163 matches found
PT-2023-2920 · Line · Drive Explorer
Name of the Vulnerable Software and Affected Versions: Drive Explorer for macOS versions 3.5.4 and earlier Description: The issue is related to incorrect code generation management, allowing an attacker to inject arbitrary code while processing the product execution. This can enable the attacker ...
JVN#01937209: LINE WORKS Drive Explorer vulnerable to code injection
LINE WORKS Drive Explorer provided by WORKS MOBILE Japan Corp. contains a code injection vulnerability CWE-94. Impact An attacker who can login to the client where the affected product is installed may inject arbitrary code while processing the product execution. Since a full disk access privileg...
WORKS MOBILE Drive Explorer for macOS 代码注入漏洞
WORKS MOBILE Drive Explorer for macOS is a drive explorer for macOS from WORKS MOBILE Japan. A security vulnerability exists in WORKS MOBILE Drive Explorer for macOS, which stems from the fact that execution of LINE WORKS Drive Explorer requires full disk access privileges, allowing an attacker t...
The vulnerability of Trend Micro Full Disk Encryption (FDE), a data encryption solution from Trend Micro Endpoint Encryption (TMEE), allows attackers to circumvent security restrictions.
The vulnerability of Trend Micro Full Disk Encryption FDE, a data encryption solution from Trend Micro Endpoint Encryption TMEE, is related to security configuration errors. Exploiting this vulnerability can allow attackers to circumvent security restrictions...
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...
Trend Micro Endpoint Encryption 安全漏洞
Trend Micro Endpoint Encryption is Trend Micro's solution for encrypting data on a variety of devices such as PCs and Macs, laptops and desktops, USB drives and other removable media. A security vulnerability exists in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and...
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...
CVE-2023-28005
Summary: CVE-2023-28005 affects Trend Micro Endpoint Encryption Full Disk Encryption (TMEE FDE) ≤ 6.0.0.3204. The issue enables bypass of the Windows Secure Boot process when an attacker has physical access, potentially enabling further attacks to access device contents. The encrypted drive remai...
SUSE CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
CVE-2022-2402 Stack Overflow in ESET Endpoint Encryption and ESET Full Disk Encryption for Windows
The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD...
ESET Endpoint Encryption 和 ESET Full Disk Encryption 缓冲区错误漏洞
ESET Endpoint Encryption EEE and ESET Full Disk Encryption EFDE are both products of ESET Slovakia.ESET Endpoint Encryption is a comprehensive security application. Designed to protect your data, both at rest and in transit, ESET Full Disk Encryption is a full disk encryption solution implemented...
CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
Microsoft Details macOS Bug That Could Let Attackers Gain Access to User Data
Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Contro...
Inside Apple: How macOS attacks are evolving
The start of fall 2021 saw the fourth Objective by the Sea OBTS security conference, which is the only security conference to focus exclusively on Apples ecosystem. As such, it draws many of the top minds in the field. This year, those minds, having been starved of a good security conference for ...
CVE-2021-30856
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences...
CVE-2021-30856
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences...
Design/Logic Flaw
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences...
CVE-2021-30856
This CVE (CVE-2021-30856) affects macOS Big Sur 11.3 and concerns a TCC/Remote Login interaction that could allow a malicious unsandboxed app with Remote Login enabled to bypass Privacy preferences. The issue was fixed in macOS Big Sur 11.3. Impact noted: potential privacy bypass without user int...
Swift-Attack - Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods
Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command line history and on disk binaries which should be easier for detection as well as post exploitation examples using API call...