Aggregator

文章描述了HTTP错误代码521的含义及其常见原因，指出该错误通常由Cloudflare引起，并可能与服务器配置或网络连接问题相关。

HackerNews 编译，转载请注明出处： 网络安全研究人员发现，霍尼韦尔旗下Tridium公司开发的Niagara框架存在十余个安全漏洞。在特定配置下，处于同一网络的攻击者可利用这些漏洞攻陷系统。 Nozomi Networks Labs在上周发布的报告中指出：“如果Niagara系统配置错误，导致特定网络设备的加密功能被禁用，则这些漏洞均可被完全利用。若组合使用，处于同一网络（例如中间人位置）的攻击者将能攻陷整个Niagara系统。” Niagara Framework由霍尼韦尔的独立业务实体Tridium开发。它是一个厂商中立的平台，用于管理和控制来自不同制造商的各种设备（如暖通空调（HVAC）、照明、能源管理和安防系统），使其在楼宇管理、工业自动化和智能基础设施环境中成为极具价值的解决方案。它由两个关键组件构成： 站点 (Station)：负责与联网设备及系统通信并实施控制。 平台 (Platform)：提供创建、管理和运行站点所必需的底层软件环境服务。 Nozomi Networks发现的这些漏洞，可在Niagara系统配置不当导致网络设备加密功能关闭时被利用，为攻击者打开横向移动和更广泛运营中断的大门，影响安全性、生产力和服务连续性。 已发现的最严重问题包括： CVE-2025-3936 (CVSS 评分：9.8) – 关键资源的权限分配不当 CVE-2025-3937 (CVSS 评分：9.8) – 使用计算强度不足的密码哈希值 CVE-2025-3938 (CVSS 评分：9.8) – 缺少加密步骤 CVE-2025-3941 (CVSS 评分：9.8) – Windows: DATA 备用数据流处理不当 CVE-2025-3944 (CVSS 评分：9.8) – 关键资源的权限分配不当 CVE-2025-3945 (CVSS 评分：9.8) – 命令中参数分隔符过滤不当 CVE-2025-3943 (CVSS 评分：7.3) – 在敏感查询字符串中使用GET请求方法 Nozomi Networks表示，他们能够构造一个结合CVE-2025-3943和CVE-2025-3944的漏洞利用链。该利用链可使同一网络上具有访问权限的相邻攻击者入侵基于Niagara的目标设备，最终实现root级远程代码执行。 具体而言，在系统日志服务（Syslog）启用的情况下，攻击者可利用CVE-2025-3943漏洞拦截反跨站请求伪造（CSRF）刷新令牌——包含该令牌的日志可能通过未加密通道传输。 获取令牌后，攻击者可触发CSRF攻击，诱骗管理员访问特制链接，导致所有传入HTTP请求和响应的内容被完整记录。攻击者随后提取管理员的JSESSIONID会话令牌，并利用该令牌以完全提升的权限连接到Niagara站点，创建一个新的后门管理员用户以实现持久访问。 在攻击的下一阶段，攻击者滥用管理权限，下载与设备TLS证书关联的私钥，并利用站点和平台共享相同证书及密钥基础设施这一事实，实施中间人（AitM）攻击。控制平台后，攻击者利用CVE-2025-3944漏洞即可在目标设备上实现root级远程代码执行，完成全面接管。经过负责任的披露流程，这些问题已在Niagara Framework 和 Enterprise Security 的4.14.2u2、4.15.u1或4.10u.11版本中得到修复。 “由于Niagara通常连接关键系统，有时还桥接着物联网（IoT）技术和信息技术（IT）网络，它可能成为一个高价值目标，”该公司表示，“鉴于Niagara驱动的系统可控制关键功能，如果实例未按照Tridium的加固指南和最佳实践进行配置，这些漏洞可能对运营弹性和安全性构成高风险。” 此次漏洞披露之际，PROFINET协议的开源实现库P-Net C也被发现存在多个内存破坏漏洞。若成功利用，这些漏洞可让具有目标设备网络访问权限的未认证攻击者触发拒绝服务（DoS）条件。 “从实际角度看，利用CVE-2025-32399漏洞，攻击者可强制运行P-Net库的CPU陷入无限循环，消耗100%的CPU资源，” Nozomi Networks解释道，“另一个漏洞CVE-2025-32405则允许攻击者在连接缓冲区边界之外进行写入，破坏内存并使设备完全无法使用。” 这些漏洞已在2025年4月底发布的该库1.0.2版本中修复。 近几个月来，罗克韦尔自动化（Rockwell Automation）的PowerMonitor 1000、博世力士乐（Bosch Rexroth）的ctrlX CORE控制器以及稻叶电机产业（Inaba Denki Sangyo）的IB-MCT001摄像头也被发现存在多个安全缺陷，可能导致任意命令执行、设备被接管、拒绝服务（DoS）、信息窃取，甚至能远程访问监控实时画面。 美国网络安全和基础设施安全局（CISA）在关于IB-MCT001漏洞的公告中指出：“成功利用这些漏洞可能使攻击者获取该产品的登录密码、获得未授权访问、篡改产品数据，和/或修改产品设置。”       消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

