speedrunners should try to get arbitrary code execution working on an ant colony

Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution
https://www.darkreading.com/vulnerabilities-threats/fortinet-zero-day-arbitrary-code-execution

#Infosec #Security #Cybersecurity #CeptBiro #Fortinet #ZeroDay #ArbitraryCodeExecution

Windows 11 Security Features Bypassed to Obtain Arbitrary Code Execution in Kernel Mode
https://cybersecuritynews.com/windows-11-bypassed-arbitrary-code-kernel-mode/

#Infosec #Security #Cybersecurity #CeptBiro #Windows11 #SecurityFeaturesBypassed #ArbitraryCodeExecution #KernelMode

Critical Kibana Vulnerability - Arbitrary Code Execution via YAML Deserialization

Date: September 5, 2024

CVE: CVE-2024-37285

Vulnerability Type: Deserialization of Untrusted Data

CWE: [[CWE-502]]

Sources: Elastic Security Advisory

Synopsis

CVE-2024-37285 impacts Kibana versions 8.10.0 to 8.15.0, where a deserialization flaw allows remote code execution if an attacker injects malicious YAML payloads. This vulnerability requires that an attacker has elevated Elasticsearch and Kibana privileges.

Issue Summary

The vulnerability arises from improper YAML deserialization within Kibana. A malicious actor can craft a YAML payload and execute arbitrary code, provided they have specific Elasticsearch index and Kibana privileges. This issue affects Kibana from versions 8.10.0 through 8.15.0 and is critical due to its ease of exploitation and the potential for widespread impact.

Technical Key Findings

Attackers exploit this flaw by submitting a specially crafted YAML document that Kibana deserializes without proper validation. Once the malicious code is parsed, it can run on the server with elevated privileges, enabling arbitrary code execution.

The attacker must have the following Elasticsearch indices permissions;

• write access to system indices .kibana_ingest*
  
• The allow_restricted_indices flag needs to be set to true

The attacker must also have ANY of the following Kibana privileges;

• Under Fleet the All privilege is granted
• Under Integration the Read or All privilege is granted
• Access to the fleet-setup privilege is gained through the Fleet Server’s service account token## Vulnerable Products
• Kibana versions 8.10.0 to 8.15.0.

Impact Assessment

Successful exploitation could allow an attacker to execute arbitrary commands, leading to a complete system compromise. This could affect confidentiality, integrity, and availability, making it a high-risk issue for organizations relying on Kibana for data visualization and exploration.

Patches or Workaround

Upgrading to Kibana version 8.15.1 resolves this vulnerability. Additionally, limiting access to Elasticsearch indices and restricting Kibana privileges reduces exposure.

Tags

#CVE-2024-37285 #Kibana #ArbitraryCodeExecution #YAML #Deserialization #ElasticStack #CyberSecurity

dnSpyEX contributors (Elliesaur and @washi) has discovered critical security concern involving arbitrary code execution. If you are .NET (software) reverse engineer, you should update to this new release:
https://github.com/dnSpyEx/dnSpy/releases/tag/v6.4.1
#vulnerability #arbitrarycodeexecution

Remote Code Execution on an Oscilloscope https://hackaday.com/2023/07/17/remote-code-execution-on-an-oscilloscope/ #arbitrarycodeexecution #SecurityHacks #vulnerability #oscilloscope #firmware #security #exploit #network #binary #rigol #curl

Security Issues in PoS Terminals Open Consumers to Fraud - Point-of-sale terminal vendors Verifone and Ingenico have issued mitigations after researchers fou... https://threatpost.com/security-issues-pos-terminals-fraud/162210/ #arbitrarycodeexecution #ingenicotelium2series #includeverifonevx520 #verifonemxseries #vulnerabilities #defaultpassword #pointofsale #posterminal #ingenico #password #verifone

Adobe Warns Windows, macOS Users of Critical-Severity Flaws - Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lig... https://threatpost.com/adobe-windows-macos-critical-severity-flaws/162007/ #blindserver-siderequestforgery #adobeexperiencemanager #arbitrarycodeexecution #vulnerabilities #adobelightroom #cve-2020-24440 #cve-2020-24444 #cve-2020-24445 #cve-2020-24447 #vulnerability #adobeprelude #criticalflaw #windows #adobe #macos

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws - The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code executi... https://threatpost.com/adobe-windows-macos-critical-acrobat-reader-flaws/160903/ #november2020patchupdate #securityvulnerabilities #arbitrarycodeexecution #adobeacrobatandreader #informationdisclosure #acrobatandreader #vulnerabilities #cve-2020-24430 #cve-2020-24435 #cve-2020-24436 #cve-2020-24437 #criticalbugs

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio - The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month. https://threatpost.com/adobe-critical-code-execution-bugs/160369/ #arbitrarycodeexecution #creativecloudinstaller #vulnerabilities #securityupdates #aftereffects #mediaencoder #dreamweaver #illustrator #october2020 #premierepro #outofband #photoshop #critical #indesign #animate #marketo #patches #adobe #xss

Authentication Bug Opens Android Smart-TV Box to Data Theft - The streaming box allows arbitrary code execution as root, paving the way to pilfering social-medi... https://threatpost.com/authentication-bug-android-smart-tv-data-theft/160025/ #localprivilegeescalation #arbitrarycodeexecution #securityvulnerability #androiddebugbridge #vulnerabilities #websecurity #commandline #serialport #set-topbox #sick.codes #hindotech #critical #hk1tvbox #smarttv #root #uart #iot

IBM Spectrum Protect Plus Security Open to RCE - Two bugs (CVE-2020-4703 and CVE-2020-4711) in IBM's Spectrum Protect Plus data-storage protection ... https://threatpost.com/ibm-flaws-spectrum-protect-plus/159268/ #arbitrarycodeexecution #remotecodeexecution #spectrumprotectplus #pathtraversalflaw #highseverityflaw #vulnerabilities #cve-2020-4470 #cve-2020-4703 #cve-2020-4711 #ibmspectrum #patch #ibm

TikTok Fixes Flaws That Opened Android App to Compromise - The flaws are disclosed as Oracle reportedly partners with TikTok as concerns in the U.S. over spy... https://threatpost.com/tiktok-android-compromise/159208/ #arbitrarycodeexecution #vulnerabilities #mobilesecurity #appsecurity #appprivacy #googleplay #datatheft #mobileapp #tiktokapp #android #tiktok #update

Billions of Devices Impacted by Secure Boot Bypass - The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterall... more: https://threatpost.com/billions-of-devices-impacted-secure-boot-bypass/157843/ #arbitrarycodeexecution #securityvulnerability #vulnerabilities #bufferoverflow #cve-2020-10713 #bootloader #secureboot #eclypsium #microsoft #boothole #bypass #grub2 #linux #iot #bug

Adobe drops slew of critical patches - Adobe released another set of patches for its products on Tuesday, a week after dropping its first... more: https://nakedsecurity.sophos.com/2020/06/18/adobe-drops-slew-of-critical-patches/ #arbitrarycodeexecution #adobecampaignclassic #adobeaftereffects #adobeillustrator #adobeaudition #premiererush #criticalcve #premierepro #adobe

Critical Adobe Illustrator, Bridge and Magento Flaws Patched - Adobe fixed critical flaws in Illustrator, Magento and Bridge in an out-of-band security update. more: https://threatpost.com/critical-adobe-illustrator-bridge-and-magento-flaws-patched/155255/ #arbitrarycodeexecution #informationdisclosure #adobeillustrator #vulnerabilities #outofbandupdate #securityupdate #criticalpatch #criticalflaw #websecurity #adobebridge #adobeupdate #adobe #patch

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws - An out-of-band Adobe security update addressed critical flaws in Photoshop, Acrobat Reader and oth... more: https://threatpost.com/critical-adobe-photoshop-acrobat-reader-flaws/153902/?utm_source=rss&utm_medium=rss&utm_campaign=critical-adobe-photoshop-acrobat-reader-flaws #arbitrarycodeexecution #criticalvulnerability #adobeacrobatreader #vulnerabilities #securitypatches #adobephotoshop #codeexecution #photoshop2020

#ActuLibre Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion -> http://feedproxy.google.com/~r/TheHackersNews/~3/ipcnUJ_NrBs/adobe-software-update.html #arbitrarycodeexecution #adobesoftwareupdate #adobephotoshopcc #adobesoftware #Vulnerability #Adobe

Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion https://thehackernews.com/2020/03/adobe-software-update.html #arbitrarycodeexecution #adobesoftwareupdate #adobephotoshopcc #adobesoftware #Vulnerability #Adobe

Dell fixes privilege elevation bug in support software - Users of Dell SupportAssist should patch their software immediately to fix a software bug that cou... more: https://nakedsecurity.sophos.com/2020/02/13/dell-fixes-privilege-elevation-bug-in-support-software/ #arbitrarycodeexecution #dynamic-linklibraries #securitythreats #vulnerability #supportassist #update #patch #dell #bug #dll