And the next stop is – root privileges!
Microsoft has recently discovered several vulnerabilities, collectively referred to as Nimbuspwn. This lethal combination could allow an attacker to elevate privileges to “root” on many Linux desktop endpoints.
Nimbuspwn takes advantage of the D-Bus functionality and two vulnerabilities found in the networkd-dispatcher (“CVE-2022-29799” and “CVE-2022-29800”), which include directory traversal, symlink race, and TOCTTOU race condition issues, that could be leveraged to elevate privileges and deploy malware or carry out other malicious activities.
In this unit, you will deep dive into the technicalities behind these vulnerabilities, examine the networked-dispatcher’s execution flow identified by Microsoft’s researchers, analyze the full attack flow and discuss mitigation procedures to defend your organization.
Out of over 200 teams, BCC Grupo Cajamar’s cyber defense team, “Blue’s Boys”, was one of only 13 teams to make it to the finals. […]
Microsoft’s recently discovered vulnerabilities, collectively referred to as ‘Nimbuspwn’, could allow attackers to elevate privileges to root level privileges (the highest level privileges e.g., administrator) […]