Linux Kernel 6.16发布，改进硬件支持、优化文件系统和网络；新增驱动程序；适合桌面滚动安装；非LTS版寿命短；下个版本6.17预计2025年9月发布。

A vulnerability, which was classified as critical, was found in McAfee Total Protection up to 16.0.29. This affects an unknown part of the component MTP Self-Defense. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2021-23874. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Microsoft Windows Vista SP2 up to Server 2012 R2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library Win32k of the component Kernel-Mode Driver. The manipulation leads to improper access controls. This vulnerability is known as CVE-2016-0167. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Windows and classified as problematic. This vulnerability affects unknown code of the component Enhanced Cryptographic Provider. The manipulation leads to an unknown weakness. This vulnerability was named CVE-2021-31199. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows and classified as critical. This issue affects some unknown processing of the component Enhanced Cryptographic Provider. The manipulation leads to an unknown weakness. The identification of this vulnerability is CVE-2021-31201. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component Kernel. The manipulation leads to memory corruption. This vulnerability is known as CVE-2021-33771. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been rated as very critical. This issue affects some unknown processing of the component Kernel. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2021-31979. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows up to Server 2019 and classified as very critical. This issue affects some unknown processing of the component Update Medic Service. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2021-36948. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

本文提供了多种GDPR合规工具与模板，包括数据主体访问请求表单、同意管理表单、数据泄露通知表单及数据处理协议模板等实用资源，帮助组织简化合规流程并确保符合GDPR要求。

A vulnerability was found in Microsoft Windows. It has been declared as critical. This vulnerability affects unknown code of the component File Signature Handler. The manipulation leads to improper verification of cryptographic signature. This vulnerability was named CVE-2020-1464. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in GNOME Yelp and classified as problematic. This issue affects some unknown processing of the component Help Document Handler. The manipulation leads to inclusion of functionality from untrusted control sphere. The identification of this vulnerability is CVE-2025-3155. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Red Hat Enterprise Linux 6/7/8/9 and classified as critical. Affected by this vulnerability is the function XkbVModMaskText of the component X.org X11 Server/TigerVNC. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-26595. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Red Hat Enterprise Linux 6/7/8/9. It has been declared as critical. This vulnerability affects the function GetBarrierDevice of the component X.org X11 Server/TigerVNC. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2025-26598. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as critical has been found in Red Hat Enterprise Linux 6/7/8/9. Affected is an unknown function of the component X.org X11 Server/TigerVNC. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-26600. The attack needs to be approached locally. There is no exploit available.

A vulnerability classified as critical has been found in GNOME libsoup. This affects the function soup_message_headers_get_content_disposition of the file soup-message-headers.c. The manipulation of the argument params leads to double free. This vulnerability is uniquely identified as CVE-2025-32911. It is possible to initiate the attack remotely. There is no exploit available.

文章概述了GDPR赋予个人的数据主体权利及其对企业的影响，包括知情权、访问权、纠正权、删除权等，并详细说明了企业在响应这些权利时所需的技术和组织措施。同时强调了构建GDPR合规框架的重要性，包括数据盘点与映射、隐私政策与透明度管理、同意机制以及安全措施的实施。

2025 Let’s GoSSIP 软件安全暑期学校预告第一弹——GUI测试大师 Kea2

GitHub近期出现大规模服务中断，持续时间已超8小时。受影响服务包括Git操作、API请求、Pull请求和Issues等。目前修复进展缓慢，仍有约4%的请求出错。