Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Chuxing
Community Champion
‎04-09-2019 10:39 AM
‎04-09-2019 10:39 AM

Have a pi(e) and eat it

Seriously, someone wants to attack my Raspberry Pi ?

 

https://nvd.nist.gov/vuln/detail/CVE-2018-18068

 

 


____________________________________
Chuxing Chen, Ph.D., CISSP, PMP
Reply
2 Replies
Beads
Advocate I
‎04-09-2019 02:01 PM
‎04-09-2019 02:01 PM

Future 'con presentations have to come from somewhere, even if they present no real world threat. In this case I suspect this is probably what is going on here.

 

Somehow I skipped over this information when skimming my daily CVE browsing the past few days.

 

Food for thought.

 

- b/eads

Reply
0 Kudos
OS22783
Newcomer II
‎04-09-2019 04:57 PM
‎04-09-2019 04:57 PM

Why not? If I send you a cool app and you run it granting me access to your network, I poke around the network and see Linux running on a Pi, if I can pivot to that then I would try all the privesc methods at my disposal. Now your Pi is being used as a C2 server or whatever else the threat actor wants 😉


___________________________
CISSP, OSCP
Reply
0 Kudos