¸ßͨµÄSnapdragonоƬ´æÔÚ400¶à¸ö·ì϶£»£»£»£»£»£»×êÑÐÈËÔ±Åû¶vBulletinÖÐ0day²»¾Ãºó¸ÃÍøÕ¾Ôâµ½¹¥»÷

°ä²¼¹¦·ò 2020-08-11

1.Check Point·¢ÏÖ¸ßͨµÄSnapdragonоƬ´æÔÚ400¶à¸ö·ì϶


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Check Point¾­²âÊÔ£¬£¬£¬ £¬£¬£¬ÔÚ¸ßͨSnapdragon DSPоƬÖз¢ÏÖÁË400¶à¸öÒ×Êܹ¥»÷µÄ´úÂë¶Î£¬£¬£¬ £¬£¬£¬ºÚ¿Í¿ÉÀûÓÃÕâЩ·ì϶ʹָ±êÉ豸Ôì³ÉÒ»¸öÃÀÂúµÄ¼äµý¹¤¾ß¡£ ¡£¡£¡£¡£¡£³ý´ËÖ®±í£¬£¬£¬ £¬£¬£¬ºÚ¿Í»¹Äܹ»Ê¹ÊÖ»úÉϵÄÃô¸ÐÐÅÏ¢£¬£¬£¬ £¬£¬£¬ÈçͼƬ¡¢ÁªÏµÈË»òÊÓÆµ£¬£¬£¬ £¬£¬£¬ÎÞ·¨½Ó¼û»òÓÀÔ¶²»³ÉÓᣠ¡£¡£¡£¡£¡£Check PointÖ¸³ö£¬£¬£¬ £¬£¬£¬DSPÊÇ×÷ΪºÚºÐÖÎÀíµÄ£¬£¬£¬ £¬£¬£¬³ýÁËÔì×÷ÉÌÖ®±íÈκÎÈ˶¼ºÜÄѶÔËüÃǵÄÉè¼Æ¡¢Ö°ÄÜ»ò´úÂë½øÐÐÉó²é£¬£¬£¬ £¬£¬£¬ÕâʹµÃDSPоµ¥·½Ãæ¶Ô·çÏÕ¶ñ´àÈõµÃ¶à¡£ ¡£¡£¡£¡£¡£µ½Ä¿Ç°ÎªÖ¹£¬£¬£¬ £¬£¬£¬ÕâЩ·ì϶»¹Î´±»ÀûÓᣠ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.hackread.com/chip-flaws-turn-android-phones-into-spying-tool/


2.BlueRepli¹¥»÷¿ÉÈÆ¹ýÀ¶ÑÀÉí·ÝÑéÖ¤ÇÔÈ¡°²×¿Óû§Ãô¸ÐÐÅÏ¢


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


DBAPPSecurityµÄ×êÑÐÈËÔ±·¢ÏÖÁËÐµĹ¥»÷´ó¾ÖBlueRepli£¬£¬£¬ £¬£¬£¬¿ÉÈÆ¹ýÀ¶ÑÀÉí·ÝÑéÖ¤ÇÔÈ¡°²×¿Óû§Ãô¸ÐÐÅÏ¢£¬£¬£¬ £¬£¬£¬Ô̺¬Í¨»°¼Í¼£¬£¬£¬ £¬£¬£¬ÁªÏµÈ˺ÍSMSÑéÖ¤Âë¡£ ¡£¡£¡£¡£¡£Í¨¹ýBlueRepli£¬£¬£¬ £¬£¬£¬¹¥»÷ÕßÄܹ»½öͨ¹ý·ÂÕÕÒÔǰÓëÖ¸±êÉ豸ÏνӵÄÉ豸À´ÈƹýÉí·ÝÑéÖ¤¡£ ¡£¡£¡£¡£¡£×êÑÐÈËÔ±Ö¸³ö£¬£¬£¬ £¬£¬£¬ÕâЩ¹¥»÷ÔÚiOSÉ豸Éϲ»Æð×÷Óᣠ¡£¡£¡£¡£¡£¸Ã·ì϶ÊÇÓÉij¸öÌØ¶¨ÊÖ»úÔì×÷É̵ÄÃýÎóÔì³ÉµÄ£¬£¬£¬ £¬£¬£¬¸ÃÔì×÷É̳ö²úÁËԼĪ1ÒÚ²¿AndroidÊÖ»ú¡£ ¡£¡£¡£¡£¡£Google°µÊ¾£¬£¬£¬ £¬£¬£¬¸Ã¹«Ë¾Ä¿Ç°ÈÔÔÚ¿ª·¢²¹¶¡·¨Ê½ÒÔ½¨¸´¸Ã·ì϶¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.hackread.com/bluerepli-attack-hackers-bypass-bluetooth-android-authentication/


