Day: October 28, 2022
ZDI-22-1489: Delta Industrial Automation InfraSuite Device Master WriteConfiguration Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.
ZDI-22-1488: Delta Industrial Automation InfraSuite Device Master APRunning Missing Authentication Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.
ZDI-22-1487: Delta Industrial Automation InfraSuite Device Master DeSerializeBinary Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation InfraSuite Device Master Device-Monitor. User interaction is required to exploit this vulnerability in that the target client must connect to a malicious server.
ZDI-22-1486: Delta Industrial Automation InfraSuite Device Master ModifyPrivByID Missing Authentication Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges or create a denial-of-service condition on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to create a denial-of-service condition. Authentication is required to achieve privilege escalation.
CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code Injection
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Dusan Stevanovic of the Trend Micro Research Team detail a recently patched code injection vulnerability in the Sophos Firewall. The bug is due to improper validation of JSON keys submitted in the “JSON” parameter sent to the Controller endpoint. Successful …
CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code InjectionRead More
The October 2022 Security Update Review
Another Patch Tuesday is here, and Adobe and Microsoft have released their latest crop of new security updates and fixes. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings. Adobe Patches for October 2022 For October, Adobe released four patches addressing 29 vulnerabilities …
MindShaRE: Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja
Disclosure of uninitialized memory is one of the common problems faced when copying data across trust boundaries. This can happen between the hypervisor and guest OS, kernel and user space, or across the network. The most common bug pattern noticed among these cases is where a structure or union is allocated in memory, and some …
MindShaRE: Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary NinjaRead More
Neural NETA: Automaker Selects NVIDIA DRIVE Orin for AI-Powered Vehicles
One of China’s popular battery-electric startups now has the brains to boot. NETA Auto, a Zheijiang-based electric automaker, this week announced it will build its future electric vehicles on the NVIDIA DRIVE Orin platform. These EVs will be software defined, with automated driving and intelligent features that will be continuously upgraded via over-the-air updates. This …
Neural NETA: Automaker Selects NVIDIA DRIVE Orin for AI-Powered VehiclesRead More
Microsoft Experience Centers Display Scalable, Real-Time Graphics With NVIDIA RTX and Mosaic Technology
When customers walk into a Microsoft Experience Center in New York City, Sydney or London, they’re instantly met with stunning graphics displayed on multiple screens and high-definition video walls inside a multi-story building. Built to showcase the latest technologies, Microsoft Experience Centers surround customers with vibrant, immersive graphics as they explore new products, watch technical …
Make Gaming a Priority: Special Membership Discount Hits GeForce NOW for Limited Time
This spook-tacular Halloween edition of GFN Thursday features a special treat: 40% off a six-month GeForce NOW Priority Membership — get it for just $29.99 for a limited time. Several sweet new games are also joining the GeForce NOW library. Creatures of the night can now stream vampire survival game V Rising from the cloud. …
Make Gaming a Priority: Special Membership Discount Hits GeForce NOW for Limited TimeRead More
