˼¿ÆÇå¾²Æô¶¯Ó²¼þ¸Ä¶¯ThrangrycatÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-05-17

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1649£¬£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖм¶£¬£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º6.7£¬£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1862£¬£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ß¼¶£¬£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.2£¬£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾

CVE-2019-1649

Ö§³ÖTAmµÄ100¶à¿î˼¿Æ²úÆ·


CVE-2019-1862

ÔËÐÐIOS XE°æ±¾16ÇÒÆôÓÃÁËHTTP Server¹¦Ð§µÄ˼¿Æ×°±¸


Îó²î¸ÅÊö


Ñо¿Ö°Ô±ÔÚ˼¿Æ²úÆ·Öз¢Ã÷ÁËÒ»¸öÎó²î£¬£¬£¬£¬£¬£¬£¬£¬¿Éµ¼Ö¹¥»÷ÕßÔÚÆóÒµºÍÕþ¸®ÍøÂçÖеĴó×Ú×°±¸Èç·ÓÉÆ÷¡¢½»Á÷»úºÍ·À»ðǽÉÏÖ²È볤ÆÚºóÃÅ¡£¡£¡£¡£¡£¡£Õâ¸öÎó²î±»ÃüÃûΪ¡°Thrangrycat¡±£¨¡°ÈýÖ»ÄÕÅ­µÄ衱£©£¬£¬£¬£¬£¬£¬£¬£¬ÓÉÇå¾²¹«Ë¾Red Baloon·¢Ã÷ÇÒ±àºÅΪCVE-2019-1649£¬£¬£¬£¬£¬£¬£¬£¬Ó°ÏìÖ§³ÖÐÅÈÎêµãÄ£¿£¿£¿£¿£¿£¿£¿£¿é(TAm)µÄ¶à¿î˼¿Æ²úÆ·¡£¡£¡£¡£¡£¡£


ƾ֤Çå¾²³§ÉÌRed BalloonµÄ±¨¸æ£¬£¬£¬£¬£¬£¬£¬£¬ThrangrycatÎó²îÊÇÓÉ˼¿ÆÐÅÈÎêģ¿£¿£¿£¿£¿£¿£¿£¿é£¨TAm£©ÖеÄÓ²¼þÉè¼ÆȱÏÝÒýÆðµÄ¡£¡£¡£¡£¡£¡£Ë¼¿ÆTAmÊÇ×Ô2013ÄêÒÔÀ´ÏÕЩÔÚËùÓÐ˼¿ÆÆóÒµ×°±¸ÖÐʵÏֵĻùÓÚÓ²¼þµÄÇå¾²Æô¶¯¹¦Ð§£¬£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚÈ·±£ÔÚÓ²¼þƽ̨ÉÏÔËÐеĹ̼þÊÇÕæʵÇÒδ¾­Ð޸ĵÄ¡£¡£¡£¡£¡£¡£¸ÃÎó²îÊÇÓÉÓÚ¶Ô´úÂëÇøÓòµÄ²»×¼È·¼ì²éÔì³ÉµÄ£¬£¬£¬£¬£¬£¬£¬£¬¸Ã´úÂëÇøÓòÖÎÀíÇå¾²Æô¶¯Ó²¼þµÄFPGAÍâµØ¸üС£¡£¡£¡£¡£¡£¹¥»÷Õßͨ¹ýÐÞ¸ÄFPGA±ÈÌØÁ÷£¬£¬£¬£¬£¬£¬£¬£¬¿É½«¶ñÒâ¹Ì¼þдÈë¸Ã×é¼þ£¬£¬£¬£¬£¬£¬£¬£¬´Ó¶øÆÆËðÇå¾²Æô¶¯Àú³Ì²¢Ê¹Ë¼¿ÆµÄÐÅÈÎÁ´´Ó»ù´¡ÉÏÎÞЧ¡£¡£¡£¡£¡£¡£ÕâÒ»Ð޸ľßÓг¤ÆÚÐÔ£¬£¬£¬£¬£¬£¬£¬£¬¿ÉÔÚºóÐøµÄÆô¶¯Àú³ÌÖнûÓÃÐÅÈÎ꣬£¬£¬£¬£¬£¬£¬£¬Ò²¿É½ûÓÃÖ®ºóµÄTAmÈí¼þ¸üС£¡£¡£¡£¡£¡£


ÓÉÓÚʹÓøÃÎó²îÐèÒª¾ßÓиùȨÏÞ£¬£¬£¬£¬£¬£¬£¬£¬Òò´Ë˼¿ÆÐû²¼Ç徲ͨ¸æÌåÏÖ£¬£¬£¬£¬£¬£¬£¬£¬Ö»ÓоßÓжÔÄ¿µÄϵͳÎïÆÊÎö¼ûȨÏÞµÄÍâµØ¹¥»÷Õ߲ŻªÔÚ×é¼þÖÐдÈë¾­Ð޸ĵĹ̼þ¾µÏñ¡£¡£¡£¡£¡£¡£


È»¶ø£¬£¬£¬£¬£¬£¬£¬£¬Red BalloonÑо¿Ö°Ô±Ö¸³ö£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÒ²ÄÜÁ´½ÓÆäËüȱÏÝÔ¶³ÌʹÓÃThrangrycatÎó²î£¬£¬£¬£¬£¬£¬£¬£¬´Ó¶ø»ñÈ¡¸ùȨÏÞ»òÕßÖÁÉÙÒÔ¸ùÉí·ÝÖ´ÐÐÏÂÁî¡£¡£¡£¡£¡£¡£


ΪÁËÑÝʾ¸Ã¹¥»÷£¬£¬£¬£¬£¬£¬£¬£¬Ñо¿Ö°Ô±Åû¶ÁË»ùÓÚwebµÄ˼¿ÆIOS²Ù×÷ϵͳµÄÓû§½Ó¿ÚRCEÎó²îCVE-2019-1862£¬£¬£¬£¬£¬£¬£¬£¬¿Éµ¼ÖÂÒѵǼµÄÖÎÀíÔ±ÒÔ¸ùȨÏÞÔÚÊÜÓ°Ïì×°±¸µÄµ×²ãLinux shellÉÏÖ´ÐÐí§ÒâÏÂÁî¡£¡£¡£¡£¡£¡£


»ñµÃ¸ù»á¼ûȨÏ޺󣬣¬£¬£¬£¬£¬£¬£¬¶ñÒâÖÎÀíÔ±Äܹ»Ê¹ÓÃThrangrycatÎó²îÔ¶³ÌÈƹýÄ¿µÄÉè±¹ØÁ¬ÄTAm£¬£¬£¬£¬£¬£¬£¬£¬²¢×°ÖöñÒâºóÃÅ¡£¡£¡£¡£¡£¡£


Ñо¿Ö°Ô±ÌåÏÖ£¬£¬£¬£¬£¬£¬£¬£¬Í¨¹ýÁ´½ÓThrangrycatºÍÔ¶³ÌÏÂÁî×¢ÈëÎó²î£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÄܹ»Ô¶³Ì²¢³¤ÆÚµØÈƹý˼¿ÆµÄÇå¾²ÆôÄîÍ·ÖƲ¢Ëø¶¨ËùÓÐTAmµÄδÀ´Èí¼þ¸üС£¡£¡£¡£¡£¡£

Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º


CVE-2019-1649

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot


CVE-2019-1862

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-webui#fshttps://thrangrycat.com/


²Î¿¼Á´½Ó


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-webui#fshttps://thrangrycat.com/
https://thehackernews.com/2019/05/cisco-secure-boot-bypass.html