PoC

Blogs Security Advisory

PinTheft Linux allows unprivileged local users to gain full root access; PoC Released

Overview: PinTheft vulnerability originates from improper memory reference handling inside the Linux kernel’s RDS zerocopy implementation

A newly disclosed Linux privilege escalation vulnerability named PinTheft allows local unprivileged users to gain full root access on vulnerable systems. Modern Linux systems use “zerocopy” operations to improve performance by avoiding unnecessary memory duplication during network transfers. In this case, failed RDS zerocopy operations improperly release memory references multiple times.

The flaw combines a long-standing issue in the Linux kernel’s RDS (Reliable Datagram Sockets) zerocopy functionality with io_uring to overwrite SUID-root binaries directly in memory and spawn a root shell.

Impact of PinTheft Vulnerability:

The issue primarily impacts systems where RDS modules are enabled and loadable, along with io_uring support. Researchers confirmed default exposure on Arch Linux, while several enterprise Linux distributions mitigate the risk by disabling or blocking RDS modules by default.

What makes PinTheft particularly dangerous is that the exploit modifies SUID-root binaries only in memory, leaving the original files on disk untouched.

PinTheft demonstrates how older kernel flaws can become highly exploitable when combined with newer Linux subsystems such as io_uring.

The vulnerability also highlights:

  • The increasing complexity of Linux kernel attack surfaces
  • Risks associated with performance-oriented kernel optimizations
  • The importance of minimizing unnecessary kernel modules in production environments

For enterprise security teams, systems allowing untrusted local workloads should be prioritized for immediate mitigation and monitoring.

The vulnerability impacts Linux kernels dating back to version 4.17, first released in 2018, highlighting how long-standing kernel flaws can remain dormant until newer features enable reliable exploitation techniques

Affected environments:

Researchers confirmed that:

  • Arch Linux systems were vulnerable by default
  • Some distributions ship RDS modules disabled or blacklisted
  • Certain enterprise Linux distributions are not affected because RDS is absent or io_uring is disabled by default

PoC Released

The release of a public proof-of-concept significantly increases operational risk for organizations running affected Linux environments.

Unlike remote vulnerabilities, PinTheft requires local access. However, once an attacker gains even limited user-level execution, the exploit provides a reliable path to full root compromise.

The vulnerability also highlights increasing complexity of Linux kernel attack surfaces and risks associated with performance-oriented kernel optimizations, importance of minimizing unnecessary kernel modules in production environments.

RakshaOne from Intrucept

RakshaOne can play a significant role in detecting and responding to the PinTheft Linux privilege escalation vulnerability. Since the exploit abuses kernel-level behavior and enables local users to gain root access while leaving minimal traces on disk, traditional security tools may struggle to identify the attack. RakshaOne helps security analysts and SOC teams gain centralized visibility across Linux servers, workloads, and enterprise infrastructure, allowing them to quickly understand the scope and context of suspicious activity.

By combining threat intelligence, behavioral analytics, and automated alert correlation, RakshaOne can detect abnormal privilege escalation attempts, suspicious SUID binary execution, unusual kernel activity, and unauthorized module loading associated with PinTheft exploitation.

The platform also simplifies incident response by automatically prioritizing high-risk alerts and correlating related events, helping organizations identify both known and unknown threats faster.

This becomes especially important for multi-tenant Linux environments, CI/CD runners, container hosts, and shared infrastructure where local privilege escalation vulnerabilities can rapidly lead to full system compromise.

References: PinTheft Linux Vulnerability Let Attackers Gain Root Access – PoC Released

Cybersecurity News Security Advisory

New Rowhammer Attack Enabled GPUBreach via GDDR6 Bit-Flips to Escalate Privileges

Rowhammer attacks can be exploited to enable privilege escalation

Continue Reading
Security Advisory

Critical Ivanti EPMM Attacks Exploited RCE; Security Updates Released

Ivanti has disclosed two critical code injection vulnerabilities in its Endpoint Manager Mobile (EPMM) product that enable unauthenticated remote code execution and have been exploited in zero-day attacks.

Continue Reading
Blogs Cybersecurity News

DNS CNAME Used as Relay Attack for New Kerberos-PoC Released

A dangerous flaw in how Windows environments handle Kerberos service ticket requests one that significantly expands the practical attack surface for Kerberos relaying in Active Directory. 

Continue Reading
Security Advisory

Apple iOS & iPadOS Patch 0-Days Vulnerabilities, Exploited in Targeted Attacks

Apple iOS & iPadOS Patch Zero-Days Vulnerabilities, Exploited in Targeted Attacks

Continue Reading
Security Advisory

TARmageddon Exploitable Tar Extraction Flaw Exposes Systems to Privilege Escalation 

Summary A critical vulnerability known as Tarmageddon (CVE-2025-62518) impacts multiple tar extraction utilities and libraries, including GNU tar, libarchive, Python’s tarfile module, and the Rust async-tar library. 

Severity High 
CVSS Score 7.8 
CVEs CVE-2025-62518 
POC Available Yes, public PoC and patches available (edera-dev GitHub) 
Actively Exploited Not confirmed widespread exploitation public PoC raises opportunistic risks 
Exploited in Wild No confirmed mass exploitation at time of writing 
Advisory Version 1.0 

Overview 


Tarmageddon (CVE-2025-62518) vulnerability Improper path sanitization and symlink-target validation during extraction enable a crafted tar archive to write files outside the intended extraction directory, leading to arbitrary file overwrite, privilege escalation, or remote code execution when executed by privileged or automated services. 

                Vulnerability Name CVE ID Product Affected Severity Fixed Version 
Tar path traversal / symlink bypass (async-tar RCE vector) CVE-2025-62518 GNU tar, libarchive, Python tarfile, Rust async-tar and downstream tools High Patches released by maintainers; reference fixes in Edera patch repository  and vendor advisories 

Technical Summary 

Root cause: insufficient canonicalization of file paths and incomplete sanitization of symlink targets within tar archive headers. Behavioral details: Path traversal via ../ sequences and chained symlinks allows crafted archives to escape the extraction root and overwrite system binaries, configuration files, or startup scripts.

A public proof-of-concept confirms this behavior in affected async-tar implementations. Fix: apply upstream and distribution patches that normalize paths and validate symlink targets (edera-dev patches).

Exploitability: public PoC exists for CVE-2025-62518, highest risk when automated extractions run with elevated privileges (CI/CD, build, backup). Manual extraction is lower risk. Impact: Malicious extraction can overwrite critical files, allow service takeover or remote code execution, and lead to full host compromise if run as root. 

CVE ID System Affected  Vulnerability Details Impact 
CVE-2025-62518 Tar libraries and tools async-tar, GNU tar, libarchive, Python tarfile, and any tools that use them. Crafted tar entries can bypass path checks and write outside the extraction folder (PoC available). Can overwrite files, allow privilege escalation/RCE if run as root, and contaminate build/CI artifacts. 

Remediation

  • Apply patches immediately — update tar libraries and utilities with vendor or distribution fixes (Edera patches where applicable). 
  • Disable automatic extraction of untrusted archives in gateways, ingestion services and CI/CD systems. 
  • Use least privilege for extraction processes — avoid root / Administrator contexts. 
  • Replace unsafe extraction calls (e.g., tarfile.extractall()) with secure wrappers that validate path components and reject traversal or symlink abuses. 
  • Sandbox extraction inside containers or VMs with strict filesystem scoping (read-only mounts, AppArmor/SELinux confinement). 
  • Inventory and update all images, containers, and build artifacts that bundle tar utilities or tar libraries. 

Detection Guidance: Lab verification: Use the public PoC only in isolated virtual environments to validate that patched version block path traversal and symlink exploits. 

SIEM / EDR indicators: 

  • File create/write events to sensitive paths (/etc, /usr/bin, /var, application config dirs) immediately following tar extraction processes. 
  • Creation of symlinks or reparse-points by tar-related processes. 
  • Processes invoking tar or Python extraction libraries writing outside expected extraction directories. 

Conclusion: 
Tarmageddon (CVE-2025-62518) is a high-risk archive extraction vulnerability that affects widely used tar utilities and libraries, including GNU tar, libarchive, Python’s tarfile, and the Rust async-tar implementation.

This vulnerability should be treated as a Priority-1 patch event for any environment performing automated or privileged tar extractions. Organizations are strongly advised to apply vendor patches immediately, enforce sandboxed extraction workflows, and implement strict least-privilege and path-validation controls to prevent arbitrary file overwrites, privilege escalation, and potential supply-chain compromise. 

References:  

Security Advisory

Microsoft Teams Access Token Vulnerability Allows Attack Vector for Data Exfiltration

Summary: Microsoft Teams Access Token Vulnerability: New Attack Vector for Data Exfiltration

A recently uncovered vulnerability in Microsoft Teams for Windows allows attackers with local access to extract encrypted authentication tokens, granting unauthorized access to chats, emails and SharePoint files.

This technique, detailed by researcher Brahim El Fikhi on October 23, 2025, leverages the Windows Data Protection API (DPAPI) to decrypt tokens stored in a Chromium-like Cookies database.

Attackers can use these tokens for impersonation, lateral movement, or social engineering, bypassing recent security enhancements and posing significant risks to enterprise environments.

Vulnerability Details

The vulnerability, identified in Microsoft Teams desktop applications, involves the extraction of encrypted access tokens stored in the SQLite Cookies database at %AppData%\Local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\Cookies. Unlike earlier versions that stored tokens in plaintext (a flaw exposed by Vectra AI in 2022), current versions use AES-256-GCM encryption protected by DPAPI, tied to user or machine credentials. However, attackers with local access can decrypt these tokens using tools like ProcMon and Mimikatz, exploiting the embedded msedgewebview2.exe process that handles authentication via login.microsoftonline.com.

Source: blog.randorisec.fr, cybersecuritynews
Attack Flow

StepDescription
CraftAttackers use ProcMon to monitor msedgewebview2.exe and identify the Cookies database write operations.
AccessThe ms-teams.exe process is terminated to unlock the Cookies file, which is locked during operation.
ExtractThe encrypted token is retrieved from the Cookies database, with fields like host_key (e.g., teams.microsoft.com), name, and encrypted_value (prefixed with “v10”).
DecryptThe DPAPI-protected master key is extracted from %AppData%\Local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\Local State and decrypted using Windows APIs or tools like Mimikatz.
ExploitDecrypted tokens are used with tools like GraphSpy to access Teams chats, send messages, read emails, or interact with SharePoint via Microsoft Graph API

Why It’s Effective

  • Local Access Exploitation: The attack requires only local access, achievable via malware or compromised endpoints, bypassing MFA and remote defenses.
  • Stealthy Execution: The use of standard Windows APIs (DPAPI) and embedded browser processes evades traditional monitoring.
  • Authority Abuse: Tokens enable impersonation through trusted APIs, amplifying risks of phishing or data theft via Teams, Outlook, or SharePoint.

Recommendations:

  • Monitor Processes Deploy EDR rules to detect abnormal ms-teams.exe terminations or msedgewebview2.exe file writes.
  • Enforce Encryption – Use app-bound encryption and prefer web-based Teams to avoid local token storage.
  • Token Rotation – Implement Entra ID policies to rotate access tokens regularly and audit Graph API logs for anomalies.
  • Limit Privileges – Restrict local admin access to prevent DPAPI key extraction.
  • User Awareness – Train users to recognize phishing attempts via Teams or email, especially those leveraging impersonation

Conclusion:
This vulnerability underscores the evolving threat landscape for collaboration platforms like Microsoft Teams. As attackers refine techniques to exploit trusted systems, organizations must enhance endpoint monitoring and adopt stricter access controls. By implementing the outlined mitigations, security teams can reduce the risk of token-based attacks and safeguard sensitive data.

References:

Security Advisory

7-Zip Security Flaw Allows Malicious File Writes and Potential Exploits 

Summary Security Advisory: 7-Zip Security Flaw

A vulnerability in 7-Zip (versions before 25.01) allows attackers to abuse symbolic links in archive files to write files outside the intended extraction directory.

Severity Low 
CVSS Score 3.6 
CVEs CVE-2025-55188 
POC Available No 
Actively Exploited No 
Exploited in Wild No 
Advisory Version 1.0 

Overview 

This can lead to overwriting sensitive files, potentially enabling code execution or privilege escalation. The flaw is primarily exploitable on Linux systems due to common file permission models but can also impact Windows under specific conditions. Affected archive formats include ZIP, TAR, 7Z and RAR. 

The security flaw was  reported and discoverd by security researcher lunbun, who identified that 7-Zip fails to properly validate symbolic links when extracting certain archive formats.

