Fast Feed

This Week in Security: AirBorne, EvilNotify, and Revoked RDP

1 min read

Summary

  • Oligo has discovered 23 vulnerabilities, collectively called AirBorne, which affects Apple Airplay and SDK.
  • These vulnerabilities affect Mac desktops and laptops, as well as iOS and iPadOS devices, and IoT devices that use the Apple SDK for Airplay.
  • The issues range from authentication bypasses to local file reads, and even Remote Code Execution (RCE).
  • Apple has released patches for all the CVEs.
  • However, the IoT devices constructed with the vulnerable SDK will take a long time to clean up, and many may never get updated.
  • Guilherme Rambo discovered that the Darwin Notification system in Apple’s Inter Process Communications has no verification system, allowing for misinformation.
  • John Stawinski discovered that the Node.js CI would run any code regardless of the timestamp on a pull request - all that was required was to add a commit with a timestamp in the past to the target PR, and the CI job would run the (now malicious) code.
  • Microsoft has claimed that it is not a vulnerability that Windows machines accept revoked credentials for Remote Desktop Protocol (RCE) logins.

By Jonathan Bennett

Original Article