watchTowrIn 2025, we achieved pre-auth RCE against another solution in a ransomware gang favourite category. Today, we finally click publish.
Join us as we walk through a chain of vulnerabilities we identified in BMC’s FootPrints ITSM solution.
Enjoy!
The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution Chains)
SolarWinds. Ivanti. SysAid. ManageEngine. Giants of the KEV world, all of whom have ITSM side-projects. ITSMs, as a group of solutions, have played pivotal roles in numerous ransomware gang campaigns - not only do they represent code running on a system, but they hold a significant amount of sensitive information.