This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization and are both participants in a meeting.
Yearly Archives: 2022
ZDI-22-1606: (Pwn2Own) Microsoft Teams pluginHost Sandbox Escape Vulnerability
This vulnerability allows remote attackers to escape the sandbox on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1607: (Pwn2Own) Microsoft Teams Unnecessary Privileges Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute script within the application window in order to exploit this vulnerability.
ZDI-22-1608: (Pwn2Own) Microsoft Teams URL Allowlist Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1609: (Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization.
ZDI-22-1610: (Pwn2Own) Microsoft Teams electronSafeIpc Arbitrary File Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization.
Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/aef85cf0d521eaa6aade11f95ea07ebe.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Oblivion.01.a
Vulnerability: Insecure Transit Password Disclosure
Description: The malware listens on TCP port 7826 and makes HTTP GET
requests to port 80 for “/scripts/WWPMsg.dll”. The system logon credentials…
Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/aef85cf0d521eaa6aade11f95ea07ebe.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Oblivion.01.a
Vulnerability: Insecure Transit Password Disclosure
Description: The malware listens on TCP port 7826 and makes HTTP GET
requests to port 80 for “/scripts/WWPMsg.dll”. The system logon credentials…
Trojan.Win32.Platinum.gen / Arbitrary Code Execution
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/71a76adeadc7b51218d265771fc2b0d1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Platinum.gen
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and…
Trojan.Win32.Platinum.gen / Arbitrary Code Execution
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/71a76adeadc7b51218d265771fc2b0d1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Platinum.gen
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and…