Horizon3.ai
Horizon3.ai

Attack Research

Filters

Tags
Reset

Showing 61–66 of 76 results

Multiple Vulnerabilities in ResourceSpace

November 9, 2021 |

During our assessment of the ResourceSpace code base, we found three new vulnerabilities that could be exploited by an unauthenticated attacker. The most critical is CVE-2021-41765, a pre-auth SQL injection that an attacker can abuse to gain remote code execution (RCE) privileges on the ResourceSpace server.
Read More
Apache CVE-2021-41773, CVE-2021-42013

Apache CVE-2021-41773, CVE-2021-42013

October 18, 2021 |

We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis blog posts have been awesome, but they have been catering to an offensive security audience.
Read More
Compromising vCenter via SAML Certificates

Compromising vCenter via SAML Certificates

October 4, 2021 |

Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML) has proved to be a hotbed of vulnerabilities within the last year, as well as a target of many cybercrime syndicates and APTs. In the SolarWinds attack, the attackers also...
Read More

OMIGOD – RCE Vulnerability in Multiple Azure Linux Deployments

September 16, 2021 |

Overview On September 14, multiple vulnerabilities were discovered by researchers at Wiz.io. The most critical of them being CVE-2021-38647, now dubbed OMIGOD, which effects the Open Management Infrastructure (OMI) agent in versions 1.6.8.0 and below. Azure customers effected by this vulnerability are still vulnerable and must take manual action to ensure the OMI agent is updated. For Debian systems (e.g., Ubuntu):...
Read More

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.

Schedule a Demo