The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given the name Ripple20, affect hundreds of millions of devices and include multiple remote code execution vulnerabilities. These vulnerabilities affect Treck TCP/IP stack implementations for embedded systems. The Treck TCP/IP stack is affected including: IPv4IPv6UDPDNSDHCPTCPICMPv4ARP Impact:Successful exploitation of these...
Read More
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. What is UPnP? Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and...
Read More
Description: A vulnerability has been discovered in Microsoft Windows SMB Server that could allow for remote code execution. This vulnerability is due to an error in handling maliciously crafted compressed data packets within version 3.1.1 of Server Message Blocks. To exploit this vulnerability, an attacker can send specially crafted compressed data packets to a target Microsoft Server Message Block 3.0 (SMBv3) server. Clients who connects...
Read More
Description: A vulnerability has been discovered in Zoom Client that could allow for arbitrary code execution. An exploitable partial path traversal vulnerability exists in the way Zoom Client processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution due to how Zoom handles shared files. Zoom automatically unpacks shared...
Read More
Severity: High Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the “signature_algorithms_cert” TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service...
Read More