Threat: Net-Worm.Win32.Kibuv.c
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 7955. Third-party adversaries
who can reach infected systems can logon using any username/password
combination.
Family: Kibuv
Type: PE32
MD5:…
Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 2172. Third party attackers
who can reach an infected system can send a large payload and trigger a
classic stack buffer overflow…
Threat: Trojan-Banker.Win32.Banker.heq
Vulnerability: Insecure Permissions
Description: The malware writes a BAT script file with insecure permissions
to c drive granting change (C) permissions to the authenticated user group.
Standard users can rename…
In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd.
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user’s dashboard providing the dashboard ID of that user. IBM X-Force ID: 203030.
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot .