cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Champion

Have a pi(e) and eat it

Seriously, someone wants to attack my Raspberry Pi ?

 

https://nvd.nist.gov/vuln/detail/CVE-2018-18068

 

 


______________________________
Chuxing Chen, Ph.D., CISSP
2 Replies
Contributor II

Re: Have a pi(e) and eat it

Future 'con presentations have to come from somewhere, even if they present no real world threat. In this case I suspect this is probably what is going on here.

 

Somehow I skipped over this information when skimming my daily CVE browsing the past few days.

 

Food for thought.

 

- b/eads

Newcomer II

Re: Have a pi(e) and eat it

Why not? If I send you a cool app and you run it granting me access to your network, I poke around the network and see Linux running on a Pi, if I can pivot to that then I would try all the privesc methods at my disposal. Now your Pi is being used as a C2 server or whatever else the threat actor wants Smiley Wink


___________________________
CISSP, OSCP