Posts tagged: 0-Day Exploit

Jan 10 2013

New Java 0-Day Exploit Spotted in the Wild

Java 7 0-Day ExploitA new Java 0-day vulnerability has been discovered, and is already being exploited in the wild. Currently, disabling the plugin is the only way to protect your computer.

The MBeanInstantiator in Oracle Java Runtime Environment (JRE) 1.7 in Java 7 Update 10 and earlier allows remote attackers to execute arbitrary code via vectors related to unspecified classes that allow access to the class loader, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681.

By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system.

CVE Standard Vulnerability Entry: CVE-2013-0422

This actual vulnerability was later confirmed by security firm AlienVault Labs. With Kafeine’s help, the company reproduced the exploit on a new, fully-patched installation of Java, and used a malicious Java applet to remotely execute the Calculator application on Windows XP as shown in the below screen-shot:

Java 7 update 10 0-day exploit demo

Sep 13 2011

6 SCADA 0-Day Exploits

A security researcher has disclosed a laundry list of unpatched vulnerabilities and detailed proof-of-concept exploits that allow hackers to completely compromise major industrial control systems.

SCADA Exploits

Security researcher Luigi Auriemma disclosed the attacks against six SCADA (Supervisory Control and Data Acquisition) systems including US giant Rockwell Automation.

The step-by-step exploits allowed attackers to execute full remote compromises and denial of service attacks.

Some of the affected SCADA systems were used in power, water and waste distribution and agriculture.

Such zero-day information disclosure was generally frowned upon in the information security industry because it exposed customers to attack while published vulnerabilities remained unpatched.

Attacks against SCADA systems were particularly controversial because exploits could affect a host of machinery from lift control mechanisms to power plants.