Back
NCC Group Publication Archive
Uncategorized

January 4, 2015

1 min read

Authorisation

Oops you’ve come to this page in error

Oops you are not authorised to access the document you’ve requested

Published by NCC Group Publication Archive

Here are some related articles you may find interesting

Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call

Vendor: Sonos Vendor URL: https://www.sonos.com/ Versions affected: * Confirmed 73.0-42060 Systems Affected: Sonos Era 100 Author: Ilya Zhuravlev Advisory URL: Not provided by Sonos. Sonos state an update was released on 2023-11-15 which remediated the issue. CVE Identifier: N/A Risk: High Summary Sonos Era 100 is a smart speaker released…

Hardware & Embedded Systems
Technical advisories
Vulnerability Research

December 4, 2023

3 mins read

Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100

Research performed by Ilya Zhuravlev supporting the Exploit Development Group (EDG). The Era 100 is Sonos’s flagship device, released on March 28th 2023 and is a notable step up from the Sonos One. It was also one of the target devices for Pwn2Own Toronto 2023. NCC found multiple security weaknesses…

Hardware & Embedded Systems
Vulnerability Research

December 4, 2023

7 mins read

Technical Advisory: Adobe ColdFusion WDDX Deserialization Gadgets

Multiple vulnerabilities identified in Adobe ColdFusion allow an unauthenticated attacker to obtain the service account NTLM password hash, verify the existence of a file or directory on the underlying operating system, and configure central config server settings.

Technical advisories
Vulnerability Research

November 21, 2023

15 mins read

Previous post Next post

View articles by category

Most popular posts

Most recent posts

Call us before you need us.

Our experts will help you.

Get in touch
%d