Design/Logic Flaw

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update...

Malware Installed in Asus Computers through Hacked Update Process

Kaspersky Labs is reporting on a new supply chain attack they call "Shadowhammer." In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large...

CVE-2019-7323

GUP generic update process in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the...

CVE-2019-7323

GUP generic update process in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the...

CVE-2019-7323

The CVE-2019-7323 entry concerns LightySoft LogMX prior to 7.4.0, where the Generic Update Process (GUP) does not verify update authenticity, enabling a MITM attacker to substitute LogMXUpdater.class via an update delivered over cleartext HTTP. This could allow arbitrary code execution. The issue...

BSA-2019-754

Security Advisory ID : BSA-2019-754 Component : APT Revision : 1.0: Final A vulnerability in apt could allows a network man-in-the-middle or a malicious package mirror to execute arbitrary code as root on a machine installing any package. The bug has been fixed in the latest versions of apt. If...

Servicing stack update for Windows Server, version 1803 and Windows 10, version 1803: December 11, 2018

Servicing stack update for Windows Server, version 1803 and Windows 10, version 1803: December 11, 2018 Summary This update makes stability improvements for the Windows Server, version 1803 and Windows 10, version 1803 servicing stack.This update also addresses an issue that occurs when you insta...

SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle

======================================================================= Title: Insecure Update Process and RCE Product: SwitchVPN for MacOS, Windows Vulnerable version: 2.1012.03 CVE ID: Requested Impact: Critical Homepage: https://switchvpn.net/ Identified: 2018-11-01 By: Bernd Leitner...

SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle Vulnerability

Exploit for multiple platform in category local exploits ======================================================================= Title: Insecure Update Process and RCE Product: SwitchVPN for MacOS, Windows Vulnerable version: 2.1012.03 CVE ID: Requested Impact: Critical Homepage:...

UPDATED VERSION: RouterSploit 3.3.0

PenTestIT RSS Feed Since my last update, this router exploitation framework have gone through a lot of updates. This post is about RouterSploit 3.3.0 code named I Know You Were Trouble. We will also discuss changes made to and an earlier version 3.2.0 to maintain a chain with the hopes that I kee...

CVE-2016-5294

The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird 45.5, Firefox ESR...

Rooting a Logitech Harmony Hub: Improving Security in Today's IoT World

Introduction FireEye’s Mandiant Red Team recently discovered vulnerabilities present on the Logitech Harmony Hub Internet of Things IoT device that could potentially be exploited, resulting in root access to the device via SSH. The Harmony Hub is a home control system designed to connect to and...

Hashicorp vagrant-vmware-fusion local elevation of privilege vulnerability

Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. vagrant update is one of the update processes. A security vulnerability exists in the vagrant update process in Hashicorp vagrant-vmware-fusion...

Design/Logic Flaw

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...

CVE-2017-16512

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...

CVE-2017-16512

The CVE-2017-16512 entry describes a local privilege escalation in Hashicorp vagrant-vmware-fusion, affecting versions 5.0.2 through 5.0.4. The vulnerability exists in the vagrant update process and lets a local attacker steal root privileges via a crafted update request when no updates are avail...

Advanced Network Monitoring & MITM Attack Framework: Bettercap

Evil socket just announced the release of the second generation of bettercap , a complete re-implementation of the most complete and advanced Man-in-the-Middle attack framework. This release not only brings MITM attacks to the next level, but it aims to be the reference framework for network...

CVE-2017-10963

In Knox SDS IAM Identity Access Management and EMM Enterprise Mobility Management 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container without the user's knowledge by inspecting network traffic from a Samsung server and injecting conten...

New Android vulnerability allows attackers to modify apps without affecting their signatures(CVE-2017-13156)

A serious vulnerability CVE-2017-13156 in Android allows attackers to modify the code in applications without affecting their signatures. The root of the problem is that a file can be a valid APK file and a valid DEX file at the same time. We have named it the Janus vulnerability, after the Roman...

Denial of service

In HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges...