Aggregator

A vulnerability was found in Microsoft Windows and classified as critical. This issue affects some unknown processing of the component Cloud Files Mini Filter Driver. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2023-36036. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Schneider Electric Modicon M340 CPU, Modicon M580 CPU, Modicon M580 CPU Safety, EcoStruxure Control Expert and EcoStruxure Process Expert. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper enforcement of message integrity. The identification of this vulnerability is CVE-2023-6408. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in F5 BIG-IP up to 15.1.8/16.1.3/17.1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component iControl REST Endpoint. The manipulation leads to command injection. This vulnerability is known as CVE-2024-22093. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in F5 BIG-IP AFM up to 15.1.8/16.1.3/17.1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component IPS Engine. The manipulation leads to allocation of resources. This vulnerability is handled as CVE-2024-21771. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in F5 BIG-IP and BIG-IQ up to 15.1.8/16.1.3/17.1.0. This affects an unknown part of the component scp. The manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2024-21782. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iCloud up to 7.8.1 on Windows and classified as critical. Affected by this issue is some unknown functionality of the component WebKit. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2018-4438. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

您的网站是否正在泄露敏感数据？最新研究显示，45%的第三方应用在未经适当授权情况下访问用户信息。

主站 分类 漏洞 工具 极客

一名黑客用假恶意软件生成器感染1.8万名“脚本小子”，植入后门窃取数据并控制设备，全球范围内受影响，部分设备仍被感染。

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。 文章

HackerNews 编译，转载请注明出处： 在Pwn2Own Automotive 2025黑客大赛的第二天，安全研究人员两次攻破了特斯拉的Wall Connector电动汽车充电器。 此外，他们还发现了WOLFBOX、ChargePoint Home Flex、Autel MaxiCharger、Phoenix Contact CHARX、EMPORIA电动汽车充电器，以及Alpine iLX-507、Kenwood DMX958XR、Sony XAV-AX8500车载信息娱乐系统（IVI）中的23个零日漏洞。 PHP Hooligans团队率先利用未检查最小值的数字范围比较零日漏洞攻破了特斯拉Wall Connector，随后Synacktiv团队也通过充电连接器攻破了特斯拉的电动汽车充电器，而这种攻击方式此前从未公开演示过。 当天，在特斯拉Wall Connector的黑客攻击尝试中，发生了两次漏洞碰撞：一次由PCAutomotive团队发起，另一次由Summoning团队的Sina Kheirkhah发起，他利用了两个已知漏洞的漏洞链。 根据Pwn2Own Tokyo 2025大赛规则，比赛期间所有目标设备都必须安装所有安全更新并运行最新的操作系统版本。 在比赛第二天，趋势科技的零日漏洞计划（Zero Day Initiative）为23个零日漏洞颁发了335,500美元的现金奖励。目前，Sina Kheirkhah在“Pwn大师”排名中领先。 在Pwn2Own Automotive大赛首日，安全研究人员利用了16个独特的零日漏洞，并获得了382,750美元的现金奖励。比赛结束后，供应商将有90天的时间开发和发布安全补丁，然后ZDI才会公开披露这些零日漏洞。 Pwn2Own Automotive 2025黑客大赛将于1月22日至1月24日在日本东京举行的Automotive World大会上，专注于汽车技术的攻击。 黑客将瞄准汽车操作系统（如Automotive Grade Linux、Android Automotive OS和BlackBerry QNX）、电动汽车充电器和车载信息娱乐系统。 尽管特斯拉还提供了Model 3/Y（基于Ryzen）的等效台式设备，但在比赛日程公布之前，没有安全研究人员注册尝试攻击该公司的Wall Connector。第二天的日程安排和每项挑战的结果也可在此处查看。 一年前，在首届Pwn2Own Automotive东京大赛上，安全研究人员因两次攻破特斯拉并利用多个电动汽车系统中的49个零日漏洞，获得了1,323,750美元的奖励。   消息来源：Bleeping Computer, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

error code: 521

Welcome to the third and final day of Pwn2Own Automoti

Welcome to the third and final day of Pwn2Own Automotive 2025. Over the past two days, we have awarded $718,250 for 39 unique 0-days. Sina Kheirkhah has a commanding lead for Master of Pwn, but anything can happen. Here’s a look at today’s results…

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) used a single bug to exploit the ChargePoint EV charger. He earns himself another $25,000 and 5 Master of Pwn points.

SUCCESS - The Synacktiv (@Synacktiv) team used a single integer overflow to exploit the Sony IVI. Their work earns them another $10,000 and 2 Master of Pwn points.

SUCCESS - The Synacktiv (@Synacktiv) team used a single buffer overflow to exploit the Autel MaxiCharger. They were also able to demonstrate signals being transmitted via the Charging Connector for the add on. This work earns them $35,000 and 6 Master of Pwn points.

