■■■■□ #ZeroDay | 0-day vulnerability (#backdoor) in firmware for #HiSilicon-based DVRs, NVRs and IP #cameras :
https://habr.com/en/post/486856/
https://habr.com/en/post/486856/
Habr
Full disclosure: 0day vulnerability (backdoor) in firmware for Xiaongmai-based DVRs, NVRs and IP cameras
This is a full disclosure of recent backdoor integrated into DVR/NVR devices built on top of HiSilicon SoC with Xiaongmai firmware. Described vulnerability...
■■■■□ #Samsung #ZeroDay being exploited by developers. Vulnerable version #SnapDragon processors leads to #root privileges and #SandboxEscape (#sbx) of #Knox.
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
XDA Developers
Developers have exploited the Samsung Galaxy S9 and Note 9 to get root access on the Snapdragon models
Developers have figured out how to root the Snapdragon models of the Samsung Galaxy S9 and Galaxy Note 9 thanks to an exploit, but there's a catch.
■■■■■ #CDPwn | #Cisco's #CDP (Cisco Discover Protocol) vulnerable with 5 #ZeroDay vulnerabilities caused due to memory corruption.
#bof #0day
Briefing: https://youtu.be/nYtDJlzU-ao
Demo:
https://youtu.be/uIQJQ5equvU [Network Switch]
https://youtu.be/dJpgoLilZQY [VoIP phone]
Details: https://www.armis.com/cdpwn/
#bof #0day
Briefing: https://youtu.be/nYtDJlzU-ao
Demo:
https://youtu.be/uIQJQ5equvU [Network Switch]
https://youtu.be/dJpgoLilZQY [VoIP phone]
Details: https://www.armis.com/cdpwn/
YouTube
CDPwn Explained
Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices without any user interaction. CDP is a Cisco proprietary Layer 2…