We would like to bring your attention to the following 0-day exploit we have recently become aware of.
The Horde Webmail Software has been found to contain a nine year old unpatched security vulnerability. Exploitation of this vulnerability could be used to gain complete access to email accounts simply by previewing an attachment.
The vulnerability triggers when a targeted user views an attached OpenOffice document in the browser. This results in the ability for an attacker to steal all emails the victim has sent and received. If an attacker was successful in targeting an administrator by sending a personalised, malicious email, they could abuse this privileged access to take over the entire webmail server.
At this time, there are no patches for Horde webmail that are available, however Horde Webmail users are advised to disable the rendering of OpenOffice attachments by editing the config/mime_drivers.php file to add the ‘disable’ => true configuration option to OpenOffice mime handler.
We are actively monitoring the situation.
Exploiting CVE-2023-5044 and CVE-2023-5043 to overtake a Kubernetes Cluster
Delve into the Golden Ticket Attack in Active Directory: a key APT method. Discover its workings, countermeasures, and detection to protect your network.
Uncloaking Radio Frequency Identification (RFID)
Demystify RFID with insights on components, tag types, modulation, and use cases. A concise guide to the intricate world of RFID.
A journey into Badge Life
Explore CovertSwarm’s Badge Life journey from Defcon 30 chaos to Defcon 31 triumphs. Join the hardware hacking adventure in this article!