by James Horseman | May 26, 2022 | Blog, Red Team
Introduction VMware recently patched a critical authentication bypass vulnerability in their VMware Workspace ONE Access, Identity Manager and vRealize Automation products (CVE-2022-22972). This vulnerability allows an attacker to login as any known local user. Patch...
by James Horseman | May 9, 2022 | Blog, Red Team
Introduction F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability is particularly worrisome for users because it is simple to exploit and provides an attacker with a method to execute arbitrary system...
by Naveen Sunkavally | Jan 6, 2022 | Blog, Red Team
Since news of the Log4Shell vulnerability (CVE-2021-44228/CVE-2021-45046) broke last month, infosec teams have been scrambling to find instances of the vulnerability in their environments and remediate them. It’s been a challenge because of the breadth of impact: any...
by Naveen Sunkavally | Dec 10, 2021 | Blog, Red Team
Apache log4j2 is one of the most widely used Java logging libraries. Countless applications are built with Java components that range from critical infrastructure like VMware products to other open-source projects like Apache Solr, Apache Druid, and many more. On...
by Naveen Sunkavally | Oct 18, 2021 | Blog, Red Team
Overview We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis blog posts have been awesome, but they have been catering to an offensive security audience. Our new approach will...
by Zach Hanley | Oct 4, 2021 | Blog, Red Team
Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML) has proved to be a hotbed of vulnerabilities within the last...