Category Archives: Advisories

Backdoor.Win32.Psychward.10 / Unauthenticated Remote Command Execution

Read Time:19 Second

Posted by malvuln on Oct 30

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/70c5f8d61f6ac67091c0c5860e456427.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Psychward.10
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 13013. Third-party adversarys
who can reach infected systems can issue various commands made available by…

Read More

Backdoor.Win32.Delf.arh / Authentication Bypass

Read Time:19 Second

Posted by malvuln on Oct 30

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/b3b19524967d22d6eb7517b03b660b00.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Delf.arh
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server. Third-party adversarys who
can reach infected systems can logon using any username/password
combination. Intruders may then…

Read More

APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1

macOS Big Sur 11.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213493.

AppleMobileFileIntegrity
Available for: macOS Big Sur
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements.
CVE-2022-42825: Mickey Jin (@patch1t)

Ruby
Available…

Read More

APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1

macOS Monterey 12.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213494.

AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements.
CVE-2022-42825: Mickey Jin (@patch1t)

Ruby…

Read More

APPLE-SA-2022-10-24-2 macOS Ventura 13

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-24-2 macOS Ventura 13

macOS Ventura 13 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213488.

Accelerate Framework
Available for: Mac Studio (2022), Mac Pro (2019 and later), MacBook
Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018
and later), iMac (2017 and later), MacBook (2017), and iMac Pro
(2017)
Impact: Processing a maliciously…

Read More

APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16

iOS 16.1 and iPadOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213489.

AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be able to modify protected parts of the file…

Read More