EUVD-2022-42734

Malicious code in bioql PyPI...

PS5-IPV6-Kernel-Exploit

This is an experimental webkit-based kernel exploit for the PS5 on firmware versions = 4.51. The exploit establishes an arbitrary read / semi-arbitrary write primitive, but it cannot achieve code execution due to the hypervisor-enforced kernel write protection and Clang-based fine-grained Control...

PlayStation: Remote vulnerabilities in spp

A vulnerability was discovered in the spp PPPoE implementation on the PS4/PS5. The vulnerability could allow a malicious PPPoE server to cause a heap buffer overwrite and overread, potentially leading to denial-of-service or remote code execution in kernel context. The vulnerability was caused by...

Setting Strong and Unique Passwords: The First Line of Defense for PS5 Security

By Owais Sultan A strong password for your PS5 enhances security, thwarting unauthorized access and protecting your personal information and gaming… This is a post from HackRead.com Read the original post: Setting Strong and Unique Passwords: The First Line of Defense for PS5 Security...

Setting Strong and Unique Passwords: The First Line of Defense for PS5 Security

By Owais Sultan A strong password for your PS5 enhances security, thwarting unauthorized access and protecting your personal information and gaming… This is a post from HackRead.com Read the original post: Setting Strong and Unique Passwords: The First Line of Defense for PS5 Security...

CVE-2022-3349

A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFATreadupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical...

Heap overflow

A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFATreadupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical...

CVE-2022-3349

Summary: CVE-2022-3349 affects Sony PS4/PS5 in the exFAT Handler, specifically the UVFAT_readupcasetable function. The vulnerability stems from manipulating the dataLength argument, leading to a heap-based buffer overflow that can be triggered on a physical device. Impact & scope (as reported): H...

CVE-2022-3349 Sony PS4/PS5 exFAT UVFAT_readupcasetable heap-based overflow

A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFATreadupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical...

Wrestling star Mick Foley’s Twitter compromised, selling PS5 consoles

One of the biggest wrestling stars around, Mick Foley, had his Twitter account hijacked in an attempt to legitimize a very popular scam. When a well known individual has their social media accounts compromised, disaster looms, as everything from phishing to malware distribution waits in the wings...

Wrestling star Mick Foley's Twitter compromised, selling PS5 consoles

One of the biggest wrestling stars around, Mick Foley, had his Twitter account hijacked in an attempt to legitimize a very popular scam. When a well known individual has their social media accounts compromised, disaster looms, as everything from phishing to malware distribution waits in the wings...

Beware tragic “my daughter died…” Facebook posts offering free PS5s

Tragic tales are being posted to Facebook, combined with the offer of a giveaway. However, some are perhaps not quite what they seem. The PS5 is still one of the hottest bits of tech around, and near-total lack of availability, combined with a high sale price, means that some people will do...

PlayStation: Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)

The PS5 is vulnerable to https://hackerone.com/reports/826026 which easily grants kernel access to an attacker. This vulnerability had been reported by me for the PS4 2 years ago when the PS5 did not yet exist, thus this should be considered as a new report and not a duplicate. I was able to use...

Talos Takes Ep. #78: Attackers would love to buy you a non-existent PS5 this holiday season

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We know this episode comes around every year, but people keep falling for scams, so we have to remind people how to... Thi...

PlayStation: SMAP bypass

SMAP is a security feature on x86 CPUs, that forbids ring0 from reading/writing to ring3 pages, making it harder to exploit entire classes of vulnerabilities. There is a vulnerability in FreeBSD 12 that allows SMAP to be bypassed by userland. There is a very high probability that it affects the P...

Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers

It’s a big week for gamers across the globe, with imminent, dueling releases of Xbox Series X and PlayStation PS5. However, an army of retail bots threaten to drive prices up as much as three times the retail price, putting the coveted holiday gifts well out of reach of everyday fans. Retailers...

Unspecified Vulnerability in Oracle Siebel CRM

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions, which includes sales management, marketing management, customer service systems, call centers and other modules. An unspecified vulnerability exists in Oracle Siebel CRM IP2014 PS10...