#zero_day

When it comes to protecting your company from cyberattacks, you don't have to be the fastest gazelle — you just can't afford to be the slowest.

UAC-0006, a financially motivated threat actor, targets PrivatBank customers with advanced phishing attacks. CloudSEK’s research reveals malicious emails…

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious Dynamic-Link Library (DLL). 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Schneider Electric EcoStruxure products and versions, which incorporate Revenera FlexNet Publisher, are affected: EcoStruxure Control Expert: Versions prior to V16.1 EcoStruxure Process Expert: All versions EcoStruxure OPC UA Server Expert: All versions EcoStruxure Control Expert Asset Link: Versions prior to V4.0 SP1 EcoStruxure Machine SCADA Expert Asset Link: All versions EcoStruxure Architecture Builder: Versions prior to V7.0.18 EcoStruxure Operator Terminal Expert: All versions Vijeo Designer: Version prior to V6.3SP1 HF1 EcoStruxure Machine Expert including EcoStruxure Machi...

**Product:** Mobile Security Framework (MobSF) **Version:** 4.3.0 **CWE-ID:** CWE-269: Improper Privilege Management **CVSS vector v.4.0:** 7.1 (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N) **CVSS vector v.3.1:** 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) **Description:** MobSF has a functionality of dividing users by roles. This functionality is not efficient, because any registered user can get API Token with all privileges. **Impact:** Information Disclosure **Vulnerable component:** Code output component (`/source_code`) **Exploitation conditions:** authorized user **Mitigation:** Remove token output in the returned js-script **Researcher:** Egor Filatov (Positive Technologies) ## Research Researcher discovered zero-day vulnerability «Local Privilege Escalation» in Mobile Security Framework (MobSF). To reproduce the vulnerability follow the steps below. • A user with minimal privileges is required, so the administrator must create a user account <img width="215" al...

# Partial Denial of Service (DoS) **Product:** MobSF **Version:** < 4.3.1 **CWE-ID:** CWE-1287: Improper Validation of Specified Type of Input **CVSS vector v.4.0:** 7.1 (AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N) **CVSS vector v.3.1:** 6.5 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) **Description:** DoS in the Scans Results and iOS Dynamic Analyzer functionality **Impact:** Leveraging this vulnerability would make Scans Results and iOS Dynamic Analyzer pages unavailable. **Vulnerable component:** urls.py https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/d1d3b7a9aeb1a8c8c7c229a3455b19ade9fa8fe0/mobsf/MobSF/urls.py#L401 **Exploitation conditions:** A malicious application was uploaded to the MobSF. **Mitigation:** Check the uploaded bundle IDs against the regex. **Researcher: Oleg Surnin (Positive Technologies)** ## Research Researcher discovered zero-day vulnerability Partial Denial of Service (DoS) in MobSF in the Scans Results and iOS Dynamic Analyzer function...

**Product:** MobSF **Version:** < 4.3.1 **CWE-ID:** CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') **CVSS vector v.4.0:** 8.5 (AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N) **CVSS vector v.3.1:** 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) **Description:** Stored XSS in the iOS Dynamic Analyzer functionality. **Impact:** Leveraging this vulnerability would enable performing actions as users, including administrative users. **Vulnerable component:** `dynamic_analysis.html` https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/d1d3b7a9aeb1a8c8c7c229a3455b19ade9fa8fe0/mobsf/templates/dynamic_analysis/ios/dynamic_analysis.html#L406 **Exploitation conditions:** A malicious application was uploaded to the Correlium. **Mitigation:** Use `escapeHtml()` function on the `bundle` variable. **Researcher: Oleg Surnin (Positive Technologies)** ## Research Researcher discovered zero-day vulnerability Stored Cross-site Scripting (XSS) in ...

In an attack vector that's been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims.

**Product:** PhpSpreadsheet **Version:** 3.8.0 **CWE-ID:** CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') **CVSS vector v.3.1:** 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) **CVSS vector v.4.0:** 4.8 (AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N) **Description:** an attacker can use special characters, so that the library processes the javascript protocol with special characters and generates an HTML link **Impact:** executing arbitrary JavaScript code in the browser **Vulnerable component:** class `PhpOffice\PhpSpreadsheet\Writer\Html`, method `generateRow` **Exploitation conditions:** a user viewing a specially generated xml file **Mitigation:** additional sanitization of special characters in a string **Researcher: Igor Sak-Sakovskiy (Positive Technologies)** # Research The researcher discovered zero-day vulnerability Bypass XSS sanitizer using the javascript protocol and special characters in Phpspreadsheet. The following code...

BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged

Security researchers tested 50 well-known jailbreaks against DeepSeek’s popular new AI chatbot. It didn’t stop a single one.