Horizon3.ai
Continuously find, fix, and verify your exploitable attack surface
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs
Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). […] The ...
Cisco IOS XE Web UI Vulnerability: A Glimpse into CVE-2023-20198
Overview On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote […] The ...
Apache Superset Part II: RCE, Credential Harvesting and More
Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized ...
Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive
Introduction Ivanti has recently published an advisory for CVE-2023-38035. The vulnerability has been added to CISA KEV and is described as an authentication bypass in the Ivanti Sentry administrator interface. This new ...
Lexmark Command Injection Vulnerability ZDI-CAN-19470 Pwn2Own Toronto 2022
Introduction In December 2022, we competed at our first pwn2own. We were able to successfully exploit the Lexmark MC3224i using a command injection 0-day. This post will detail the process we used ...
NodeZero Pivots Through Your Network with the Attacker’s Perspective
A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds. The post NodeZero Pivots Through Your Network with the Attacker’s Perspective appeared first on Horizon3.ai ...
Privileged Credentials Often Bite Back
Active Directory Analytics Solution Enables Domain Compromise The post Privileged Credentials Often Bite Back appeared first on Horizon3.ai ...
CVE-2023-39143: PaperCut Path Traversal/File Upload RCE Vulnerability
Summary CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to version 22.1.3. If ...
You Can’t Manage Risk if You Lack Context
Low-Level Vulnerability Leads to Domain Compromise The post You Can’t Manage Risk if You Lack Context appeared first on Horizon3.ai ...
INSIGHT – MOVEit Zero-Day Reminds Us Yet Again to Be Diligent in Monitoring Our IT Infrastructure
Over the last week, the widely reported critical security flaw in the Progress MOVEit Transfer application (CVE-2023-34362) reminded us yet again to remain vigilant in securing our IT infrastructure from potential cyber ...