Security Practitioner

On September 13, 2022, a new Kerberos vulnerability was published on the Microsoft Security Response Center's security site.  It's labeled as a Windows Kerberos Elevation of Privilege vulnerability and given the CVE ID CVE-2022-33679.  The MSRC page acknowledges James Forshaw of Google Project Zero for the disclosure and James published a detailed technical write-up of…

Introduction On Thursday, 16 February 2023, Fortinet released a PSIRT that details CVE-2022-39952, a critical vulnerability affecting its FortiNAC product. This vulnerability, discovered by Gwendal Guégniaud of Fortinet, allows an unauthenticated attacker to write arbitrary files on the system and as a result obtain remote code execution in the context of the root user. Extracting…

Attackers don’t need to hack in – they log in. This is why we believe Credentials are the new RCE. 

Introduction The recent VMware VMSA describes four new CVEs affecting VMware vRealize Log Insight. Three of these CVEs can be combined to give an attacker remote code execution as root. This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. CVE-2022-31704: VMware vRealize Log Insight broken access control Vulnerability CVE-2022-31711: VMware vRealize…

Introduction On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products. The vulnerability allows an attacker to gain remote code execution by issuing a HTTP POST request containing a malicious SAML response. This vulnerability is a result of  using an outdated…

Introduction The recent ManageEngine CVE-2022-47966 is a pre-authentication remote code execution vulnerability. Depending on the specific ManageEngine product, this vulnerability is exploitable if SAML single-sign-on is enabled or has ever been enabled. ManageEngine products are some of the most widely used across enterprises and perform business functions such as authentication, authorization, and identity management. Given the nature…

Learn how you can use NodeZero to get the Most From TrendMicro Apex One EDR, ensuring you stop, alert, log, and detect activity by bad actors.

On Tuesday, October 25 a new OpenSSL hot-fix release was announced which will patch a critical vulnerability that exists within the v3.0.X branch. OpenSSL 3.0.7 will be released on Tuesday, November 1 and in tandem the details of the vulnerability and its associated CVE will be made public. OpenSSL is an open source project that…

Horizon3.ai Breaks Down Fortinet Vulnerability Zach Hanley, Horizon3.ai Chief Attack Engineer, and James Horseman, Exploit Developer, join John Furrier of theCUBE to discuss Fortinet CVE 2022 40864.

Fortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiProxySwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the effected system. To demonstrate the vulnerability in this writeup, we will be using FortiOS version 7.2.1