SUCCESS/COLLISION - Bongeun Koo (@kiddo_pwn) of STEALIEN used three bugs to exploit the Ubiquiti charger, but two were already known. He still wins $26,750 and 4.5 Master of Pwn points.

SUCCESS - Thanh Do (@nyanctl) of Team Confused was able to confuse the Alpine iLX-507 with a single stack buffer overflow. The unique bug earns him $10,000 and 2 Master of Pwn points.

SUCCESS - The PHP Hooligans again show their expertise by using a single OS command injection bug to exploit the Kenwood DMX958XR. Their final attempt of the contest earns them another $10,000 and 2 Master of Pwn points.

SUCCESS/COLLISION - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of fuzzware.io used a two bug chain - including an uninitialized variable - to exploit the WOLFBOX EV charger. However, one of these bugs was previously known. The earn $18,750 and 2 Master of Pwn points.

COLLISION - Rob Blakely and Andres Campuzano of the Technical Debt Collectors successfully exploited the Tesla Wall Connector, but they used a previously known bug. They still earn $12,500 and 2.5 Master of Pwn points.

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) used a command injection bug for his last exploit of the contest. He was able to pop the Alpine iLX-507 and earn himself another $10,000 and 2 more Master of Pwn points.

SUCCESS - The final attempt of the contest was the Pwn2Own debut of Evan Grant (@stargravy). He successfuly used an OS command injection bug to exploit the Kenwood DMX958XR. His unique approach earns him $10,000 and 2 Master of Pwn points.

And that’s a wrap! Pwn2Own Automotive 2025 is complete. In total, we awarded $886,250 for 49 0-days over the three day competition. With 30.5 points and $222,250 awarded, Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) is our Master of Pwn. Here’s the top five standings:

Thanks to all of the researchers and vendors who attended. Without their hard work and dedication, none of this would be possible. Thanks also to our partners at VicOne and our sponsor Tesla. Their partnership has been invaluable. Stay tuned for upcoming announcements about future Pwn2Own competitions. We have a lot in store. See you then!

error code: 521

HackerNews 编译，转载请注明出处： QNAP已修复六项rsync漏洞，这些漏洞可能导致攻击者在未打补丁的网络附加存储（NAS）设备上执行远程代码。 Rsync是一款开源文件同步工具，支持通过其守护进程进行直接文件同步、通过SSH进行SSH传输以及节省时间和带宽的增量传输。它被Rclone、DeltaCopy、ChronoSync等许多备份解决方案广泛使用，同时也应用于云和服务器管理操作以及公共文件分发。 这些漏洞被追踪为CVE-2024-12084（堆缓冲区溢出）、CVE-2024-12085（未初始化堆栈导致的信息泄露）、CVE-2024-12086（服务器泄露任意客户端文件）、CVE-2024-12087（通过–inc-recursive选项的路径遍历）、CVE-2024-12088（绕过–safe-links选项）和CVE-2024-12747（符号链接竞态条件）。 QNAP表示，这些漏洞影响了其数据备份和灾难恢复解决方案HBS 3 Hybrid Backup Sync 25.1.x，该方案支持本地、远程和云存储服务。 在周四发布的安全公告中，QNAP表示已在HBS 3 Hybrid Backup Sync 25.1.4.952中修复了这些漏洞，并建议客户将软件更新到最新版本。 要在您的NAS设备上更新Hybrid Backup Sync安装，您需要： 以管理员身份登录QTS或QuTS hero。 打开App Center并搜索HBS 3 Hybrid Backup Sync。 等待HBS 3 Hybrid Backup Sync出现在搜索结果中。 点击“更新”，然后在后续确认消息中点击“确定”。 这些rsync漏洞可以组合利用，形成导致远程系统妥协的利用链。攻击者仅需要对易受攻击的服务器拥有匿名读取访问权限。 “当组合利用时，前两个漏洞（堆缓冲区溢出和信息泄露）允许客户端在运行Rsync服务器的设备上执行任意代码，”CERT/CC在rsync 3.4.0发布安全修复的一周前发出警告。“客户端仅需要对服务器拥有匿名读取访问权限，例如公共镜像。此外，攻击者可以控制恶意服务器并读取/写入任何连接客户端的任意文件。” Shodan搜索结果显示，有70多万个IP地址暴露了rsync服务器。然而，尚不清楚其中有多少容易受到利用这些安全漏洞的攻击，因为成功利用需要有效的凭据或配置为允许匿名连接的服务器。   消息来源：Bleeping Computer, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

error code: 521

斯巴鲁在2024年底被发现一个关键漏洞，美国、加拿大和日本的数百万辆汽车和车主账户可能受到网络攻击。