Read Time:2 Second
One is being exploited in the wild
Monthly Archives: October 2023
CVE-2015-10126
Read Time:21 Second
A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The patch is identified as 503d9ee2482d27c065f78d9546f076a406189908. It is recommended to upgrade the affected component. VDB-241318 is the identifier assigned to this vulnerability.
Deepfake Election Interference in Slovokia
Read Time:48 Second
Well designed and well timed deepfake or two Slovokian politicians discussing how to rig the election:
Šimečka and Denník N immediately denounced the audio as fake. The fact-checking department of news agency AFP said the audio showed signs of being manipulated using AI. But the recording was posted during a 48-hour moratorium ahead of the polls opening, during which media outlets and politicians are supposed to stay silent. That meant, under Slovakia’s election rules, the post was difficult to widely debunk. And, because the post was audio, it exploited a loophole in Meta’s manipulated-media policy, which dictates only faked videos—where a person has been edited to say words they never said—go against its rules.
I just wrote about this. Countries like Russia and China tend to test their attacks out on smaller countries before unleashing them on larger ones. Consider this a preview to their actions in the US next year.
ZDI-23-1536: Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-42127.
ZDI-23-1534: Microsoft Windows UMPDDrvLineTo Use-After-Free Local Privilege Escalation Vulnerability
Read Time:16 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-36804.
ZDI-23-1535: Microsoft Windows UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability
Read Time:16 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-36804.
ZDI-23-1533: Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability
Read Time:11 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must acquire data from a malicious mobile device.
SEC Consult SA-20231005 :: Open Redirect in SAP® BSP Test Application it00 (Bypass for CVE-2020-6215 Patch)
Read Time:16 Second
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Oct 05
SEC Consult Vulnerability Lab Security Advisory < 20231005-0 >
=======================================================================
title: Open Redirect in BSP Test Application it00
(Bypass for CVE-2020-6215 Patch)
product: SAP® Application Server ABAP and ABAP®
Platform (SAP_BASIS)
vulnerable version: see section “Vulnerable / tested versions”…
APPLE-SA-2023-10-04-1 iOS 17.0.3 and iPadOS 17.0.3
Read Time:27 Second
Posted by Apple Product Security via Fulldisclosure on Oct 05
APPLE-SA-2023-10-04-1 iOS 17.0.3 and iPadOS 17.0.3
iOS 17.0.3 and iPadOS 17.0.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213961.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation
and later, iPad Pro…
CVE-2023-4911: Local Privilege Escalation in the glibc’s ld.so
Read Time:11 Second
Posted by Qualys Security Advisory via Fulldisclosure on Oct 05
Qualys Security Advisory
Looney Tunables: Local Privilege Escalation in the glibc’s ld.so
(CVE-2023-4911)
========================================================================
Contents
========================================================================
Summary
Analysis
Proof of concept
Exploitation
Acknowledgments
Timeline
========================================================================
Summary…