Tag: deserialization
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2024/10/17/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40711 Veeam Backup and Replication Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant…
-
Hacker News: Attacking PowerShell Clixml Deserialization
Source URL: https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization Source: Hacker News Title: Attacking PowerShell Clixml Deserialization Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text details a series of research findings related to security vulnerabilities associated with PowerShell’s CLIXML deserialization mechanism. Specifically, it highlights the risks stemming from the serialization and deserialization processes in PowerShell, emphasizing how these…