Now since the hacker controls the connection, they can send malicious content to the Mac computer in order to hijack the XML parser and execute code as root. "Vulnerable versions of ESET Endpoint Antivirus 6 are statically linked with an outdated XML parsing library and do not perform proper server authentication, allowing for remote unauthenticated attackers to perform arbitrary code execution as root on vulnerable clients." This attack was possible because the ESET antivirus did not validate the web server's certificate. This event triggers the CVE-2016-0718 flaw that executes the malicious code with root privileges when esets_daemon parsed the XML content. Join our insightful webinar! Save My Seat! Zero Trust + Deception: Learn How to Outsmart Attackers!ĭiscover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Now, when esets_daemon sent a request to during activation of the ESET Endpoint Antivirus product, an MITM attacker can intercept the request to deliver a malformed XML document using a self-signed HTTPS certificate. This POCO version is based on a version of the Expat XML parser library version 2.0.1 from 2007, which is affected by a publicly known XML parsing vulnerability ( CVE-2016-0718) that could allow an attacker to execute arbitrary code via malicious XML content. The service is statically linked with an outdated version of the POCO XML parser library, version 1.4.6p1 released in March 2013. The actual issue was related to a service named esets_daemon, which runs as root. She’s received the SACE Stage 2 merit for a research project on digital privacy, data rights, legal systems and public awareness, and won the Future Physicist Award from the Australian Institute of Physics.As detailed in the full disclosure, all a hacker needs to get root-level remote code execution on a Mac computer is to intercept the ESET antivirus package's connection to its backend servers using a self-signed HTTPS certificate, put himself in as a man-in-the-middle (MITM) attacker, and exploit an XML library flaw. Shradha was awarded the STEM Award in recognition of exceptional contributions to STEM learning in 2020, and since commencing her double degree at University of Adelaide. Shradha’s participation in STEM subjects in high school uncovered her passion for cyber security in high school, completing two research projects around digital privacy, and reconnaissance (spy) satellites. It’s an incredible reminder that there are people and support systems that want me to succeed.” To be recognised for my efforts is the best kind of encouragement. On being awarded the 2023 ESET Women in Cyber Security Scholarship, Shradha Angrish said, “Being awarded this scholarship is an honour and a privilege that inspires me to do more. Shradha’s exceptional talent and passion for cyber security, particularly in the areas of digital privacy and hygiene, will make her a valuable asset to the industry.” I’m proud to support any program like this one which will increase the number of women in cyber security, working to keep our country safe.”ĮSET APJ President, Parvinder Walia, said, “We believe this initiative, and our alignment with Minister O’Neil, as a leader for Australia’s Cyber Security portfolio, will inspire more women into the IT Security sector. Women rising through ranks in cyber security will encourage the younger generation into STEM-related studies, and into technical roles. The percentage of women in cyber security is growing, and initiatives such as ESET’s scholarships compliment the work the Government is doing to support that influx of women. Home Affairs and Cyber Security Minister, Clare O’Neil presented the award, and said, “To make Australia the most cyber-secure country in the world by 2030 we need to invest in the people who will defend Australians and our assets from this massive and growing threat. This year’s winner is Shradha Angrish, who is studying for a Bachelor of Engineering (Honours) (Mechanical) with Bachelor of Mathematical and Computer Sciences at the University of Adelaide. The scholarship is part of ESET’s global Women in Cyber Security Scholarship program for women currently enrolled in a graduate or undergraduate program majoring in a STEM (science, technology, engineering and mathematics) field.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |