Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

ABB Cylon BACnet MS/TP Kernel Module (mstp.ko) Out-of-Bounds Write in SendFrame()

A buffer overflow vulnerability exists in the mstp.ko kernel module, responsible for processing BACnet MS/TP frames over serial (RS485). The SendFrame() function writes directly into a statically sized kernel buffer (alloc_entry(0x1f5)) without validating the length of attacker-controlled data (param_5). If an MS/TP frame contains a crafted payload exceeding 492 bytes, the function performs out-of-bounds writes beyond the allocated 501-byte buffer, corrupting kernel memory. This flaw allows local or physically connected attackers to trigger denial-of-service or achieve remote code execution in kernel space. Tested against version 3.08.03 with a custom BACnet frame over /dev/ttyS0.

Zero Science Lab
#vulnerability#web#linux#dos#intel#rce#buffer_overflow#auth
ABB Cylon Aspect 3.08.03 (login.php) Obscure Authentication Bypass

The ABB Cylon Aspect BAS controller allows login using guest:guest, which initiates a web session but restricts access to administrative features by returning an 'Invalid Admin Username and/or Password' message. However, the session is still active and valid within the HMI environment. Despite failed privilege validation in the login flow, direct navigation to /setup.php bypasses authentication and authorization controls entirely. This endpoint serves as the administrative dashboard and allows full configuration access, including the ability to change credentials for the privileged aamuser account. This flaw results in privilege escalation from a limited guest session to full administrative control, compromising the integrity of the system.

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware.

Feds Charge 16 Russians Allegedly Tied to Botnets Used in Ransomware, Cyberattacks, and Spying

A new US indictment against a group of Russian nationals offers a clear example of how, authorities say, a single malware operation can enable both criminal and state-sponsored hacking.

Why 3D-Printing an Untraceable Ghost Gun Is Easier Than Ever

On today’s episode of ‘Uncanny Valley,’ we discuss how WIRED was able to legally 3D-print the same gun allegedly used by Luigi Mangione, and where US law stands on the technology.

Operation RapTor: 270 Arrested in Global Crackdown on Dark Web Vendors

Global crackdown: Operation RapTor leads to 270 arrests, millions seized as law enforcement targets dark web drug, weapon, and crypto vendors.

Why Image Quality Drops When Resizing a JPEG (and How to Fix It)

Ever tried resizing an image only to end up with a blurry, pixelated mess? Whether you’re adjusting a…

Lumma information stealer infrastructure disrupted

The Lumma infostealer infrastructure has suffered a serious blow by a coordinated action of the DOJ and Microsoft.

UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader.

Scammers are using AI to impersonate senior officials, warns FBI

Cybercriminals are using AI-based tools to generate voice clones of the voices of senior US officials in order to scam people.