RCE
08May

CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability

As part of our daily job in Crowdfense, we investigate and dive deep into recently disclosed vulnerabilities to determine their exploitability and, if possible, weaponise them. We maintain a curated list of n-days (N-day Vulnerability Intelligence Feed) for red and blue teams, aiding them in conducting their operations and APT simulation scenarios. As we routinely check for interesting...

By , Read more...
01Aug

Windows Wi-Fi Driver RCE Vulnerability – CVE-2024-30078

In June, during "Patch Tuesday”, Microsoft released a fix for CVE-2024-30078. The severity of this vulnerability was marked as important, with its impact set to Remote Code Execution (RCE). After reading Microsoft’s bulletin, this vulnerability piqued our interest. It seemed plausible for an unauthenticated attacker to send a malicious packet to an adjacent system, which could enable remote...

By , Read more...