ZDI-22-1605: (Pwn2Own) Microsoft Teams WebView Incorrect Privilege Assignment Remote Code Execution Vulnerability

November 21, 2022

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization and are both participants in a meeting.

Advisories

ZDI-22-1606: (Pwn2Own) Microsoft Teams pluginHost Sandbox Escape Vulnerability

November 21, 2022

Read Time:11 Second

This vulnerability allows remote attackers to escape the sandbox on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Advisories

ZDI-22-1607: (Pwn2Own) Microsoft Teams Unnecessary Privileges Privilege Escalation Vulnerability

November 21, 2022

Read Time:10 Second

This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute script within the application window in order to exploit this vulnerability.

Advisories

ZDI-22-1608: (Pwn2Own) Microsoft Teams URL Allowlist Bypass Remote Code Execution Vulnerability

November 21, 2022

Read Time:11 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-1609: (Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability

November 21, 2022

Read Time:9 Second

Advisories

ZDI-22-1610: (Pwn2Own) Microsoft Teams electronSafeIpc Arbitrary File Write Remote Code Execution Vulnerability

November 21, 2022

Read Time:9 Second

Advisories

Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure

November 20, 2022

Read Time:20 Second

Posted by malvuln on Nov 20

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/aef85cf0d521eaa6aade11f95ea07ebe.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Oblivion.01.a
Vulnerability: Insecure Transit Password Disclosure
Description: The malware listens on TCP port 7826 and makes HTTP GET
requests to port 80 for “/scripts/WWPMsg.dll”. The system logon credentials…

Advisories

Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure

November 20, 2022

Read Time:20 Second

Posted by malvuln on Nov 20

Advisories

Trojan.Win32.Platinum.gen / Arbitrary Code Execution

November 20, 2022

Read Time:20 Second

Posted by malvuln on Nov 20

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/71a76adeadc7b51218d265771fc2b0d1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Platinum.gen
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and…

Advisories

Trojan.Win32.Platinum.gen / Arbitrary Code Execution

November 20, 2022

Read Time:20 Second

Posted by malvuln on Nov 20

Cyber Security News

Yearly Archives: 2022

ZDI-22-1605: (Pwn2Own) Microsoft Teams WebView Incorrect Privilege Assignment Remote Code Execution Vulnerability

ZDI-22-1606: (Pwn2Own) Microsoft Teams pluginHost Sandbox Escape Vulnerability

ZDI-22-1607: (Pwn2Own) Microsoft Teams Unnecessary Privileges Privilege Escalation Vulnerability

ZDI-22-1608: (Pwn2Own) Microsoft Teams URL Allowlist Bypass Remote Code Execution Vulnerability

ZDI-22-1609: (Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability

ZDI-22-1610: (Pwn2Own) Microsoft Teams electronSafeIpc Arbitrary File Write Remote Code Execution Vulnerability

Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure

Backdoor.Win32.Oblivion.01.a / Insecure Transit Password Disclosure

Trojan.Win32.Platinum.gen / Arbitrary Code Execution

Trojan.Win32.Platinum.gen / Arbitrary Code Execution

News, Advisories and much more