Race conditions arise when multiple threads attempt to ac- cess a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free. To mitigate their occurrence, operating systems rely on syn- chronization primitives such as mutexes, spinlocks, etc. In this paper, we present…
Critical Vulnerability Allows Access to QNAP NAS Devices
Taiwan-based QNAP Systems over the weekend announced patches for multiple vulnerabilities impacting its products, including a critical-severity bug leading to unauthenticated device access. Tracked as CVE-2024-21899 (CVSS score of 9.8), the vulnerability is described as an improper authentication issue that “could allow users to compromise…
Cisco Secure Client Carriage Return Line Feed Injection Vulnerability
Summary A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit…
NFC RELAY ATTACK ON TESLA MODEL Y
This paper will walk you through the proof-of-concept and technical details of exploitation forIOActive’s recent NFC relay attack on the newest Tesla vehicle, the Model Y.To successfully carry out the attack, IOActive reverse-engineered the NFC protocol Tesla usesbetween the NFC card and the vehicle, and…
Cisco NX-OS Software MPLS Encapsulated IPv6 Denial of Service Vulnerability
Summary A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to…
The KeyTrap Denial-of-Service Algorithmic Complexity Attacks on DNSVersion: January 2024
Abstract—Availability is a major concern in the design of DNSSEC. To ensure availability, DNSSEC follows Postel’s Law [RFC1122]: ”Be liberal in what you accept, and conservative inwhat you send.” Hence, nameservers should send not just one matching key for a record set, but all the…
New WiFi Authentication Vulnerabilities Discovered
One vulnerability affects Android, ChromeOS and Linux devices connecting to enterprise WiFi networks, another affects home WiFi using a Linux device as a wireless access point. Two new vulnerabilities in open-source WiFi software allow attackers to trick victims into connecting to malicious clones of trusted…
Siemens Parasolid
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the vulnerability to perform remote code execution in the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens are affected: 3.2…
CVE-2023-50387: KeyTrap – Extreme CPU consumption in DNSSEC validator
CVE: CVE-2023-50387 Title: KeyTrap – Extreme CPU consumption in DNSSEC validator Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND (Versions prior to 9.11.37 were not assessed.) BIND Supported Preview Edition (Versions prior to 9.11.37-S1 were not assessed.) Severity: High Exploitable: Remotely Description: The processing of…
Mitsubishi Electric MELSEC iQ-R Series Safety CPU
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than themselves. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric reports that the…
Stay connected