We protect companies against hackers and criminals. #moresecurity is our mission.
Imprint: http://usd.de/en/imprint
Privacy protection: http://usd.de/en/privacy-protection
| Website | https://www.usd.de/en/ |
| Security Advisories | https://herolab.usd.de/en/security-advisories/ |
| Events (German) | https://www.usd.de/cst-academy/events/ |
Our pentest professionals at #usdHeroLab identified several vulnerabilities in #KofaxCommunicationServer (KCS) and in the #ArcGIS scripting language Arcade ranging from path traversal to XSS.
All #vulnerabilities were responsibly reported to the vendors.
π Details on our #SecurityAdvisories can be found here: https://www.usd.de/en/security-advisories-kofax-communication-server-arcgis-arcade/
Our security analyst @kpwn identified two #XSS vulnerabilities during web application pentests.
π Affected software: Weblication CMS Core and d.3one. These vulnerabilities enable attackers to execute requests on behalf of other users.
π° Detailed information on our advisories can be found here: https://www.usd.de/en/security-advisories-d-3one-and-weblication-cms-core/
#Pentesting #InfoSec #AppSec #CyberSecurity #Vulnerability #Hacking
Unauthenticated RCE in Agorum Core Open!
During their regular security analyses, our pentest professionals from #usdHeroLab examined the open source software #AgorumCoreOpen.
They discovered multiple #vulnerabilities that, when chained together, allow an unauthenticated attacker to achieve full remote code execution with root privileges. This critical flaw enables complete system compromise without prior authentication.
π°π Detailed information on the published #SecurityAdvisories can be found here: https://www.usd.de/en/security-advisories-on-agorum-core-open/
#Pentest #Pentesting #moresecurity #RCE #CyberSecurity #InfoSec
CVE-2025-27599 is a really clever and creative attack targeting #ElementX Android.
A malicious app can exploit this vulnerability to launch ElementX in a WebView with any URL, enabling attackers to:
- Launch phishing attacks
- Record and exfiltrate the victim's video and audio (due to Element Call permissions)
Full advisory: https://herolab.usd.de/security-advisories/usd-2025-0010/
Big shout-out to my awesome colleagues for discovering this and to Element for their quick response.
We have found an interesting vulnerability in a #Matrix #Android client:
𧩠Software: #Element X Android
π¦ Affected Version: <= 25.04.1
π CVE: CVE-2025-27599
π CVSSv3.1: MEDIUM
β οΈ Prerequisites: Clicking on a crafted hyperlink or using a malicious app
Since Element X Android usually has the permission to access camera and microphone, this can be used to record audio and video from the victim. Pretty bad! π¨
π Read more: https://herolab.usd.de/security-advisories/usd-2025-0010/
#InfoSec #CyberSecurity #Pentesting #Hacking #CVE_2025_27599 #SpyWare #Phishing
Am 16.05. empfangen mein Kollege Nick Lorenz und ich euch in KΓΆln zu den usd Hackertagen. Bei Pizza und Tschunk reden wir ΓΌbers Hacken und Pentesten.
Praktische Hands-On Erfahrung kΓΆnnt ihr in unserer Trainingsumgebung, dem PentestLab, sammeln.
Wir freuen uns auf alle, die vorbeischauen.
π
16.05.2025, 13:00 - 18:30 Uhr + Gemeinsamer Ausklang bei Pizza und Tschunk
π² kostenlos
Mehr Infos hier: https://www.usd.de/cst-academy/events/usd-hackertage/
If you're using Element Android < 1.6.34, you should update.
In according versions, a brute force attack on the PIN code is possible if the PIN code is set and the Internet connection is deactivated (CVE-2025-27606)
π Read the full details here: https://herolab.usd.de/en/security-advisories/usd-2025-0002/
With the help of this utility we were able to identify all potentially interesting files and download those first to increase efficiency in our analysis. It's now also available on our company GitHub organization: https://github.com/usdAG/webtree.
π Follow us for #moresecurity
π Also, boost the first toot to spread the word!
jfk
Konstantin 