There are still a lot of details that are missing, but this post attempts to explain what we know about the unusual circumstances of this bug, and provides a new technical analysis and proof-of-concept trigger for CVE-2023-4863 ("the WebP 0day"). But who discovered the vulnerability and how was it being used? How does the vulnerability work? Why wasn't it discovered earlier? And what sort of impact does an exploit like this have? This means that someone, somewhere, had been caught using an exploit for this vulnerability. "Google is aware that an exploit for CVE-2023-4863 exists in the wild." The issue, CVE-2023-4863, was a heap buffer overflow in the WebP image library, and it had a familiar warning attached: The update included a single security fix that was reported by Apple's Security Engineering and Architecture (SEAR) team. But the effort to get rid of it or mitigate it is vastly less than log4shell (unless you aren't a java shop then log4shell didn't affect you).Įarly last week, Google released a new stable update for Chrome. To be clear: this libwebp-vulnerability is the serious, "needs to be patched immediately, unlimited overtime for everybody" kind of vulnerability. It was a full-blown RCE with bonus "can affect systems way beyond of your perimeter" and " every java application is suspect until proven clean". You can even prioritize your internet-facing applications. Server-side it's much easier to enumerate if you're vulnerable: if you don't handle images, you're fine. So either you have a tight grip on updates and push them to your users, or you don't have a tight grip and auto-update takes care of it. The client-side should be a non-issue (all the major networks have released updates and they have robust auto-update functionality). That's why I said client-side or server-side that handles image conversion (or thumbnail generation). Thousands of applications use that stuff. Webp lib is in everything that interacts with videos or parses them. Exploit-code would need to target IOS to get RCE on IOS that same file would not lead to an execution on Windows X64 (and vice-versa). This is cross platform.įrom what I see it's a C library that compiles to the different platforms.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |