By Deeba Ahmed
If you’ve installed Bitwarden Password Manager recently, ensure that you downloaded it from its official website and not…
This is a post from HackRead.com Read the original post: Fake Bitwarden Password Manager Website Drops Windows ZenRAT

If you’ve installed Bitwarden Password Manager recently, ensure that you downloaded it from its official website and not from a fraudulent, malicious source.

*   **ZenRAT malware is distributed as an installation package for the widely used Bitwarden password manager.**

*   **Malware operators have designed a fake Bitwarden website to deliver the malware.**

*   **It specifically looks for Windows-based devices.**

*   **ZenRAT is a modular RAT capable of stealing sensitive information.**

Enterprise security firm Proofpoint’s cybersecurity researchers have discovered a spooky new malware distributed as an installation package for the popular password manager Bitwarden to deceive users and steal sensitive data from their devices.

This bogus installation package, dubbed ZenRAT, is delivered via a fake Bitwarden website, which looks exactly like the original one but is not legitimate. If a user pays attention, it is easy to catch that malware operators have used the typosquatting technique because the fake website is titled bitwaridencom.

The fake website (Proofpoint)

ZenRAT’s main targets are unsuspecting Windows users. If a visitor clicks on the downloadable link marked for another platform (e.g., Linux or macOS), they are redirected to the original Bitwarden website (vault.bitwarden.com) on the Downloads page. If a Windows user clicks on it, their device will be infected with ZenRAT, and the malware will establish a connection with its C2 server (185.186.7214).

Once this is done, the malware will collect desired data, including system details and stored credentials. ZenRAT can steal information like the CPU and GPU names, OS version, RAM, IP address, and device gateway. It will also extract information about installed antivirus solutions and other apps. It can also steal browser data and passwords. ZenRAT transmits the logs to the C2 server in plaintext.

It redirects the website visitors to a benign website. However, researchers didn’t specify how the visitors are redirected to the website. Previously, the malware was distributed in such campaigns through phishing, SEO poisoning, or malvertising attacks. The payload is titled Bitwarden-installer-version-2023-7-1.exe and downloaded via crazygamescom. This trojanized version of the legit Bitwarden installer contains a .NET executable titled (ApplicationRuntimeMonitor.exe).

According to Proofpoint’s blog post, when researchers examined the malicious installer package’s metadata, they observed that the attacker had masqueraded it as Priform’s Speccy. It is a freeware Windows utility that displays hardware/software-related information.

Moreover, the executable has an invalid signature that seems to be signed by FileZilla fame German computer scientist Tim Kosse. However, this signature is also fake. This modular RAT also runs anti-sandbox and anti-VM checks to determine if it is safe to operate on the device. The checks also include geofencing to ensure it isn’t installed in any Russian-speaking region.

****Exercise Caution When Using a Password Manager****

Researchers strongly advise users to exercise caution when downloading software and recommend obtaining applications exclusively from official sources. It’s worth noting that password managers have frequently been targeted in cyberattacks and scams, with LastPass being a notable example.

As a safer alternative, the top three browsers—Google Chrome, Mozilla Firefox, and Safari—offer free password manager features. If you’re unsure about which service to use, any of these three options would provide similar benefits and, in some cases, may be more secure than others.

****RELATED ARTICLES****

1.  Fake Windows 11 installers infecting devices with adware
2.  Big Head Ransomware in Malvertising, Fake Windows Updates
3.  Fake Telegram, WhatsApp clones aims at crypto on Android, Windows

Fake Bitwarden Password Manager Website Drops Windows ZenRAT

A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP).
 This vulnerability is due to incorrect processing of SCP commands in AAA command authorization checks. An attacker with valid credentials and level 15 privileges could exploit this vulnerability by using SCP to connect to an affected device from an external machine. A successful exploit could allow the attacker to obtain or change the configuration of the affected device and put files on or retrieve files from the affected device.

*   Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels.
    
    Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:  
    https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
    
    Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.
    
    The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool.
    
    When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.
    
    In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
    
    **Customers Without Service Contracts**
    
    Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html
    
    Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
    
    **Cisco IOS and IOS XE Software**
    
    To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides the Cisco Software Checker. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (“First Fixed”). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities that are described in all the advisories that the Software Checker identifies (“Combined First Fixed”).
    
    To use the tool, go to the Cisco Software Checker page and follow the instructions. Alternatively, use the following form to determine whether a release is affected by any Cisco Security Advisory. To use the form, follow these steps:
    
    1.  Choose which advisories the tool will search-only this advisory, only advisories with a Critical or High Security Impact Rating (SIR), or all advisories.
    2.  Enter a release number-for example, **15.9(3)M2** or **17.3.3.**
    3.  Click **Check**.

CVE-2023-20186: Cisco Security Advisory: Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability

SoundThinking is purchasing parts of Geolitica, the company that created PredPol. Experts say the acquisition marks a new era of companies dictating how police operate.

SoundThinking, the company behind the gunshot-detection system ShotSpotter, is quietly acquiring staff, patents, and customers of the firm that created the notorious predictive policing software PredPol, WIRED has learned.

In an August earnings call, SoundThinking CEO Ralph Clark announced to investors that the company was negotiating an agreement to acquire parts of Geolitica—formerly called PredPol—and transition its customers to SoundThinking’s own “patrol management” solution.

“We have already hired their engineering team,” Clark said during the call, a transcript of which is public. He added that the acquisition of patents and staff would “facilitate our application of AI and machine learning technology to public safety.”

SoundThinking’s absorption of Geolitica marks its latest step in becoming the Google of crime fighting—a one-stop shop for policing tools. Experts who study law enforcement use of technology say the bundling of two controversial technologies signals a new era for the cop-tech industry and has the potential to shape the future of policing in the United States. And while SoundThinking has rebranded “predictive policing” as resource management for police departments, a WIRED analysis of one of the company’s apps found that crime-forecasting technology remains one of its key offerings.

“As a moment of tech history, the purchase is significant,” Andrew Ferguson, an American University law professor and author of _The Rise of Big Data Policing_, tells WIRED. “We are in a consolidation moment with big police tech companies getting bigger, and this move is one step in that process.”

PredPol was one of the first, and perhaps the most widely used, predictive policing algorithms in the United States. Its name, a portmanteau of “predictive policing,” became synonymous with the practice.

The software was developed in 2011 and uses historical crime incident reports to produce daily predictions for where future crime is likely to occur. For years, critics and academics have argued that since the PredPol algorithm relies on historical and unreliable crime data, it reproduces and reinforces biased policing patterns. In December 2021, Gizmodo and The Markup analyzed millions of Geolitica’s crime predictions that were discovered on an unsecured server and found that the software disproportionately—and often relentlessly—targeted low-income communities of color for additional patrols.

In recent years, police departments have dropped PredPol after ultimately finding it ineffective. In 2019, a report by the Los Angeles Police Department’s inspector general found that it was unclear whether PredPol had any effect on crime trends. The LAPD, which was the earliest adopter of PredPol, and had even partnered with researchers to develop the technology, dropped the product in 2020, citing budget costs.

Brian MacDonald, the CEO of Geolitica, declined an interview and did not answer specific questions about the acquisitions. A third-party spokesperson for SoundThinking, Rob Merritt, tells WIRED that Geolitica is ceasing operations at the end of the year.

Consolidation Game

Founded in 1996, SoundThinking is now worth around $232 million. Its flagship product, ShotSpotter, is a gunshot-detection system that uses microphones mounted on traffic signals and light poles to detect and locate possible gunfire sounds. For years, activists and academics around the US have fought against the expansion of ShotSpotter, claiming that it is not only inaccurate but is deployed disproportionately in non-white neighborhoods.

Two investigations by local media—_The Houston Chronicle_ and Southwest Ohio’s WYSO—found that ShotSpotter alerts largely resulted in dead ends for police and, in some cases, delayed response times for other calls for service. In 2021, the MacArthur Justice Center at the Northwestern University School of Law analyzed records kept by Chicago’s Office of Emergency Management and Communications over a two-year period and found that 89 percent of ShotSpotter alerts in the city did not lead to police finding evidence of a gun-related crime.

