📄 Windows Cloud Files Tiering Engine Local Privilege Escalation

his Metasploit local exploit module models a Windows privilege escalation scenario involving Cloud Files, NTFS reparse points, named pipes, and service interaction. The workflow simulates abusing file system operations and cloud sync mechanisms by creating controlled directories, placeholder file...

EUVD-2012-2278

Malware in sbrugna...

EUVD-2014-0676

Malware in sbrugna...

Securing Sideways: Thwarting Lateral Movement by Implementing Active Directory Tiering

The advancement of computing equipment and the advances in services over the Internet has allowed corporations, higher education, and many other organizations to pursue the shared computing network environment. A requirement for shared computing environments is a centralized identity system to...

Azure File Sync Agent v21.2 Release – July 2025

Azure File Sync Agent v21.2 Release – July 2025 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v21.2 release that is dated July 2025. Additionally, this article contains installation instructions for this release. Improvements and issues that are...

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

CISA: Chemical Facility Anti-Terrorism Standards (CFATS) Risk Tiering

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

Security Bulletin: A vulnerability in Transparent Cloud Tiering affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in netty-codec-http affects the Transparent Cloud Tiering function in IBM Storage Virtualize products. Most systems do not have Transparent Cloud Tiering configured. You can confirm by running the lsvolumebackup CLI command - if there is no output, then this feature is not...

Security Bulletin: Vulnerabilities in Transparent Cloud Tiering affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in netty-codec-http2 and commons-compress affect the Transparent Cloud Tiering function in IBM Storage Virtualize products. CVE-2023-44487, CVE-2024-25710, CVE-2024-26308. Most systems do not have Transparent Cloud Tiering configured. You can confirm by running the...

Azure File Sync Agent v17 Release - December 2023

Azure File Sync Agent v17 Release - December 2023 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v17.1 release that is dated February 2024. Additionally, this article contains installation instructions for this release. Improvements and issues that...

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability which can allow an attacker to execute arbitrary code

Summary Logback could allow a remote authenticated attacker to execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2021-42550 DESCRIPTION: Logback could allow a remote authenticated attacker to execute arbitrary code on the system. By using a specially-crafted configuration, an...

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability in IBM® Runtime Environment Java™ (CVE-2021-2161)

Summary CVE-2021-2161 was disclosed as part of the Oracle April 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact,...

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by multiple vulnerabilities in IBM® Runtime Environment Java™

Summary Multiple vulnerabilities were disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of...

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability which can cause denial of service (CVE-2022-41881)

Summary A vulnerability in IBM Spectrum Scale Transparent Cloud Tiering could allow a remote attacker to cause a denial of service condition. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder...

Azure File Sync Agent v15.1 Release – September 2022

Azure File Sync Agent v15.1 Release – September 2022 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v15.1 release that is dated September 2022. Additionally, this article contains installation instructions for this release. Improvements and issues...

Azure File Sync Agent v15 Release – March 2022

Azure File Sync Agent v15 Release – March 2022 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v15 release that is dated March 2022. Additionally, this article contains installation instructions for this release. Improvements and issues that are fixe...

Azure File Sync Agent v14 Release – October 2021

Azure File Sync Agent v14 Release – October 2021 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v14 release that is dated October 2021. Additionally, this article contains installation instructions for this release. Improvements and issues that are...

Security Bulletin: IBM Transparent Cloud Tiering is affected by a vulnerability in Apache Commons IO ( CVE-2021-29425)

Summary apache commons IO is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the...

Security Bulletin: A vulnerability in netty affects IBM Spectrum Scale Transparent Cloud Tier CVE-2021-21409

Summary Netty is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-21409 DESCRIPTION: Netty is vulnerable to request smuggling, caused by improper validation of request, caused...

Security Bulletin: A vulnerability in netty affects IBM Spectrum Scale Transparent Cloud TierCVE-(2021-21295)

Summary Netty is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-21295 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by improper validation of...