Cart

Your Cart is Empty

Back To Shop

Cart

Your Cart is Empty

Back To Shop

Month: October 2022

Vulnerabilities in Apache Batik Default Security Controls – SSRF and RCE Through Remote Class Loading

Introduction I stumbled upon the Apache Batik library while researching other Java-based products. It immediately caught my attention, as this library parses Scalable Vector Graphics (SVG) files and transforms them into different raster graphics formats (i.e., PNG, PDF, or JPEG). I was even more encouraged when I looked at the Batik documentation. It was obvious that such a library could be prone to Server-Side Request Forgery (SSRF) issues (e.g., loading of images from remote resources). However, the documentation shows that Batik can also: ·      Execute JavaScript through the Rhino interpreter.·      Load and execute remote Java classes. Those are some neat …

Vulnerabilities in Apache Batik Default Security Controls – SSRF and RCE Through Remote Class LoadingRead More

GeForce RTX 40 Series Receives Massive Creator App Benefits This Week ‘In the NVIDIA Studio’

Editor’s note: This post is part of our weekly In the NVIDIA Studio series, which celebrates featured artists, offers creative tips and tricks, and demonstrates how NVIDIA Studio technology improves creative workflows. We’re also deep diving on new GeForce RTX 40 Series GPU features, technologies and resources, and how they dramatically accelerate content creation. Artists deploying the critically acclaimed GeForce RTX 4090 GPUs are primed to receive significant performance boosts in key creative apps. OBS Studio and Google Chrome enabled AV1 encoding; Topaz AI-powered apps and ON1 software added Tensor Core acceleration; and VTube Studio integrated NVIDIA Broadcast augmented-reality features …

GeForce RTX 40 Series Receives Massive Creator App Benefits This Week ‘In the NVIDIA Studio’Read More

Think Fast: Lotus Eletre Tops Charts in Driving and AI Compute Speeds, Powered by NVIDIA DRIVE Orin

One of the biggest names in racing is going even bigger. Performance automaker Lotus launched its first SUV, the Eletre, earlier this week. The fully electric vehicle sacrifices little in terms of speed and outperforms when it comes to technology. It features an immersive digital cockpit, lengthy battery range of up to 370 miles and autonomous-driving capabilities powered by the NVIDIA DRIVE Orin system-on-a-chip. The Eletre’s autonomous-driving system is designed for more than easier commutes. Lotus plans to train the vehicle to complete the world-famous Nürburgring racetrack in Germany entirely on its own. Powered by Lotus Group autonomous driving platform …

Think Fast: Lotus Eletre Tops Charts in Driving and AI Compute Speeds, Powered by NVIDIA DRIVE OrinRead More

ZDI-22-1488: Delta Industrial Automation InfraSuite Device Master APRunning Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.

ZDI-22-1487: Delta Industrial Automation InfraSuite Device Master DeSerializeBinary Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation InfraSuite Device Master Device-Monitor. User interaction is required to exploit this vulnerability in that the target client must connect to a malicious server.

ZDI-22-1486: Delta Industrial Automation InfraSuite Device Master ModifyPrivByID Missing Authentication Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges or create a denial-of-service condition on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to create a denial-of-service condition. Authentication is required to achieve privilege escalation.

CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code Injection

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Dusan Stevanovic of the Trend Micro Research Team detail a recently patched code injection vulnerability in the Sophos Firewall. The bug is due to improper validation of JSON keys submitted in the “JSON” parameter sent to the Controller endpoint. Successful exploitation of this vulnerability could result in remote code execution with the privileges of the root user. The following is a portion of their write-up covering CVE-2022-3236, with a few minimal modifications. Sophos recently patched a code injection vulnerability in Sophos Firewall v19.0 MR1 (19.0.1) …

CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code InjectionRead More

The October 2022 Security Update Review

Another Patch Tuesday is here, and Adobe and Microsoft have released their latest crop of new security updates and fixes. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for October 2022 For October, Adobe released four patches addressing 29 vulnerabilities in Adobe Acrobat and Reader, ColdFusion, Commerce and Magento, and Adobe Dimension. A total of 22 of these bugs were reported through the ZDI program. The fix for ColdFusion seems to be the most critical, with multiple CVSS 9.8 code execution bugs being addressed. There’s …

The October 2022 Security Update ReviewRead More

MindShaRE: Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja

Disclosure of uninitialized memory is one of the common problems faced when copying data across trust boundaries. This can happen between the hypervisor and guest OS, kernel and user space, or across the network. The most common bug pattern noticed among these cases is where a structure or union is allocated in memory, and some of the fields or padding bytes are not initialized before copying it across trust boundaries. The question is, is it possible to perform variant analysis of such bugs? The idea here is to perform a control flow insensitive analysis to track all memory store operations …

MindShaRE: Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary NinjaRead More