SoundThinking, Maker of ShotSpotter, Is Buying Parts of PredPol Creator Geolitica

By Waqas
Malicious code disguised as Dependabot contributions hits hundreds of GitHub repositories.
This is a post from HackRead.com Read the original post: Malware Concealed as Dependabot Contributions Strikes GitHub Projects

According to the application security provider Checkmarx, cybercriminals concealed malicious code, masquerading as Dependabot, within GitHub repositories as part of a supply chain attack.

Cybersecurity experts have uncovered a series of malicious code injections camouflaged as legitimate Dependabot contributions across hundreds of GitHub repositories. These incidents, which occurred in July 2023, have raised concerns about the security of personal access tokens (PATs) on GitHub and the growing sophistication of threat actors in supply chain attacks.

****What is Dependabot in GitHub?****

Dependabot is a GitHub-native tool for automating dependency updates in software projects hosted on GitHub. It helps developers keep their projects up to date by automatically monitoring the project’s dependencies (such as libraries and packages) for security vulnerabilities and outdated versions.

When Dependabot detects that an update is available or a security vulnerability has been patched, it generates pull requests with the necessary updates. This simplifies the process of maintaining dependencies and ensures that projects stay secure and up to date with the latest software components.

****The Deceptive Attack****

During the first half of July, threat actors targeted a wide range of GitHub repositories, affecting both public and private projects. The victims primarily consisted of Indonesian user accounts, making it a significant and potentially widespread issue. The attackers utilized a clever technique to mimic Dependabot’s commit messages, deceiving developers into believing these were authentic contributions.

The falsified commit messages often bore the name “dependabot,” effectively camouflaging their activities and evading suspicion. Within these repositories, experts discovered two distinct groups of code alterations, strongly suggesting automated script usage by the attackers.

****Malicious Payload and Tactics****

According to a blog post from Guy Nachshon of Checkmarx, the attackers introduced a new GitHub Action file named “hook.yml” into the repositories, creating a new workflow that triggered during code pushes. This action siphoned GitHub secrets and variables, sending them to a suspicious URL, (sendwagateway.pro/webhook). This maneuver was executed with every push event, compounding the potential damage.

Additionally, the malicious actors tampered with existing project files bearing the “.js” extension. An obfuscated line of code was appended to these files, designed to create a new script tag upon execution in a browser environment. This new code aimed to load an external script from (sendwagatewaypro/client.js?cache=ignore), with the sinister purpose of intercepting web-based password forms and transmitting user credentials to the same exfiltration endpoint.

Screenshot of a malicious commit (Checkmarx)

****Uncovering the Attack Vector****

Initially, it remained unclear how the attackers gained access to the targeted accounts, given GitHub’s strengthened mandatory two-factor authentication (2FA) measures. To shed light on the situation, experts contacted some of the victims and discovered that the attackers had exploited compromised PATs (Personal Access Tokens).

These tokens, stored locally on developers’ machines, facilitate Git operations without requiring 2FA. Attackers seemingly extracted these tokens quietly from the victims’ development environments, potentially through a malicious open-source package that had infiltrated their systems.

****Automated Scale of the Attack****

Analyzing the scale of the attack indicated a high level of automation in the threat actor’s approach. The efficiency and sophistication of the attack underscored the need for increased vigilance among developers and software maintainers.

****Lessons Learned and Moving Forward****

This incident serves as a reminder of the importance of code source verification, even from trusted platforms like GitHub. It highlights that even well-established platforms can fall victim to such attacks, emphasizing the need for continuous online vigilance.

To enhance security, developers are urged to consider adopting GitHub’s fine-grained personal access tokens, reducing the risk associated with compromised tokens. However, it’s worth noting that access log activity for personal access tokens is currently visible only for enterprise accounts, leaving non-enterprise users less informed about potential breaches.

