Jan 13, 2020 · GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic ... Several working proof-of-concept (PoC) exploits for the CVE-2019-19781 vulnerability are already ... 31st January 2020: 11 ... The Chrome release (v80.0.3987.122) fixing CVE-2020-6418 and two other high-risk flaws was released for Windows, Mac, and Linux and will roll out over the coming days/weeks. Those users and admins who have disabled the auto-updating feature on Chrome would do well to implement the update as soon as possible.
Mar 31, 2020 · Introduction CVE-2020-0796 is a bug in the compression mechanism of SMBv3.1.1, also known as “SMBGhost”. The bug affects Windows 10 versions 1903 and 1909, and it was announced and patched by Microsoft about three weeks ago. Once we heard about it, we skimmed over the details and created a quick POC (proof of concept) that … Exploiting SMBGhost (CVE-2020-0796) for a Local Privilege ... Sep 15, 2020 · On Sept 11, 2020, A Dutch team, collectively known as Secura, published an exploit on how an unauthenticated remote user can take control over the domain controller and leverage admin privileges. The vulnerability (CVE-2020-1472) received the maximum severity rating score of 10.0 based on CVSS v3 Scoring system.
The PoC produces the following output, effectively leaking our magic controlled value: $ ./CVE-2020-27950_poc [+] Allocating controlled (magic value 416e7953) kalloc.1024 buffer [+] Creating kalloc.1024 ipc_kmsg [+] Freeing controlled buffer [+] Sending message [+] Now reading message back [+] Leaked value: 416e7953 Usage CVE-2020-0796-POC.exe [<TargetServer>] If <TargetServer> is omitted, the POC is executed on localhost ( 127.0.0.1 ). Compiled POC You can get the compiled POC here . Compiling Use Visual Studio to compile the following projects: ProtoSDK\Asn1Base\Asn1Base.csproj ProtoSDK\MS-XCA\Xca.csproj ProtoSDK\MS-SMB2\Smb2.sln Use the resulting exe ... CVE-2020-13699 POC. Vulnerability number: CVE-2020-13699, severity 8.8 points. It belongs to a special category of security vulnerabilities called "unquoted search paths or elements (CWE-428)".