all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms

Add to bookmarks
April 8, 2022, 9:01 a.m. | info@enablesecurity.com (Enable Security)

/r/netsec - Information Security News & Discussion www.reddit.com

Executive summary (TL;DR) Exploiting CVE-2022-0778 in a WebRTC context requires that you get a few things right first. But once that is sorted, DoS (in RTC) is the new RCE!
How I got social engineered into looking at CVE-2022-0778 A few days ago, Philipp Hancke, self-proclaimed purveyor of the dark side of WebRTC, messaged me privately with a very simple question: “are you offering a DTLS scanner by chance?”
He explained how in the context of WebRTC it would be …

bug cve cve-2022-0778 exploiting openssl platforms webrtc

Visit resource

More from www.reddit.com / /r/netsec - Information Security News & Discussion

3D-Printed USB Dead Man Switch (Prototype Demo) 15 hours ago | www.reddit.com
dead demo netsec prototype +2
Neat idea - A 'scarecrow' for your computer. 19 hours ago | www.reddit.com
computer idea netsec
Introducing SecureDrop Protocol 21 hours ago | www.reddit.com
netsec protocol securedrop
Multiple vulnerabilities in RIOT OS 23 hours ago | www.reddit.com
netsec riot vulnerabilities
CVE-2024-3661: TunnelVision - DHCP option 121 allows attacker controlled DHCP to subvert VPN routing rules 23 hours ago | www.reddit.com
attacker cve cve-2024 dhcp +5
LLM pentest: Leveraging agent integration for RCE 1 day, 19 hours ago | www.reddit.com
agent integration llm netsec +2
Malware Analysis Blog(Formbook info stealer analysis) 2 days, 6 hours ago | www.reddit.com
analysis blog formbook info +5
Built a Python script that maps all of the connections shared by a given number … 2 days, 11 hours ago | www.reddit.com
connections file graph internal +12
pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard 3 days, 9 hours ago | www.reddit.com
dashboard grafana netsec pcap +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Product Manager, Electronic Warfare - Active Clearance

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Specialist Operations and Support/ Entry Professional - IT Security, Cyber Security & Governance

@ Norsk Hydro | Jaipur, IN
View on infosec-jobs.com

Embedded Software Engineer, Electronic Warfare

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Cyber Security Analyst

@ Peraton | Chantilly, VA, United States
View on infosec-jobs.com

Principal Consultant, Proactive Security - Unit 42

@ Palo Alto Networks | Sydney, Australia
View on infosec-jobs.com

Penetration Tester Consultant

@ RSI Security | United States - Remote
View on infosec-jobs.com
View more jobs