The attackers’ Tactics, Techniques, and Procedures (TTPs) demonstrate a growing sophistication in supply chain attacks. Their use of fake commits, credential theft, and Dependabot impersonation highlights the evolving threat landscape.

****RELATED ARTICLES****

1.  New backdoor malware hits Slack and Github platforms
2.  Hackers use GitHub bot to steal $1,200 in ETH within 100 seconds
3.  Hackers can spoof commit metadata to create false GitHub repositories

Malware Concealed as Dependabot Contributions Strikes GitHub Projects

Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.

Wednesday, September 27, 2023 12:09

Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.

Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targeted machine.

Four of the vulnerabilities included in today’s Vulnerability Roundup that affect the Accusoft ImageGear development toolkit have a CVSS severity score of 9.8 out of a possible 10.

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.

**Use-after-free vulnerability in Google Chrome web browser**

TALOS-2023-1751 (CVE-2023-3421) is a use-after-free vulnerability that affects the Google Chrome web browser. An attacker could exploit this vulnerability by tricking the target into visiting a specially crafted HTML web page.

The vulnerability arises when an adversary manipulates a specific function in Chrome to cause an out-of-bounds heap memory access, which could lead to a heap use-after-free or heap overflow.

**Multiple vulnerabilities in Accusoft ImageGear**

Talos researchers recently discovered eight vulnerabilities in Accusoft ImageGear, a document-imaging developer toolkit that allows users to convert, edit and create images.

Three of the vulnerabilities — TALOS-2023-1802 (CVE-2023-32653), TALOS-2023-1830 (CVE-2023-39453) and TALOS-2023-1760 (CVE-2023-35002) are heap-based buffer overflow vulnerabilities that could allow an attacker to execute arbitrary code on the targeted machine. Another issue, TALOS-2023-1836 (CVE-2023-40163), also has a critical severity score of 9.8 out of 10, but in this case, a specially crafted file could lead to memory corruption.

TALOS-2023-1729 (CVE-2023-23567) can also lead to arbitrary code execution, though this vulnerability is considered less severe. An attacker could also exploit this vulnerability by supplying the target with a malformed file.

There are three other vulnerabilities Talos discovered in this software that could cause a heap-based buffer overflow condition or memory corruption if the attacker sends a specially crafted file to the target.

*   TALOS-2023-1750 (CVE-2023-32284)
*   TALOS-2023-1742 (CVE-2023-28393)
*   TALOS-2023-1749 (CVE-2023-32614)

Hancom Office is one of the most popular software packages in South Korea, offering word processing and other services similar to Microsoft Office 365.

Talos discovered a use-after-free vulnerability in HWord, the package’s word processing software. TALOS-2023-1759 (CVE-2023-32541) can be manipulated in a way that will eventually allow the attacker to execute arbitrary code if they trick the target into opening a specially crafted, malicious .doc file.

10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.

Released September 26, 2023

**Safari**

Available for: macOS Monterey and macOS Ventura

Impact: Visiting a website that frames malicious content may lead to UI spoofing

Description: A window management issue was addressed with improved state management.

CVE-2023-40417: Narendra Bhati From Suma Soft Pvt. Ltd, Pune (India)

**WebKit**

Available for: macOS Monterey and macOS Ventura

Impact: An attacker with JavaScript execution may be able to execute arbitrary code

Description: This issue was addressed with improved iframe sandbox enforcement.

WebKit Bugzilla: 251276  
CVE-2023-40451: an anonymous researcher

**WebKit**

Available for: macOS Monterey and macOS Ventura

Impact: Processing web content may lead to arbitrary code execution

Description: The issue was addressed with improved checks.

WebKit Bugzilla: 256551  
CVE-2023-41074: 이준성(Junsung Lee) of Cross Republic and me Li

**WebKit**

Available for: macOS Monterey and macOS Ventura

Impact: Processing web content may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 239758  
CVE-2023-35074: Abysslab Dong Jun Kim(@smlijun) and Jong Seong Kim(@nevul37)

**WebKit**

Available for: macOS Ventura

Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: The issue was addressed with improved checks.

WebKit Bugzilla: 261544  
CVE-2023-41993: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

CVE-2023-40451: About the security content of Safari 17

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch.

Released September 21, 2023

**Apple Neural Engine**

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-40412: Mohamed GHANNAM (@\_simo36)

CVE-2023-40409: Ye Zhang (@VAR10CK) of Baidu Security

Entry added September 26, 2023

**Apple Neural Engine**

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-41071: Mohamed GHANNAM (@\_simo36)

Entry added September 26, 2023

**Apple Neural Engine**

Available for: macOS Ventura

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-40410: Tim Michaud (@TimGMichaud) of Moveworks.ai

Entry added September 26, 2023

**Biometric Authentication**

Available for: macOS Ventura

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-41232: Liang Wei of PixiePoint Security

Entry added September 26, 2023

**ColorSync**

Available for: macOS Ventura

Impact: An app may be able to read arbitrary files

Description: The issue was addressed with improved checks.

CVE-2023-40406: JeongOhKyea of Theori

Entry added September 26, 2023

**CoreAnimation**

Available for: macOS Ventura

Impact: Processing web content may lead to a denial-of-service

Description: The issue was addressed with improved memory handling.

CVE-2023-40420: 이준성(Junsung Lee) of Cross Republic

Entry added September 26, 2023

**Kernel**

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-41984: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.

Entry added September 26, 2023

**Kernel**

Available for: macOS Ventura

Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations

Description: The issue was addressed with improved memory handling.

CVE-2023-41981: Linus Henze of Pinauten GmbH (pinauten.de)

Entry added September 26, 2023

**Kernel**

Available for: macOS Ventura

Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: The issue was addressed with improved checks.

CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

**libxpc**

Available for: macOS Ventura

Impact: An app may be able to access protected user data

Description: An authorization issue was addressed with improved state management.

CVE-2023-41073: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)

Entry added September 26, 2023

**libxpc**

Available for: macOS Ventura

Impact: An app may be able to delete files for which it does not have permission

Description: A permissions issue was addressed with additional restrictions.

CVE-2023-40454: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)

Entry added September 26, 2023

**libxslt**

Available for: macOS Ventura

Impact: Processing web content may disclose sensitive information

Description: The issue was addressed with improved memory handling.

CVE-2023-40403: Dohyun Lee (@l33d0hyun) of PK Security

Entry added September 26, 2023

**Maps**

Available for: macOS Ventura

Impact: An app may be able to read sensitive location information

Description: The issue was addressed with improved handling of caches.

CVE-2023-40427: Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)

Entry added September 26, 2023

**Pro Res**

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-41063: Certik Skyfall Team

Entry added September 26, 2023

**Sandbox**

Available for: macOS Ventura

Impact: An app may be able to overwrite arbitrary files

Description: The issue was addressed with improved bounds checks.

CVE-2023-40452: Yiğit Can YILMAZ (@yilmazcanyigit)

Entry added September 26, 2023

**Sandbox**

Available for: macOS Ventura

Impact: Apps that fail verification checks may still launch

Description: The issue was addressed with improved checks.

CVE-2023-41996: Yiğit Can YILMAZ (@yilmazcanyigit) and Mickey Jin (@patch1t)

Entry added September 26, 2023

**Security**

Available for: macOS Ventura

Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: A certificate validation issue was addressed.

CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

**Share Sheet**

Available for: macOS Ventura

Impact: An app may be able to access sensitive data logged when a user shares a link

Description: A logic issue was addressed with improved checks.

CVE-2023-41070: Kirin (@Pwnrin)

Entry added September 26, 2023

**StorageKit**

Available for: macOS Ventura

Impact: An app may be able to read arbitrary files

Description: This issue was addressed with improved validation of symlinks.

CVE-2023-41968: Mickey Jin (@patch1t), James Hutchins

Entry added September 26, 2023

CVE-2023-41996: About the security content of macOS Ventura 13.6

Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.

CVE-2023-44153

Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.

CVE-2023-44152

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

Tag

#mac