Sick Codes Speaking LIVE in-person @ Hardwear.io USA 9-10th June 2022: Supply Chain Level 0: Grinding Tractors to a Halt – Growing Pains in Agricultural Hardware Security
CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors.
CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg
Exploit: RTLO Injection URI Spoofing: WhatsApp, iMessage (Messages app), Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096
Fix DIVD-2022-00002: Grafana versions 8.0.0-beta1 through 8.3.0 installed via dpkg/deb package. Mitigation:
CVE-2021-33669 – SAP Mobile SDK Certificate Provider – Insecure Temporary File Storage – Potential Symlink Attack & Denial of Service
CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux
CVE-2021-22929 – Brave Browser 1.27 and below permanently logs the server connection time for all v2 tor domains to ~/.config/BraveSoftware /Brave-Browser/tor/data/tor.log
Being “root” on two Agriculture Companies (in Good Faith). Maxing out the John Deere Operations Center Worldwide and Case Industrial in Brazil [Agricultural Security & Hacking]
CVE-2021-29923 – golang standard library “net” – Improper Input Validation of octal literals in golang 1.16.2 and below standard library “net” results in indeterminate SSRF & RFI vulnerabilities.
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results in indeterminate SSRF & RFI vulnerabilities.
[RELEASE] Android Docker Container – Dock Droid – Run QEMU Android in a Docker! X11 Forwarding! CI/CD for Android x86 in Docker!
CVE-2021-27616 – SAP Business One Hana (Chef Cookbook) – Exposure of Backup File to an Unauthorized Control Sphere via Insecure Temporary File Storage.
CVE-2021-27614 – SAP Business One Hana (Chef Cookbook) – Incorrect Permission Assignment for Critical Resources – Root Privilege Escalation Vulnerability
CVE-2021-27613 – SAP Business One Hana (Chef Cookbook) – Insecure Temporary File For Incoming & Outgoing Payroll Data – SAP Business One Chef Cookbook.
CVE-2021-27231 – Hestia Control Panel 1.4.0 and below – Subdomain Takeover – Improper Privilege Management
CVE-2021-29921 – python stdlib “ipaddress” – Improper Input Validation of octal literals in python 3.8.0 thru v3.10 results in indeterminate SSRF & RFI vulnerabilities. — “ipaddress leading zeros in IPv4 address”
Leaky John Deere API’s: Serious Food Supply Chain Vulnerabilities Discovered by Sick Codes, Kevin Kenney & Willie Cade.
SICK-2021-031 – John Deere Operations Center – Improper Authorization Allows Exposure of Sensitive Information to an Unauthorized Actor via Farming Equipment VIN API – iOS 5.1.2 and below, Android 5.1.4 and below, Web App
SICK-2021-012 – John Deere Account Portal – Information Disclosure – Rate Limitless Username Enumeration Via Unauthenticated Availability Look-ups.
How To Mount Images or Devices Inside Docker Containers (losetup, loopback, ISO files, disk images, raw images, ext4, exfat, hfs, apfs)
CVE-2021-29662 – Perl module Data::Validate::IP – Improper Input Validation of octal literals in Perl Data::Validate::IP v0.29 and below results in indeterminate SSRF & RFI vulnerabilities.
Universal “netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: server-side request forgery, remote file inclusion, local file inclusion, and more (CVE-2021-28918)