3.×êÑÐÈËÔ±·¢ÏÖWindows Print SpoolerÖÐÁ½¸öеÄ0day


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


SafeBreach LabsµÄ×êÑÐÈËÔ±Åú¶ÁËWindows Print SpoolerÖÐÁ½¸öеÄ0day¡£ ¡£¡£¡£¡£¡£µÚÒ»¸öΪ±¾µØÌáȨ·ì϶£¨CVE-2020-1337£©£¬£¬£¬ £¬£¬£¬Ó°ÏìÁËWindows 7µ½Windows 10£¨32λºÍ64룩µÄËùÓÐWindows°æ±¾£¬£¬£¬ £¬£¬£¬¹¥»÷Õß³ýÁËÄܹ»»ñµÃSYSTEMÌØÈ¨±í£¬£¬£¬ £¬£¬£¬»¹Äܹ»ÓÃ×÷ÓÆ¾ÃÐÔ¼¼Êõ¡£ ¡£¡£¡£¡£¡£ÁíÒ»¸öΪ±¾µØDoS·ì϶£¬£¬£¬ £¬£¬£¬Ó°ÏìÁË´ÓWindows 2000µ½Windows 10£¨32λºÍ64룩µÄËùÓÐWindows°æ±¾¡£ ¡£¡£¡£¡£¡£µ«ÊÇÓÉÓÚ΢ÈíÒÔΪËüûÓдﵽ°²È«¸üеķþÎñÒªÇ󣬣¬£¬ £¬£¬£¬Òò¶ø¸Ã·ìϼû»ÓÐCVEºÅÂ룬£¬£¬ £¬£¬£¬Ò²²»»á°ä²¼²¹¶¡·¨Ê½¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.helpnetsecurity.com/2020/08/07/zero-days-windows-print-spooler/


4.×êÑÐÈËÔ±Åû¶vBulletinÖÐ0day²»¾Ãºó¸ÃÍøÕ¾Ôâµ½¹¥»÷


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


×êÑÐÈËÔ±Amir EtemadiehÅú¶ÁËvBulletinÖеÄÐÂ0day²»¾Ã£¬£¬£¬ £¬£¬£¬¸ÃÍøÕ¾±ãÔâµ½¹¥»÷¡£ ¡£¡£¡£¡£¡£2019Äê9Ô£¬£¬£¬ £¬£¬£¬×êÑÐÈËÔ±Åú¶ÁËvBulletin 5.0ÖÁ5.4°æ±¾ÖеÄRCE·ì϶£¨CVE-2019-16759)£¬£¬£¬ £¬£¬£¬¹¥»÷Õß¿ÉÀûÓø÷ì϶ÔÚÔ¶³Ì·þÎñÆ÷ÉÏÖ´ÐÐÈκÎPHPºÅÁ£¬£¬ £¬£¬£¬¶øÎÞÐèµÇ¼¡£ ¡£¡£¡£¡£¡£¶øÕâ´ÎÅû¶µÄ0day¿ÉÈÆ¹ýÕë¶ÔCVE-2019-16759µÄ²¹¶¡·¨Ê½£¬£¬£¬ £¬£¬£¬ÔÊÐíËùÓÐÈËÔ¶³ÌÖ´ÐкÅÁ£¬£¬ £¬£¬£¬½«POSTÒªÇó·¢Ë͵½vBulletin·þÎñÆ÷¡£ ¡£¡£¡£¡£¡£defcon.orgÂÛ̳ÔÚ´Ë·ì϶±»Åû¶ÈýÓ×ʱºóÔâµ½¹¥»÷£¬£¬£¬ £¬£¬£¬vBulletinµÄÂÛ̳ÔÚ8ÔÂ19ÈÕÒ²ÏÂÏßÁË£¬£¬£¬ £¬£¬£¬»òÔÚ½¨¸´¸Ã·ì϶¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/vbulletin-fixes-ridiculously-easy-to-exploit-zero-day-rce-bug/


