352 matches found
SUSE CVE-2013-4925
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted packet...
SUSE CVE-2015-8714
The dissectdcomOBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...
November 8, 2022—KB5020009 (Monthly Rollup)
November 8, 2022—KB5020009 Monthly Rollup Summary Learn more about this cumulative security update, including improvements, any known issues, and how to get the update. REMINDER Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020,...
November 8, 2022—KB5019970 (OS Build 10240.19567) - EXPIRED
November 8, 2022—KB5019970 OS Build 10240.19567 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 12/8/20 For...
KB5004442: Windows DCOM Server Security Feature Bypass Registry Check (CVE-2021-26414)
The remote Windows DCOM Server may be in a vulnerable state to exploitation by having the HKLM\Software\Microsoft\Ole\AppCompat\RequireIntegrityActivationAuthenticationLevel registry value set to 0. Hardening changes in DCOM were required for CVE-2021-26414 and were implemented in 2 phases on Jun...
November 8, 2022—KB5020019 (Monthly Rollup)
November 8, 2022—KB5020019 Monthly Rollup Summary Learn more about this cumulative security update, including improvements, any known issues, and how to get the update. REMINDER Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and is now in extended support. Starti...
Access to Hyper-V or Veeam B&R Components Fails After DCOM Hardening is Enabled
Article Applicability The issue discussed in this article is not identified solely based on the Veeam errors but rather by their correlation with Windows Event ID 10036, which states: The server-side authentication level policy does not allow the user from address to activate DCOM server. Please...
Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP
Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Alternative video link for Russia: $ cat...
MS Enterprise app management service RCE. CVE-2022-35841
TL;DR A remote command execution and local privilege escalation vulnerability has been fixed by Microsoft as part of September’s patch Tuesday. The vulnerability, filed under CVE-2022-35841, affects the Enterprise App Management Service which handles the installation of enterprise applications...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
Hardcoded credentials
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30314
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...
CVE-2022-30314
CVE-2022-30314 affects Honeywell Experion PKS Safety Manager 5.02. The vulnerability arises from hard-coded credentials used to access the POLO bootloader, which is exposed via the DCOM-232/485 serial interface used for firmware management. An attacker with physical or gateway-access to the seria...
DCOM abuse and lateral movement with Cobalt Strike
Introduction When researching lateral movement techniques I came across a post from Raphael Mudge of Cobalt Strike fame. He details scripting an Aggressor Script for Matt Nelson’s MMC20.Application Lateral Movement technique. Reading that post spurred me to make my own DCOM based lateral movement...
Windows Exploitation Tricks: Relaying DCOM Authentication
Posted by James Forshaw, Project Zero In my previous blog post I discussed the possibility of relaying Kerberos authentication from a DCOM connection. I was originally going to provide a more in-depth explanation of how that works, but as it's quite involved I thought it was worthy of its own blo...
October 12, 2021—KB5006714 (Monthly Rollup)
October 12, 2021—KB5006714 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support...
September 27, 2021—KB5005619 (OS Build 20348.261) Preview
September 27, 2021—KB5005619 OS Build 20348.261 Preview Improvements and fixes This non-security update includes quality improvements. Key changes include: Addresses an issue that might prevent users from opening phone apps that are pinned to the taskbar. This issue occurs after they update to th...
Google Chrome OS licensing issue vulnerability
ChromeOS Readiness Tool installer is a system tool for Chrome OS, a lightweight Web-based open source operating system from Google, Inc. The vulnerability stems from an improper implementation that relaxes DCOM access to two objects, which can be exploited to potentially bypass access control...
Information disclosure
Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls...
CVE-2021-30605
Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls...