FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Full Disclosure

APPLE-SA-2022-07-20-6 watchOS 8.7

July 22nd 2022 at 03:46

Posted by Apple Product Security via Fulldisclosure on Jul 21

APPLE-SA-2022-07-20-6 watchOS 8.7

watchOS 8.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213340.

APFS
Available for: Apple Watch Series 3 and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir (@Muirey03)

AppleAVD
Available...
☐ β˜† βœ‡ Full Disclosure

APPLE-SA-2022-07-20-5 tvOS 15.6

July 22nd 2022 at 03:46

Posted by Apple Product Security via Fulldisclosure on Jul 21

APPLE-SA-2022-07-20-5 tvOS 15.6

tvOS 15.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213342.

APFS
Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple
TV HD
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir...
☐ β˜† βœ‡ Full Disclosure

APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina

July 22nd 2022 at 03:46

Posted by Apple Product Security via Fulldisclosure on Jul 21

APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina

Security Update 2022-005 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213343.

APFS
Available for: macOS Catalina
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir...
☐ β˜† βœ‡ Full Disclosure

APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8

July 22nd 2022 at 03:46

Posted by Apple Product Security via Fulldisclosure on Jul 21

APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8

macOS Big Sur 11.6.8 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213344.

APFS
Available for: macOS Big Sur
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir (@Muirey03)...
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.Eclipse.h / Weak Hardcoded Credentials

July 22nd 2022 at 03:45

Posted by malvuln on Jul 21

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/8b470931114527b4dce42034a95ebf46.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Eclipse.h
Vulnerability: Weak Hardcoded Credentials
Family: Eclipse
Type: PE32
MD5: 8b470931114527b4dce42034a95ebf46
Vuln ID: MVID-2022-0625
Disclosure: 07/21/2022
Description: The malware listens on TCP port 6210 and...
☐ β˜† βœ‡ Full Disclosure

APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6

July 22nd 2022 at 03:45

Posted by Apple Product Security via Fulldisclosure on Jul 21

APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6

iOS 15.6 and iPadOS 15.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213346.

APFS
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An app with root privileges may be able to execute arbitrary
code...
☐ β˜† βœ‡ Full Disclosure

Open-Xchange Security Advisory 2022-07-21

July 22nd 2022 at 03:45

Posted by Martin Heiland via Fulldisclosure on Jul 21

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: DOCS-4106
Vulnerability type: OS Command Injection (CWE-78)
Vulnerable...
☐ β˜† βœ‡ Full Disclosure

Re: AnyDesk Public Exploit Disclosure - Arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine

July 18th 2022 at 16:32

Posted by chan chan on Jul 18

Hi FullDisclosure,

May I know if there is any update?
Please note that Mitre has assigned and reserved a CVE number
"CVE-2022-32450" for this vulnerability.

Regards,
Erwin

chan chan <siuchunc.03 () gmail com> ζ–Ό 2022εΉ΄6月22ζ—₯ι€±δΈ‰ δΈ‹εˆ5:42ε―«ι“οΌš
☐ β˜† βœ‡ Full Disclosure

[CFP] 2nd International Workshop on Cyber Forensics and Threat Investigations Challenges CFTIC 2022 (Virtual)

July 18th 2022 at 16:30

Posted by Andrew Zayine on Jul 18

2nd International Workshop on Cyber Forensics and Threat
Investigations Challenges
October 10-11, 2022, Taking Place Virtually from the UK
https://easychair.org/cfp/CFTIC2022

Cyber forensics and threat investigations has rapidly emerged as a new
field of research to provide the key elements for maintaining
security, reliability, and trustworthiness of the next generation of
emerging technologies such as the internet of things, cyber-physical...
☐ β˜† βœ‡ Full Disclosure

Builder XtremeRAT v3.7 / Insecure Crypto Bypass

July 18th 2022 at 16:28

Posted by malvuln on Jul 18

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Builder XtremeRAT v3.7
Vulnerability: Insecure Crypto Bypass
Description: The malware builds backdoors and requires authentication to
access the GUI using credentials stored in the "user.info" config file.
XtremeRAT...
☐ β˜† βœ‡ Full Disclosure

Builder XtremeRAT v3.7 / Insecure Permissions

July 18th 2022 at 16:28

Posted by malvuln on Jul 18

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Builder XtremeRAT v3.7
Vulnerability: Insecure Permissions
Description: The malware builds and writes a PE file to c drive granting
change (C) permissions to the authenticated user group. Standard users can
rename the executable...
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.HoneyPot.a / Weak Hardcoded Password

July 18th 2022 at 16:28

Posted by malvuln on Jul 18

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/e3bb503f9b02cf57341695f30e31128f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.HoneyPot.a
Vulnerability: Weak Hardcoded Password
Description: The malware listens on various TCP ports of which one can be
port 21 when enabled. Authentication is required, however the credentials...
☐ β˜† βœ‡ Full Disclosure

SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS

July 18th 2022 at 16:26

Posted by David Brown via Fulldisclosure on Jul 18

Title
=====

SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2022-28888

Link
====

https://www.schutzwerk.com/en/43/advisories/schutzwerk-sa-2022-003/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-003.txt

Affected products/vendor
========================

Spryker Commerce OS by Spryker Systems GmbH, with...
☐ β˜† βœ‡ Full Disclosure

Ransom Lockbit 3.0 / Local Unicode Buffer Overflow (SEH)

July 7th 2022 at 05:15

Posted by malvuln on Jul 06

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/38745539b71cf201bb502437f891d799.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom Lockbit 3.0
Vulnerability: Local Unicode Buffer Overflow (SEH)
Description: The ransomware apparently now requires a password to execute
as noted by "@vxunderground" E.g. "-pass...
☐ β˜† βœ‡ Full Disclosure

Ransom Lockbit 3.0 / Code Execution

July 7th 2022 at 05:15

Posted by malvuln on Jul 06

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/38745539b71cf201bb502437f891d799_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom Lockbit 3.0
Vulnerability: Code Execution
Description: The ransomware apparently now requires a password to execute
as noted by "@vxunderground" E.g. "-pass db66023ab2abcb9957fb01ed50cdfa6a".
Lockbit looks...
☐ β˜† βœ‡ Full Disclosure

EQS Integrity Line: Multiple Vulnerabilities

July 7th 2022 at 05:14

Posted by Giovanni Pellerano on Jul 06

EQS Integrity Line: Multiple Vulnerabilities

Name Multiple Vulnerabilities in EQS Integrity Line
Systems Affected EQS Integrity Line through 2022-07-01
Severity High
Impact (CVSSv2) High 8.8/10, score: (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Vendor EQS Group AG (https://www.eqs.com/)
Advisory
http://www.ush.it/team/ush/advisory-eqs-integrity-line/eqs_integrity_line.txt
Authors Giovanni...
☐ β˜† βœ‡ Full Disclosure

CVE-2022-30550: Privilege escalation possible in dovecot when similar master and non-master passdbs are used

July 7th 2022 at 05:14

Posted by Aki Tuomi via Fulldisclosure on Jul 06

Affected product: Dovecot IMAP Server
Internal reference: DOV-5320
Vulnerability type: Improper Access Control (CWE-284)
Vulnerable version: 2.2
Vulnerable component: submission
Report confidence: Confirmed
Solution status: Fixed in main
Researcher credits: Julian Brook (julezman)
Vendor notification: 2022-05-06
CVE reference: CVE-2022-30550
CVSS: 6.8 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)

Vulnerability Details:
When two passdb...
☐ β˜† βœ‡ Full Disclosure

JAHx221 - RCE in copy/pasted PHP compat libraries, json_decode function

July 1st 2022 at 06:15

Posted by Eldar Marcussen on Jun 30

JAHx221 - RCE in copy/pasted PHP compat libraries, json_decode function
===============================================================================
Several PHP compatability libraries contain a potential remote code
execution
flaw in their `json_decode()` function based on having copy pasted existing
vulnerable code.

Identifiers
---------------------------------------
* JAHx221 - http://www.justanotherhacker.com/advisories/JAHx221.txt...
☐ β˜† βœ‡ Full Disclosure

typeorm CVE-2022-33171

July 1st 2022 at 06:14

Posted by lixts via Fulldisclosure on Jun 30

typeorm CVE-2022-33171

findOne(id), findOneOrFail(id)

The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When
input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id
string leads to SQL injection.

The issue was already fixed from version 0.3.0 onward when we encountered it.

Maintainer does not consider this a vulnerability...
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials

July 1st 2022 at 06:14

Posted by malvuln on Jun 30

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/a8fc1b3f7a605dc06a319bf0e14ca68b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Cafeini.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware listens on TCP ports 51966 and 23. Authentication
is required, however the password "mama" is weak and found within the PE
file....
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.Coredoor.10.a / Authentication Bypass

July 1st 2022 at 06:14

Posted by malvuln on Jun 30

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/49da40a2ac819103da9dc5ed10d08ddb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Coredoor.10.a
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP port 21000. Third-party
attackers who can reach infected systems can logon using any
username/password combination....
☐ β˜† βœ‡ Full Disclosure

BigBlueButton - Stored XSS in username (CVE-2022-31064)

July 1st 2022 at 06:14

Posted by Rick Verdoes via Fulldisclosure on Jun 30

CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton.

=========================

Exploit Title: Stored Cross-Site Scripting (XSS) in BigBlueButton

Product: BigBlueButton

Vendor: BigBlueButton

Vulnerable Versions: 2.3, <2.4.8, <2.5.0

Tested Version: 2.4.7

Advisory Publication: Jun 22, 2022

Latest Update: Jun 22, 2022

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: CVE-2022-31064

CVSS Severity: High

CVSS...
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.EvilGoat.b / Weak Hardcoded Credentials

July 1st 2022 at 06:14

Posted by malvuln on Jun 30

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/20daf01e941f966b21a7ae431faefc65.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.EvilGoat.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware listens on TCP port 13014. Authentication is
required, however the credentials "evilgoat / penix" are weak and found
within the PE...
☐ β˜† βœ‡ Full Disclosure

[Extension: CPSIoTSec 2022] The Workshop on CPS&IoT Security and Privacy **Submission Deadline: July 25, 2022**

July 1st 2022 at 06:12

Posted by alcaraz on Jun 30

[Apologies for cross-posting]

--------------------------------------------------------------------------
C a l l F o r P a p e r s

The Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2022), in
conjunction with the ACM Conference on Computer and Communications
Security (ACM CCS)
November 7-11, 2022, Los Angeles, U.S.A.
https://cpsiotsec2022.github.io/cpsiotsec/...
☐ β˜† βœ‡ Full Disclosure

🐞 CFP for Hardwear.io NL 2022 is OPEN!

July 1st 2022 at 06:12

Posted by Andrea Simonca on Jun 30

*🐞 CFP for Hardwear.io NL 2022 is OPEN!*
If you have groundbreaking embedded research or an awesome open-source tool
you’d like to showcase before the global hardware security community, this
is your chance. Send in your ideas on various hardware subjects, including
but not limited to Chips, Processors, ICS/SCADA, Telecom, Protocols &
Cryptography.

CFP is open until: 15 August 2022
Conference: 27-28 October 2022, The Hague (NL)

βœ…...
☐ β˜† βœ‡ Full Disclosure

AnyDesk Public Exploit Disclosure - Arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine

June 28th 2022 at 05:43

Posted by chan chan on Jun 27

Hi FullDisclosure,

I would like to publish an exploit that I found on AnyDesk as follows.

# Exploit Title: AnyDesk allow arbitrary file write by symbolic link
attack lead to denial-of-service attack on local machine
# Google Dork: [if applicable]
# Date: 24/5/2022
# Exploit Author: Erwin Chan
# Vendor Homepage: https://anydesk.com/en
# Software Link: https://anydesk.com/en
# Version: 7.0.9
# Tested on: Windows 11

It was found that AnyDesk...
☐ β˜† βœ‡ Full Disclosure

Yashma Ransomware Builder v1.2 / Insecure Permissions

June 28th 2022 at 05:43

Posted by malvuln on Jun 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/13e878ed7e547523cffc5728f6ba4190.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Yashma Ransomware Builder v1.2
Vulnerability: Insecure Permissions
Description: The malware creates PE files with insecure permissions when
writing to c:\ drive, granting change (C) permissions to the authenticated
user group. Standard...
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.Shark.btu / Insecure Permissions

June 28th 2022 at 05:43

Posted by malvuln on Jun 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/5a83f8b8c8a8b7a85b3ff632aa60e793.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Shark.btu
Vulnerability: Insecure Permissions
Description: The malware writes multiple PE files to c drive granting
change (C) permissions to the authenticated user group. Standard users can
rename the executable...
☐ β˜† βœ‡ Full Disclosure

Trojan-Mailfinder.Win32.VB.p / Insecure Permissions

June 28th 2022 at 05:43

Posted by malvuln on Jun 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Mailfinder.Win32.VB.p
Vulnerability: Insecure Permissions
Description: The malware writes a dir with multiple PE files to c drive
granting change (C) permissions to the authenticated user group. Standard
users can rename the...
☐ β˜† βœ‡ Full Disclosure

Backdoor.Win32.InfecDoor.17.c / Insecure Permissions

June 28th 2022 at 05:43

Posted by malvuln on Jun 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.InfecDoor.17.c
Vulnerability: Insecure Permissions
Description: The malware writes a ".420" settings file type to c drive
granting change (C) permissions to the authenticated user group. Standard
users can...
☐ β˜† βœ‡ Full Disclosure

SEC-T CFP ongoing

June 28th 2022 at 05:41

Posted by Mattias BΓ₯Γ₯th via Fulldisclosure on Jun 27

Hey all

It's now less than two weeks to submit a talk to SEC-T 2022, at least if
you want to be part of the first talk selection round (recommended) that
we kick off July first.

SEC-T is non-profit, non-corporate, two day, single track, con in
Stockholm, Sweden. We pay travel, accommodation and an honorary to all
speakers.

If you have something fun you'd like to present, send us a submission
before July 1st... or at least before...
☐ β˜† βœ‡ Full Disclosure

CFP No cON Name 2022 - Barcelona

June 28th 2022 at 05:41

Posted by Jose Nicolas Castellano via Fulldisclosure on Jun 27

No cON Name 2022 - Barcelona

************************************
*****Β  Call For PapersΒ Β Β Β Β Β Β  ******
************************************

https://www.noconname.org/call-for-papers/

Exact place not disclosed until a few weeks before due celebration.

Β Β Β  * INTRODUCTION
The organization hasΒ  opened CFP proposals. No cON Name is the eldest
Hacking
and Security Conference in Span. Our goal is to get highly qualified
requests
for...
☐ β˜† βœ‡ Full Disclosure

Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in SAP Focused Run (Simple Diagnostics Agent 1.0)

June 21st 2022 at 15:37

Posted by Onapsis Research via Fulldisclosure on Jun 21

# Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in
SAP Focused Run (Simple Diagnostics Agent 1.0)

## Impact on Business

Exposing the contents of a directory can lead to a disclosure of useful
information
for the attacker to devise exploits, such as creation times of files or any
information that may be encoded in file names. The directory listing may
also
compromise private or confidential data.

## Advisory Information...
☐ β˜† βœ‡ Full Disclosure

Onapsis Security Advisory 2022-0006: Information Disclosure vulnerability in SAP Focused Run (Simple Diagnostics Agent 1.0)

June 21st 2022 at 15:37

Posted by Onapsis Research via Fulldisclosure on Jun 21

# Onapsis Security Advisory 2022-0006: Information Disclosure vulnerability
in SAP Focused Run (Simple Diagnostics Agent 1.0)

## Impact on Business

Running unnecessary services, like a jetty webserver, may lead to increased
surface area for an attack and also it unnecessarily exposes underlying
vulnerabilities.

## Advisory Information

- Public Release Date: 06/21/2022
- Security Advisory ID: ONAPSIS-2022-0006
- Researcher(s): Yvan Genuer

##...
☐ β˜† βœ‡ Full Disclosure

Onapsis Security Advisory 2022-0005: Cross-Site Scripting (XSS) vulnerability in SAP Fiori launchpad

June 21st 2022 at 15:36

Posted by Onapsis Research via Fulldisclosure on Jun 21

# Onapsis Security Advisory 2022-0005: Cross-Site Scripting (XSS)
vulnerability in SAP Fiori launchpad

## Impact on Business

Impact depends on the victim's privileges. In most cases, a successful
attack
allows an attacker to hijack a session, or force the victim to perform
undesired
requests in the SAP System (CSRF) as well as redirected to arbitrary web
site
(Open Redirect).

## Advisory Information

- Public Release Date: 06/21/2022
-...
☐ β˜† βœ‡ Full Disclosure

# Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run (Simple Diagnostics Agent 1.0)

June 21st 2022 at 15:35

Posted by Onapsis Research via Fulldisclosure on Jun 21

# Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP
Focused Run (Simple Diagnostics Agent 1.0)

## Impact on Business

Because the Simple Diagnostic Agent (SDA) handles several important
configuration and critical credential information, a successful attack
could lead to the control of the SDA, and therefore affect:
* Integrity, by modifying the configuration.
* Availability, by stopping the service.
* Confidentiality...
☐ β˜† βœ‡ Full Disclosure

Onapsis Security Advisory 2022-0003: Cross-Site Scripting (XSS) vulnerability in SAP Focused Run (Real User Monitoring)

June 21st 2022 at 15:35

Posted by Onapsis Research via Fulldisclosure on Jun 21

# Onapsis Security Advisory 2022-0003: Cross-Site Scripting (XSS)
vulnerability in SAP Focused Run (Real User Monitoring)

## Impact on Business

Impact depends on the victim's privileges. In most cases, a successful
attack
allows an attacker to hijack a session, or force the victim to perform
undesired request
in SAP Focused Run.

## Advisory Information

- Public Release Date: 06/21/2022
- Security Advisory ID: ONAPSIS-2022-0003
-...
☐ β˜† βœ‡ Full Disclosure

SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series

June 17th 2022 at 16:10

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 17

SEC Consult Vulnerability Lab Security Advisory < 20220615-0 >
=======================================================================
title: Hardcoded Backdoor User and Outdated Software Components
product: Nexans FTTO GigaSwitch industrial/office switches HW version 5
vulnerable version: See "Vulnerable / tested versions"
fixed version: V6.02N, V7.02
CVE number: CVE-2022-32985...
❌