5.CybleÔÚ°µÍø·¢Ïֺڿ͹«¿ªµÄÃÀ¹ú230¶àÍòÒ½ÉúµÄÓ×ÎÒÐÅÏ¢


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Cyble·¢ÏÖÓÐÁ½ÃûºÚ¿ÍÔÚ°µÍøÖй«¿ªÁË2267453Ò½ÉúµÄÓ×ÎÒÐÅÏ¢¡£ ¡£¡£¡£¡£¡£Ð¹Â©µÄÊý¾ÝÉæ¼°µ½Á˶à¸öÁìÓòµÄÒ½Éú£¬£¬£¬ £¬£¬£¬ÀýÈçÁÙ´²Éç»á¹¤×÷Õß¡¢Æ¤·ô²¡Ñ§Ò½Éú¡¢»¤Ê¿Ö´ÒµÒ½Ê¦ºÍÑé¹âʦµÈ£¬£¬£¬ £¬£¬£¬µ«ÊÇÖØÒªÎª´Óʼ¹¹ÇÒ½ÖεÄÒ½Éú£¬£¬£¬ £¬£¬£¬Óг¬¹ý11400±Ê¼Í¼¡£ ¡£¡£¡£¡£¡£Õâ´Îй¶µÄÐÅÏ¢Ô̺¬¹ú¶ÈÌṩÉ̱êʶ·û£¨NPI£©¡¢È«Ãû¡¢¾ÓסµØÖ·¡¢ÁªÏµµç»°¡¢Ðí¿ÉÖ¤ºÅÂ롢ʵϰµØÖ·µØÖ·ºÍµç×ÓÓʼþ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://cybleinc.com/2020/08/08/2-3-million-usa-doctor-records-allegedly-leaked-on-darkweb-for-free/


6.Barracuda°ä²¼2020Äê¶ÈÍþÐ²Ì¬ÊÆµÄ·ÖÎö»ã±¨


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Barracuda°ä²¼ÁË2020Äê¶ÈÍþÐ²Ì¬ÊÆµÄ·ÖÎö»ã±¨£¬£¬£¬ £¬£¬£¬·¢ÏÖÓÐ6170¸öʹÓÃGmail¡¢AOLµÈÆäËûµç×ÓÓʼþ·þÎñµÄ¶ñÒâÕÊ»§ÌáÒéÁË100000ÂÅ´ÎBEC¹¥»÷£¬£¬£¬ £¬£¬£¬ÒÑÓ°Ïì½ü6600¸ö×éÖ¯¡£ ¡£¡£¡£¡£¡£ÕâЩ¶ñÒâÕË»§ÖУ¬£¬£¬ £¬£¬£¬GmailÊÇÊ×Ñ¡£¬£¬£¬ £¬£¬£¬ËüÕ¼ËùÓкڿÍʹÓõĵç×ÓÓʼþÓòµÄ59£¥¡£ ¡£¡£¡£¡£¡£Yahoo£¡ÊǵڶþÊÜ»¶Ó­µÄ£¬£¬£¬ £¬£¬£¬Õ¼ËùÓй۲쵽µÄ¶ñÒâÕÊ»§¹¥»÷µÄ6£¥¡£ ¡£¡£¡£¡£¡£Barracuda·ÖÎöÁËÕâ6600¸ö×éÖ¯Ôâµ½µÄ¹¥»÷ºó£¬£¬£¬ £¬£¬£¬·¢ÏÖºÚ¿Í»áʹÓÃÒ»ÑùµÄµç×ÓÓʼþµØÖ·¹¥»÷·ÖÆçµÄ×éÖ¯£¬£¬£¬ £¬£¬£¬Ò»¸ö¶ñÒâÕÊ»§»á·¢ËÍ1µ½600¶à·âµç×ÓÓʼþ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.helpnetsecurity.com/2020/08/10/6600-organizations-bombarded-with-100000-bec-attacks/