topic Re: Have a pi(e) and eat it in Industry News

Have a pi(e) and eat it

Chuxing — Tue, 09 Apr 2019 14:39:55 GMT

Seriously, someone wants to attack my Raspberry Pi ?

https://nvd.nist.gov/vuln/detail/CVE-2018-18068

Re: Have a pi(e) and eat it

Beads — Tue, 09 Apr 2019 18:01:34 GMT

Future 'con presentations have to come from somewhere, even if they present no real world threat. In this case I suspect this is probably what is going on here.

Somehow I skipped over this information when skimming my daily CVE browsing the past few days.

Food for thought.

- b/eads

Re: Have a pi(e) and eat it

OS22783 — Tue, 09 Apr 2019 20:58:17 GMT

Why not? If I send you a cool app and you run it granting me access to your network, I poke around the network and see Linux running on a Pi, if I can pivot to that then I would try all the privesc methods at my disposal. Now your Pi is being used as a C2 server or whatever else the threat actor wants 😉