#usdherolab — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #usdherolab, aggregated by home.social.
-
The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.
Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.
All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.
🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/
#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity
-
The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.
Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.
All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.
🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/
#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity
-
The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.
Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.
All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.
🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/
#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity
-
The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.
Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.
All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.
🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/
#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity
-
The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.
Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.
All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.
🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/
#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity
-
Our pentest professionals at #usdHeroLab identified several vulnerabilities in #KofaxCommunicationServer (KCS) and in the #ArcGIS scripting language Arcade ranging from path traversal to XSS.
All #vulnerabilities were responsibly reported to the vendors.
👉 Details on our #SecurityAdvisories can be found here: https://www.usd.de/en/security-advisories-kofax-communication-server-arcgis-arcade/
-
Unauthenticated RCE in Agorum Core Open!
During their regular security analyses, our pentest professionals from #usdHeroLab examined the open source software #AgorumCoreOpen.
They discovered multiple #vulnerabilities that, when chained together, allow an unauthenticated attacker to achieve full remote code execution with root privileges. This critical flaw enables complete system compromise without prior authentication.
📰👉 Detailed information on the published #SecurityAdvisories can be found here: https://www.usd.de/en/security-advisories-on-agorum-core-open/
#Pentest #Pentesting #moresecurity #RCE #CyberSecurity #InfoSec
-
The #usdHeroLab analysts examined the open source application #WeKan while conducting their security analyses and found a #BrokenAccessControl vulnerability.
🚨Security Risk: High
🧵👇More details
https://herolab.usd.de/en/security-advisories/usd-2023-0008/ -
Version 1.3.1 of the #CSTC was released on May 22! It contains lots of new features, improvements and contributions from the community. The CSTC will also be part of the BlackHat USA 2024 Arsenal Labs, looking forward to seeing you! #BHUSA #usdHeroLab #moresecurity https://github.com/usdAG/cstc
-
Our #usdHeroLab professionals have uncovered a vulnerability in the online store software #Gambio during their #pentests.
Our analysts discovered a vulnerability in the password reset functionality. Exploiting this vulnerability would enable an attacker to change the password for any account and take over, for example, the administrator account of the application.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy.
👉 More details: https://herolab.usd.de/en/security-advisories/usd-2024-0002/
-
Our #usdHeroLab analysts examined the #SONIX Technology Webcam during their #pentests.
1️⃣ Vulnerability Type: Incorrect Permission Assignment for Critical Resource (CWE-732)
🚨 Security Risk: High
The vulnerability was reported to the vendor under the Responsible Disclosure Policy.
👉More Details: https://herolab.usd.de/security-advisories/usd-2023-0029/
-
#Announcement: On Friday, our #usdHeroLab colleagues published a major release of our BurpSuite Plugin #FlowMate: https://github.com/usdAG/FlowMate/releases/tag/v1.1
During BlackHat USA 2023 and DEF CON 31, our colleagues received a lot of helpful feedback on their #tool: The new version 1.1 contains bug fixes and some new features. In our video, Florian Haag explains the advantages and possible use cases in the context of #WebApplication #Pentests: https://www.youtube.com/watch?v=BJhRhGmDATw
#CheckItOut #Security #Pentesting #Hacking #Tools #Community #moresecurity
-
Our #usdHeroLab #Pentest professionals analyzed #IBMQRadarSIEM during their pentests.
1⃣Vulnerability Type: Cross-site Scripting #CWE79
🚨Security Risk: Medium
🔎CVE number: CVE-2023-43057
👇More Details🧐IBM QRadar SIEM is a security information and event management platform developed by IBM that provides advanced threat detection for its users. The vulnerability can be used to perform actions on behalf of other users.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻👨💻👇
https://herolab.usd.de/en/security-advisories/usd-2023-0032/
-
Ever wondered how attackers can break out of the #Citrix encapsulation and infiltrate the underlying system? It becomes a critical issue when IT environments lack proper virtualization readiness. Addressing these attack vectors requires a special approach. Dive into our latest #LabNews blog post to get insights into what to look out for during your #PentrationTest of virtualized applications 👨💻👩💻👇
https://herolab.usd.de/en/pentest-virtualized-applications-citrix-breakout-test/ -
Our #usdHeroLab #Pentest professionals analyzed #GibbonEdu during their pentests.
1⃣Vulnerability Type: Arbitrary File Write #CWE434
🚨 Security Risk: Critical
🔎CVE number: CVE-2023-45878
🧵👇 More Details🧐 Gibbon Edu is an #opensource educational software designed for #schools and #institutions to manage their administrative and academic processes. It offers a range of features to facilitate communication, collaboration, and organization within the educational community.
The identified vulnerability allowed unauthenticated attackers to upload arbitrary files to the application and receive code execution on the underlying system. To receive #RCE an attacker must craft a fake image which can be stored as PHP file.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 🧑💻👩💻👇
https://herolab.usd.de/security-advisories/usd-2023-0025/ -
The #usdHeroLab analysts examined #ThingsBoard while conducting their #pentests.
1⃣Vulnerability Type: Server-Side Template Injection
🚨Security Risk: High
🧵👇 More Details🧐ThingsBoard is an open-source IoT platform for data collection, processing, visualization, and device management.
During an assessment a Server-Side Template Injection (SSTI) vulnerability has been discovered. It enables attackers to dynamically create and modify templates, that are used for automated generation of mail content, which results in the execution of arbitrary system commands.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻👨💻👇
https://herolab.usd.de/en/security-advisories/usd-2023-0010/
-
The #usdHeroLab analysts examined the Content Management System #SuperWebMailer while conducting their #pentests.
1⃣Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
🚨 Security Risk: Medium
👇🧵 More Details🧐SuperWebMailer is an online application for managing e-mail newsletters. The vulnerability enabled attackers to execute requests on behalf of other users.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy. More information can be found here 👩💻🧑💻 👇
-
The #usdHeroLab analysts examined the Content Management System #Contao while conducting their #pentests.
1⃣Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
🚨 Security Risk: Medium
👇More details🧐Contao is an open source Content Management System that allows you to create professional websites and scalable web applications.
The vulnerability enabled attackers with a low-privileged role to use a modified HTTP request to create an article with a JavaScript payload of their choice, which was client-triggered on the frontend and backend. For example, such an attack could upgrade a low-privileged account to an administrator account.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻👇
https://herolab.usd.de/en/security-advisories/usd-2023-0020/
-
The #usdHeroLab analysts examined the #SAP HTTP Content Server while conducting their #pentests.
1⃣Vulnerability Type: Improper Neutralization of HTTP Headers for Scripting Syntax #CWE644 #CVE202326457
🚨 Security Risk: High
👇🧵 More detailsThe SAP HTTP Content Server returns error messages in the header x-errordescription of the #HTTP Response. When invalid input is provided in a HTTP request, it is also placed in the error message inside this header.
During this process the input is URL-decoded, therefore for example %41 is translated to A and %0a is translated to a newline. This enables an #attacker to add new headers and change the content of the response.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻👨💻👇
https://herolab.usd.de/security-advisories/usd-2022-0046/ -
The #usdHeroLab analysts examined the #SAP Partner Portal while conducting their #pentests.
1⃣ Vulnerability Type: Improper Neutralization of Input During Web Page Generation #CWE79 #CrossSiteScripting
🚨 Security Risk: High
👇🧵 More detailsIn cases where users do not have sufficient permissions to view a specific URL within the #SAP Partner Portal, they get redirected to an error page. During this redirection, the requested URL is passed to the error message as a parameter without any filtering or encoding.
Therefore it is possible to include HTML-Tags and JavaScript in the URL, making it possible for malicious actors to launch #XSS attacks.The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻👇
https://herolab.usd.de/security-advisories/usd-2023-0017/ -
The #usdHeroLab analysts examined the #opensource software #TineGroupware while conducting their #pentest.
1⃣ Vulnerability Type: #SQL Injection (CWE-89)
🚨 Security Risk: Critical
👇🧵 More details#TineGroupware is an #opensource software that provides a suite of collaborative tools and applications for communication and project management within a business or organization.
🧐During the research on open open source software, our #PentestProfessionals discovered that the sort parameter of the /index.php endpoint is vulnerable to SQL injection.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻🧑💻 👇
https://herolab.usd.de/security-advisories/usd-2023-0002/ -
In 11 days, the first #MCTTP - MUNICH CYBER TACTICS, TECHNIQUES AND PROCEDURES will take place, a conference for security professionals and #CISOs that aims to create future-proof #CyberSecurity in companies. Our colleagues Nicolas Schickert and Tobias Hamann from the #usdHeroLab will share their experiences about #SAP pentests there, as the SAP system landscape is the heart of many companies.
#moresecurityhttps://www.usd.de/en/presentation-mcttp-sap-from-an-attackers-perspective/
-
In 11 days, the first #MCTTP - MUNICH CYBER TACTICS, TECHNIQUES AND PROCEDURES will take place, a conference for security professionals and #CISOs that aims to create future-proof #CyberSecurity in companies. Our colleagues Nicolas Schickert and Tobias Hamann from the #usdHeroLab will share their experiences about #SAP pentests there, as the SAP system landscape is the heart of many companies.
#moresecurityhttps://www.usd.de/en/presentation-mcttp-sap-from-an-attackers-perspective/
-
In 11 days, the first #MCTTP - MUNICH CYBER TACTICS, TECHNIQUES AND PROCEDURES will take place, a conference for security professionals and #CISOs that aims to create future-proof #CyberSecurity in companies. Our colleagues Nicolas Schickert and Tobias Hamann from the #usdHeroLab will share their experiences about #SAP pentests there, as the SAP system landscape is the heart of many companies.
#moresecurityhttps://www.usd.de/en/presentation-mcttp-sap-from-an-attackers-perspective/
-
In 11 days, the first #MCTTP - MUNICH CYBER TACTICS, TECHNIQUES AND PROCEDURES will take place, a conference for security professionals and #CISOs that aims to create future-proof #CyberSecurity in companies. Our colleagues Nicolas Schickert and Tobias Hamann from the #usdHeroLab will share their experiences about #SAP pentests there, as the SAP system landscape is the heart of many companies.
#moresecurityhttps://www.usd.de/en/presentation-mcttp-sap-from-an-attackers-perspective/
-
In 11 days, the first #MCTTP - MUNICH CYBER TACTICS, TECHNIQUES AND PROCEDURES will take place, a conference for security professionals and #CISOs that aims to create future-proof #CyberSecurity in companies. Our colleagues Nicolas Schickert and Tobias Hamann from the #usdHeroLab will share their experiences about #SAP pentests there, as the SAP system landscape is the heart of many companies.
#moresecurityhttps://www.usd.de/en/presentation-mcttp-sap-from-an-attackers-perspective/
-
7 days. 3 security analysts. 2 conferences. 4 presentations. 3 tools. An exciting week at #BlackHat and @defcon lies behind our #usdHeroLab colleagues Florian, Nicolas and Matthias. Back in Neu-Isenburg, they share their experiences and highlights.
#tool #FlowMate #sncscan #CSTC #moresecurity -
Understanding a Hacker's Mind. who doesn't wish for it? Our usd AG Advanced Seminar makes it possible. Only if you know and understand the relevant #threats in IT environments, you can take effective countermeasures. Experienced security analysts from the #usdHeroLab will use theory and a lot of practice to show you the intentions and methods of a #hacker and how to protect your #systems in the best possible way.
Due to the great interest in the 1st half of the year, we are offering another date of the two-day attendance seminar in September.
👉https://www.usd.de/cst-academy/events/usd-seminar-understanding-hackers-mind/ -
The #usdHeroLab analysts examined the centralized management tool #WindowsAdminCenter while conducting their security analyses.
1⃣ Vulnerability Type: Cross-Site Scripting (CWE-79)
🚨 Security Risk: High
👇 More details🧐Windows Admin Center is a centralized management tool developed by Microsoft for IT administrators to manage and monitor Windows Server and Windows 10 systems.
The vulnerability enables an attacker to persist a JavaScript code in the application. The vulnerability can be used to perform actions on other users behalf.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻🧑💻 👇
https://herolab.usd.de/en/security-advisories/usd-2022-0028/ -
Our #HeroesOnTour are sending greetings from #LasVegas. Nicolas, Florian and Matthias presented our #pentesting #tools #FlowMate, #SNCScan and #CSTC to the global #HackerCommunity at #BlackHat and @defcon For those who couldn't join us live and want to learn more about the tools 💡 check out the GitHub repositories here 👇👨💻
📢https://github.com/usdAG/FlowMate
📢 https://github.com/usdAG/sncscan
📢 https://github.com/usdAG/cstc -
To counteract the increasing complexity of #hacker attacks, high-quality #pentests are essential. This is best achieved when the knowledge and instinct of #pentest professionals are complemented by suitable #tools. 🛠️
That's why our extensive experience with #TechnicalSecurityAnalyses is continuously contributes to the development of helpful tools. As a result, we proudly present our in-house developments #FlowMate, #SNCScan and #CSTC to the global #SecurityCommunity at #BlackHat and @support. We are proud to provide international security experts with tools for #moresecurity
Our Colleagues Matthias Göhring, Nicolas Schickert and Florian Haag are fine-tuning the very last details before heading to #LasVegas next week. We wish our Heroes great presentations and keep our fingers crossed!🤞
-
To counteract the increasing complexity of #hacker attacks, high-quality #pentests are essential. This is best achieved when the knowledge and instinct of #pentest professionals are complemented by suitable #tools. 🛠️
That's why our extensive experience with #TechnicalSecurityAnalyses is continuously contributes to the development of helpful tools. As a result, we proudly present our in-house developments #FlowMate, #SNCScan and #CSTC to the global #SecurityCommunity at #BlackHat and @support. We are proud to provide international security experts with tools for #moresecurity
Our Colleagues Matthias Göhring, Nicolas Schickert and Florian Haag are fine-tuning the very last details before heading to #LasVegas next week. We wish our Heroes great presentations and keep our fingers crossed!🤞
-
To counteract the increasing complexity of #hacker attacks, high-quality #pentests are essential. This is best achieved when the knowledge and instinct of #pentest professionals are complemented by suitable #tools. 🛠️
That's why our extensive experience with #TechnicalSecurityAnalyses is continuously contributes to the development of helpful tools. As a result, we proudly present our in-house developments #FlowMate, #SNCScan and #CSTC to the global #SecurityCommunity at #BlackHat and @support. We are proud to provide international security experts with tools for #moresecurity
Our Colleagues Matthias Göhring, Nicolas Schickert and Florian Haag are fine-tuning the very last details before heading to #LasVegas next week. We wish our Heroes great presentations and keep our fingers crossed!🤞
-
The #usdHeroLab analysts examined the application #MultiTech Conduit AP MTCAP2-L4E1 while conducting their security analyses.
