[lacnog] Huawei router exploit involved in Satori and Brickerbot given away for free on Christmas by Blackhat Santa

Lucimara Desiderá lucimara en cert.br
Mie Ene 3 17:36:36 BRST 2018


Huawei router exploit involved in Satori and Brickerbot given away for
free on Christmas by Blackhat Santa


"Introduction

NewSky Security observed that a known threat actor released working code
for Huawei vulnerability CVE-2017–17215 free of charge on Pastebin this
Christmas. This exploit has already been weaponized in two distinct IoT
botnet attacks, namely Satori and Brickerbot.

CVE-2017–17215, a vulnerability in Huawei HG532 devices, was discovered
during a zero-day Satori attack by Checkpoint and was discreetly
reported to Huawei for a fix. The proof of concept code was not made
public to prevent attackers from abusing it. However, with the release
of the full code now by the threat actor, we expect its usage in more
cases by script kiddies and copy-paste botnet masters."


To read the complete article see:

https://blog.newskysecurity.com/huawei-router-exploit-involved-in-satori-and-brickerbot-given-away-for-free-on-christmas-by-ac52fe5e4516


Más información sobre la lista de distribución LACNOG