Sveriges mest populära poddar
CyberWire Daily
NyheterDagliga nyheter

Exploits and vulnerabilities. [Research Saturday]

19 min2 december 2023

Ryan from Bishop Fox joins to describe their work on "Building an Exploit for FortiGate Vulnerability CVE-2023-27997." After Lexfo published details of a pre-authentication remote code injection vulnerability in the Fortinet SSL VPN, Bishop Fox worked up a proof of concept demo.

This research share how they were able to create that proof-of-concept exploit, step by step. The researchers state "Our debugging environment consisted of a FortiGate 7.2.4 virtual machine which we modified to disable some self-verification functionality. After bypassing these integrity checks, we were able to install an SSH server, BusyBox, and debugging tools such as GDB."

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Fler avsnitt av CyberWire Daily

Visa alla avsnitt av CyberWire Daily
AI behind the velvet rope.
29 min
Space supply chain pressures. [T-Minus: Space-Cyber Briefing]
28 min
Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]
33 min
More bark than byte. [Research Saturday]
24 min
Factory reset required.
25 min
Gone with the command.
25 min
Klue me in on the breach.
28 min
All eyes on AI.
25 min
The Klue is in the data trail.
30 min
Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]
25 min

CyberWire Daily med N2K Networks finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.