1⃣ Vulnerability Type: cross-site request forgery attacks (CSRF)
🚨Security Risk: High
👇 More details🧐MultiTech Conduit AP MTCAP2-L4E1 is a LoRaWAN access point to provide connectivity of IoT assets. The webinterface allows configuration of settings like user management, LoRaWAN, Firewall and custom applications.
The vulnerability can be used to perform actions on other users behalf which may result in remote code execution.
The vulnerability was reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👨💻👩💻👇
https://herolab.usd.de/en/security-advisories/usd-2023-0004/ -
The #Mate is chilled and the #vulnerabilities are configured, now the only one missing is you! Are you up for the challenge? Join us in 7 days at the #usdHackingNight!
#SignUpNow: https://www.usd.de/cst-academy/events/usd-hacking-night/
-
The #Mate is chilled and the #vulnerabilities are configured, now the only one missing is you! Are you up for the challenge? Join us in 7 days at the #usdHackingNight!
#SignUpNow: https://www.usd.de/cst-academy/events/usd-hacking-night/
-
The #usdHeroLab analysts examined the application #Foswiki while conducting their security analyses.
2⃣ Vulnerability Type: Cross-Site Scripting
🚨Security Risk: High
👇🧵More details🧐Foswiki is a free and open-source wiki application that allows collaborative editing and content management. The application allows users to add attachments to wiki pages and add comments to the files.
The vulnerability can be used to attack other users and perform actions on their behalf. This may allow the takeover of an admin account, or the creation of a new high priviliged account.
The vulnerabilities were reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻👨💻👇
https://herolab.usd.de/security-advisories/usd-2022-0011/ -
The #usdHeroLab analysts examined the application #Foswiki while conducting their security analyses.
1⃣Vulnerability Type: Path Traversal
🚨Security Risk: High
👇More details🧐Foswiki is a free and open-source wiki application that allows collaborative editing and content management.
The application allows users to add attachments to wiki pages and move wiki files and attachments around.This can be used to (re)move arbitrary files on the system. The vulnerability allows the deletion of the AdminGroup.txt file, which handles the membership of the AdminGroup. The file can afterwards be recreated with customized members in it. This results in privilege escalation.
The vulnerabilities were reported to the vendor under the Responsible Disclosure Policy and subsequently fixed for #moresecurity. More information can be found here 👩💻🧑💻 👇
https://herolab.usd.de/en/security-advisories/usd-2022-0014/
-
Not long to go - preparations for #usdHackingNight are in full swing. Are you as excited as we are? Register yourself or your team now. No team yet? Find team members under the #usdHackingNight on Twitter and Mastodon.
#SignUpNow: https://www.usd.de/cst-academy/events/usd-hacking-night/
-
Not long to go - preparations for #usdHackingNight are in full swing. Are you as excited as we are? Register yourself or your team now. No team yet? Find team members under the #usdHackingNight on Twitter and Mastodon.
#SignUpNow: https://www.usd.de/cst-academy/events/usd-hacking-night/
-
Not long to go - preparations for #usdHackingNight are in full swing. Are you as excited as we are? Register yourself or your team now. No team yet? Find team members under the #usdHackingNight on Twitter and Mastodon.
#SignUpNow: https://www.usd.de/cst-academy/events/usd-hacking-night/
-
📢#CVE202237955: The #usdHeroLab analysts identified a vulnerability in Microsoft Windows Group Policy Updates that leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
👇💻
https://herolab.usd.de/security-advisories/usd-2022-0034/#itsecurity #cve #SecurityAdvisories #zeroday #Microsoft #cybersecurity