Cyware Daily Threat Intelligence January 02, 2018

Top Vulnerabilities Reported in the Last 24 Hours
Unpatched macOS vulnerability
Recently, a security researcher has made public the details of an unpatched vulnerability in macOS that can be exploited. The unpatched flaw can enable an unprivileged user to take complete control of the system if they have physical access to the system to execute arbitrary code and get root permissions.

Sonos and Bose speaker flaws
Some models of Sonos and Bose speakers, including the newer the Sonos One, Sonos Play:1, and Bose SoundTouch systems, can be accessed remotely, and then commandeered with straightforward tricks to play any audio file that a hacker chooses. Beyond merely playing sounds through a victim's device, a hacker could also determine information like what file a vulnerable speaker is currently playing, the name of someone's accounts on services like Spotify and Pandora, and the name of their Wi-Fi network.

CSRF flaw
One of the serious vulnerabilities has been found in phpMyAdmin by security researchers. This flaw allows hackers to exploit a CSRF flaw and drop tables, delete records, and perform other database operations.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.