HNS-2022-02 – HN Security Advisory – Multiple vulnerabilities in Zyxel zysh
Posted by Marco Ivaldi on Jun 10 Dear Full Disclosure, Find attached a security advisory that details multiple vulnerabilities we discovered in the zysh shell...
Hidden Functionality (Backdoor) (CWE-912) / CVE-2022-29854, CVE-2022-29855
Posted by Moritz Abrell on Jun 10 Advisory ID: SYSS-2022-021 Product: Mitel 6800/6900 Series SIP Phones excluding 6970 Mitel 6900 Series IP (MiNet) Phones Manufacturer:...
Trojan-Banker.Win32.Banbra.cyt / Insecure Permissions
Posted by malvuln on Jun 10 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/e0f2bee25dd103d92e91e895e313ec34.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Cabrotor.10.d / Unauthenticated Remote Command Execution
Posted by malvuln on Jun 10 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/40acf109fa9621eae6930ef18f804909.txt Contact: malvuln13 () gmail com Media:...
Trojan-Proxy.Win32.Symbab.o / Heap Corruption
Posted by malvuln on Jun 10 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/bffc519fbaf2d119bd307cd22368cdc7.txt Contact: malvuln13 () gmail com Media:...
Trojan-Banker.Win32.Banker.agzg / Insecure Permissions
Posted by malvuln on Jun 10 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/ef1e59148c9a902ae5454760aaab73fe.txt Contact: malvuln13 () gmail com Media:...
Ransom.Haron / Code Execution
Posted by malvuln on Jun 10 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/dedad693898bba0e4964e6c9a749d380.txt Contact: malvuln13 () gmail com Media:...
[SYSS-2022-014]: Verbatim Fingerprint Secure Portable Hard Drive – Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28387)
Posted by Matthias Deeg on Jun 10 Advisory ID: SYSS-2022-014 Product: Fingerprint Secure Portable Hard Drive Manufacturer: Verbatim Affected Version(s): #53650 Tested Version(s): #53650 Vulnerability...
[SYSS-2022-011]: Verbatim Executive Fingerprint Secure SSD – Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383)
Posted by Matthias Deeg on Jun 10 Advisory ID: SYSS-2022-011 Product: Executive Fingerprint Secure SSD Manufacturer: Verbatim Affected Version(s): GDMSFE01-INI3637-C VER1.1 Tested Version(s): GDMSFE01-INI3637-C VER1.1...
[SYSS-2022-006]: Verbatim Store ‘n’ Go Secure Portable HDD – Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382)
Posted by Matthias Deeg on Jun 10 Advisory ID: SYSS-2022-006 Product: Store 'n' Go Secure Portable HDD Manufacturer: Verbatim Affected Version(s): GD25LK01-3637-C VER4.0 Tested Version(s):...