![]() |
|
|
Thread Tools | Display Modes |
![]() |
#1 |
Badcaps Veteran
Join Date: Nov 2011
Posts: 1,109
|
![]() New 0-day vulnerabilities:
https://cve.mitre.org/cgi-bin/cvenam...CVE-2018-16986 https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-7080 |
![]() |
![]() |
![]() |
#2 | |
Great Sage 齊天大聖
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 20,079
|
![]() Quote:
|
|
![]() |
![]() |
![]() |
#3 |
Badcaps Veteran
Join Date: Nov 2011
Posts: 1,109
|
![]() <frown> Sorry, I elided the explanatory text on the assumption that the formal alert would have contained equivalent information...
The first applies to Cisco/Meraki APs using TI BLE devices. An adversary can remotely (OTA) send multiple benign BLE advertising packets. These end up in the chips memory and can act to transport malicious codeinto the targeted device. Then, an overflow packet triggers access to this code by corrupting the BLE stack. I.e., the device (which is an AP!) is then pwned. The attacker then has a beachhead to launch/propagate attacks to other APs and devices served by the APs -- he's INSIDE the trust zone. The second applies to Aruba Series 300 APs (using TI devices). It is, essentially, a backdoor that was never sealed off by the developers. |
![]() |
![]() |
![]() |
Thread Tools | |
Display Modes | |
|
|