❌

Reading view

There are new articles available, click to refresh the page.

Unpatched Security Vulnerability in OPTO 22 PAC Basic Software

This ungated Vulnerability Analysis Report outlines the vulnerabilities found by VerSprite's security research team within Razer's Synapse 3 software suite, including risk level, disclosure timeline, and remediation information. The vulnerabilities covered are CVE-2021-30493 and CVE-2021-30494.

The post Unpatched Security Vulnerability in OPTO 22 PAC Basic Software appeared first on VerSprite.

Printer Spooler Bug Research

In this blog, we dive into and show how attackers could combine the 0day CVE-2020-0986 with the 0day in IE browser to achieve privilege escalation and then execute code remotely. Now, Maddie Stone, a security researcher on Google's Project Zero team, found that an attacker can still trigger CVE-2020-0986 and elevate kernel privileges by sending an offset instead of a pointer.

The post Printer Spooler Bug Research appeared first on VerSprite.

Part 5: Comprehensive Research of Linux Operating System

To summarize again briefly, syscall is an instruction that lowers the privilege level of the currently running application to 0 and allows the program to be performed in higher privilege using the required registers. In this section, we look at the Syscall instruction at the assembly level and try to analyze it in detail.

The post Part 5: Comprehensive Research of Linux Operating System appeared first on VerSprite.

Part 3: Comprehensive Research of Linux Operating System

As we discussed in the previous parts, the Linux Kernel is a collection of code written entirely in C. This is important to keep in mind while we are dealing with the attack floats because the vulnerabilities found in the Linux Kernel can be found in any executable file written using the C programming language.

The post Part 3: Comprehensive Research of Linux Operating System appeared first on VerSprite.

❌