30 matches found
Anyone can call the perform function because there is no access control
Lines of code L31-L75 Vulnerability details Impact Anyone can call the perform function. It can lead to unauthorized changes in the security council. Proof of Concept There is no access control in the perform function and it is marked "external". function performaddress securityCouncil, address...
Consider Disabling Inherited _cancel Function In The Governor Contracts
Lines of code Vulnerability details Impact The currently used openzeppelin upgradeable contracts dependency @openzeppelin/contracts-upgradeable is v4.7.3 The security council management contracts are inheriting the openzeppelin GovernorUpgradeable contracts to manage proposals. This version of...
replaceMember&rotateMember; has no voting process
Lines of code Vulnerability details Impact The execution of the two methods replaceMember&rotateMember does not implement the voting process, which will violate the provisions of the following articles Address rotation: As a practical matter, a council member can rotate one of their own keys. Thi...
Any of the role setter , nominee Vetter should not be a council (cohort) member.
Lines of code Vulnerability details Impact The privileged cohort membercouncil member can influence the member addition, removal, rotating the nominee and excluding the nominee. The function of election can be rigged, arbitrary proposals can be passed. This is easy by the council member who has...
SecurityCouncilMemberSyncAction.perform is not exclusively can be scheduled from SecurityCouncilManager's operations
Lines of code Vulnerability details Impact SecurityCouncilMemberSyncAction.perform is a crucial function that will be triggered by upgrade executor via delegate call after the whole election process or after current members do some update add/remove/replace/rotate to update security council...
GovernanceChainSCMgmtActivationAction : TIMELOCK_CANCELLER_ROLE is not set to the newEmergencySecurityCouncil
Lines of code Vulnerability details Impact newEmergencySecurityCouncil will not have the TIMELOCKCANCELLERROLE. Proof of Concept GovernanceChainSCMgmtActivationAction has the function perform which will be used to activate elections on Arbitrum One. while the function set and revoke the...
Security council election are vulnerable to signature replay attack
Lines of code Vulnerability details Impact SecurityCouncilNomineeElectionGovernor and SecurityCouncilMemberElectionGovernor contracts both inherit castVoteWithReasonAndParamsBySig function from the base GovernorUpgradeable contract, but implement custom countVote function respectively. The...
Anyone can change the members of Security Council
Lines of code Vulnerability details Impact Anyone can change the members of security council by calling the function perform in the contract SecurityCouncilMemberSyncAction.sol as the function is open to all. Proof of Concept uint256 updateNonce = getUpdateNoncesecurityCouncil; if nonce =...
electionToTimestamp() might return incorrect timestamps depending on the day of the first election
Lines of code Vulnerability details Bug Description For nominee elections, election dates are determined using the the electionToTimestamp function in the SecurityCouncilNomineeElectionGovernorTiming module. When SecurityCouncilNomineeElectionGovernor is initialized after deployment, the first...
Anyone can call perform in SecurityCouncilMemberSyncAction to update members of security council multisig
Lines of code Vulnerability details Impact Anyone can update members of security council multisig Proof of Concept SecurityCouncilMemberSyncAction contract has a perform function which is used to update members of security council multisig. File: SecurityCouncilMemberSyncAction.sol /// @notice...
The upgrade executor is granted the canceller role instead of the new emergency security council.
Lines of code Vulnerability details Impact In L1SCMgmtActivationAction.sol, the perform function is not granting role to the new emergency security council. It instead grants it to the upgrade executor. This logic doesn't align with the function inline comment and can prevent the perform function...
Microsoft validation error allowed state actor to access user email of government agencies and others
Microsoft is getting criticized for the way in which it handled a serious security incident that allowed a suspected Chinese espionage group to access user email from approximately 25 organizations, including government agencies and related consumer accounts in the public cloud. The attacks were...
The governor can use the replay attack to manipuate the votes in his favor
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Since the argument of function approveEmergencyDiamondCutAsSecurityCouncilMember does not have the proposalID, a governor can use replay attack to manipulate the votes in his favor, that is, even not...
Firmware Analysis and Comparison Tool跨站请求伪造漏洞
Firmware Analysis and Comparison Tool FACT is a firmware analysis and comparison tool. firmware Analysis and Comparison Tool version v3.2 contains a cross-site request forgery vulnerability that stems from a WEB application that does not adequately validate that the request is from a trusted user...
Hackers Try to Target European Officials to Get Info on Ukrainian Refugees, Supplies
Details of a new nation-state sponsored phishing campaign have been uncovered setting its sights on European governmental entities in what's seen as an attempt to obtain intelligence on refugee and supply movement in the region. Enterprise security company Proofpoint, which detected the malicious...
Biden to Appoint Cybersecurity Advisor to NSC – Report
President-elect Joe Biden has reportedly tapped the National Security Agency’s cybersecurity director to serve in a brand-new cyber-role on his National Security Council. Anne Neuberger, a more than 10-year veteran of the NSA and its cyber-chief since 2019, will become the country’s deputy nation...
How Tech Helped the NSC Change the US Way of War
The National Security Council has gained enormous influence over the last few decades—thanks in no small part to better tech...
Federal Agencies Face an Uphill Battle in Cyber-Preparedness
In the wake of the elimination of the federal cybersecurity czar position, the latest federal cybersecurity preparedness report from the Office of Management and Budget OMB and the Department of Homeland Security DHS shows that U.S. government is nowhere near ready for prime time when it comes to...
White House Hires First Federal CISO
The White House announced yesterday it has hired retired Brigadier General Gregory J. Touhill, right, to serve as the first federal chief information security officer. Touhill will be responsible for setting policies, strategies and practices across federal agencies. According to a White House bl...
Government Promises Comment Period on Next Wassenaar Draft
It’s been months since the U.S. Commerce Department’s Bureau of Industry and Security pulled the U.S. implementation of the Wassenaar Arrangement off the table for an unusual rewrite of the rules governing so-called intrusion software. The overly broad rule drew the ire of security and privacy...