ZecOps Blog

Impact & Key Details (TL;DR) Demonstrate a way to do a basic heap spray We were able to use this technique to verify that this vulnerability is exploitable. We are still working on improving the success rate. Present two new examples of in-the-wild...

Updates We published another writeup: https://blog.zecops.com/vulnerabilities/seeing-maildemons-technique-triggers-and-a-bounty/ The vulnerability affected even the first iPhone (aka iPhone 1 / iPhone 2G) on iOS 3.1.3. First in-the-wild trigger to this...

Introduction CVE-2020-0796 is a bug in the compression mechanism of SMBv3.1.1, also known as “SMBGhost”. The bug affects Windows 10 versions 1903 and 1909, and it was announced and patched by Microsoft about three weeks ago. Once we heard about it, we...

CVE-2020-0796 Introduction Microsoft recently announced a bug in the compression mechanism of SMBv3.1.1. The bug is also known as “SMBGhost”. This bug has serious implications in managed networks. Windows 10 versions 1903 and 1909 are affected. Lucas...

ZecOps Task-For-Pwn 0 Bounty: TFP0 POC on PAC-Enabled iOS Devices <= 12.4.2...

Thanks to Checkm8 – a bootrom vulnerability that exist on most iPhones/iPads (<A12), a generic method to bypass the iOS sandbox restrictions will be made public within days/weeks for all previous and future versions of iOS! An upcoming release of a...