Vulnerability Name CVE ID Product Affected Severity Fixed Version 
​ 7-Zip Arbitrary File Write via Symbolic Link Flaw  CVE-2025-55188 7-Zip  Low  25.01 and later. 

Technical Summary 

Cause: Improper validation of symbolic links during archive extraction. 

Attack Vector: Malicious archives can contain symlinks pointing outside the extraction directory. 

Impact: Overwrites arbitrary files on the system. On Linux, this can replace startup scripts, configuration files, or binaries to gain elevated privileges. On Windows, exploitation requires write access to target paths. 

Affected Formats: ZIP, TAR, 7Z, RAR. 

CVE ID CVSS Score System Affected  Vulnerability Details Impact 
CVE-2025-55188 3.6 Linux, Windows 7-Zip versions 7-Zip mishandles symbolic links in archives, letting attackers write files anywhere on the system during extraction. Code execution, Privilege escalation 

Recommendations: 

Here are some recommendations below 

  • Update 7-Zip to version 25.01 or latest one.  
  • Avoid extracting archives from untrusted sources. 
  • Always consider using sandboxed environments for unknown files extraction. 

Conclusion: 
While CVE-2025-55188 carries a low CVSS score, the real-world impact can be severe in certain environments, especially on Linux systems with high-privilege extraction processes.

Immediate patching to 7-Zip 25.01 or later is strongly advised to mitigate the risk of arbitrary file overwrite attacks. 

The researcher has submitted a request for reevaluation of the CVSS score and offered to provide proof-of-concept demonstrations to package repository maintainers who require additional verification.

References

Blogs Security Advisory

New Cyberattack Methodology ‘Man in Prompt’, User’s at Risk, Target-AI Tools

AI tools like ChatGPT, Google Gemini and others being afflicted by malicious actors via injecting harmful instructions into leading GenAI tools. These were overlooked previously and attack methodology targets the browser extensions installed by various organizations.

The attack methodology named as ‘Man in Prompt’, exercise its attack with new class exploit targeting the AI tools as per LayerX’s researchers.

As per the research any browser extension, even without any special permissions, can access the prompts of both commercial and internal LLMs and inject them with prompts to steal data, exfiltrate it and cover their tracks. 

The exploit has been tested on all top commercial LLMs, with proof-of-concept demos provided for ChatGPT and Google Gemini. 

The question is how do they impact Users & organizations at large & how does the AI tools function within web browsers?

For organizations the implications can be high then expected as AI tools are most sought after and slowly organization across verticals are relying on AI tools.

The LLMs used and tested on many organizations are mostly trained ones. They carry huge data set of information which are mostly confidential and possibility of being vulnerable to such attack rises .

The attack methodology named as ‘Man in Prompt’, exercise its attack with new class exploit targeting the AI tools as per LayerX’s researchers. As per the research any browser extension, even without any special permissions, can access the prompts of both commercial and internal LLMs and inject them with prompts to steal data, exfiltrate it, and cover their tracks. 

The attack methodology named as ‘Man in Prompt’, exercise its attack with new class exploit targeting the AI tools as per LayerX’s researchers. As per the research any browser extension, even without any special permissions, can access the prompts of both commercial and internal LLMs and inject them with prompts to steal data, exfiltrate it, and cover their tracks. 

LayerX researcher termed this type of attack as ‘hacking copilots’ that are equipped to steal organizational information.

The prompts given are a part of the web page structure where input fields are known as the Document Object Model, or DOM. So virtually any browser extension with basic scripting access to the DOM can read or alter what users type into AI prompts, even without requiring special permissions.

Bad actors can use compromised extensions to carry out activities including manipulating a user’s input to the AI.

  • Perform prompt injection attacks, altering the user’s input or inserting hidden instructions.
  • Extract data directly from the prompt, response, or session.
  • Compromise model integrity, tricking the LLM into revealing sensitive information or performing unintended actions

Understanding the attack scenario

Proof-of-concept attacks against major platforms

For ChatGPT, an extension with minimal declared permissions could inject a prompt, extract the AI’s response and remove chat history from the user’s view to reduce detection.

LayerX implemented an exploit that can steal internal data from corporate environments using Google Gemini via its integration into Google Workspace.

Over the last few months, Google has rolled out new integrations of its Gemini AI into Google Workspace. Currently, this feature is available to organizations using Workspace and paying users.

Gemini integration is implemented directly within the page as added code on top of the existing page. It modifies and directly writes to the web application’s Document Object Model (DOM), giving it control and access to all functionality within the application

These platforms are vulnerable to  any exploit which Layer X researchers showcased that without any special permissions shows how practically any user is vulnerable to such an attack. 

Threat mitigation

These kind of attacks creates a blind spot for traditional security tools like endpoint Data Loss Prevention (DLP) systems or Secure Web Gateways, as they lack visibility into these DOM-level interactions. Blocking AI tools by URL alone also won’t protect internal AI deployments.

LayerX advises organisations to adjust their security strategies towards inspecting in-browser behaviour.

Key recommendations include monitoring DOM interactions within AI tools to detect suspicious activity, blocking risky extensions based on their behavior rather than just their listed permissions, and actively preventing prompt tampering and data exfiltration in real-time at the browser layer.

(Source: https://layerxsecurity.com/blog/man-in-the-prompt-top-ai-tools-vulnerable-to-injection/)

Security Advisory

Privilege Escalation in Notepad++ v8.8.1 Installer via Binary Planting with Public PoC Available 

Security Advisory: A high-severity privilege escalation vulnerability has been discovered in the Notepad++ v8.8.1 and prior installer, which allows local attackers to gain SYSTEM-level privileges through uncontrolled executable search paths (binary planting).

The installer searches for executable dependencies in the current working directory without verification, allowing attackers to place malicious executables that will be loaded with SYSTEM privileges during installation.

OEM Notepad++ 
Severity High 
CVSS Score 7.3 
CVEs CVE-2025-49144 
POC Available Yes 
Actively Exploited No 
Exploited in Wild No 
Advisory Version 1.0 

Overview 

Exploitation requires minimal user interaction and a public Proof of Concept (PoC) is available. The issue is resolved in version v8.8.2. 

Vulnerability Name CVE ID Product Affected Severity Fixed Version 
​Privilege Escalation Vulnerability  CVE-2025-49144 Notepad++  High  v8.8.2 

Technical Summary 

The Notepad++ installer improperly searches for executable dependencies in the current directory without verifying their authenticity.

This insecure behavior allows attackers to place a malicious executable (e.g. regsvr32.exe) in the same directory as the installer. Upon execution the malicious file is loaded with SYSTEM-level privileges, granting full control over the machine. 

In real world scenario, an attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder – which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges.

CVE ID System Affected  Vulnerability Details Impact 
  CVE-2025-49144  Notepad++ v8.8.1 and prior. The installer invokes executables without absolute path (e.g. regsvr32), allowing a malicious binary in the same directory to be executed with elevated privileges.  SYSTEM privilege escalation and full machine control 

Proof of Concept (PoC): 

  • Execution Flow: Attacker places a fake regsvr32.exe in the same directory as the Notepad++ installer. 
  • Trigger: When the user runs the installer, it loads the attacker’s file with SYSTEM privileges. 
  • Evidence: 
  • Process Monitor logs confirm that the installer is searching for executables in the local directory. 
  • Public PoC materials are hosted and shared, confirming reproducibility 

Remediation

  • Immediate Action: Upgrade to Notepad++ v8.8.2 or later which explicitly sets absolute paths when invoking executables like regsvr32. 

Recommendations: 

  • Configuration Check: Avoid executing installers from user-writable locations like the Downloads folder. Ensure installers are run from isolated, trusted directories. 
  • Environment Hardening: Implement endpoint detection for binary planting, restrict execution in commonly targeted directories. 

Conclusion: 
CVE-2025-49144 is a critical privilege escalation vulnerability with a working public PoC. It leverages a fundamental flaw in the Notepad++ installer’s handling of executable paths.

Given the low barrier to exploit and high impact, especially in environments where Notepad++ is widely used, immediate remediation is strongly advised. The presence of similar flaws in past versions highlights the persistent risk of insecure software packaging. 

This is a critical security vulnerability requiring immediate attention. While Microsoft classifies some binary planting issues as “Defense-in-Depth,” the severity of gaining SYSTEM privileges with minimal user interaction warrants priority remediation.

References

Scroll to top