@amberwolfsec.bsky.social
Offensive Cyber, Risk Management & Governance, Vulnerability Research and Technical Due Diligence
Read our full analysis of the vulnerability and its potential exploitation here: blog.amberwolf.com/blog/2025/ju...
04.06.2025 10:59 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0These core dumps may contain sensitive data and compromise the integrity of ThinOSโs storage encryption, directly contradicting Dellโs documentation, which states that all partitions except the boot partition are encrypted.
04.06.2025 10:59 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0If the device configuration allows it, this option can be accessed by unauthenticated users. In addition, previously generated core dumps may be accessible to unauthenticated attackers.
04.06.2025 10:59 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0AmberWolf has published technical details on CVE-2025-32752, a vulnerability affecting Dell ThinOS. Security researcher Darren McDonald discovered that when the troubleshooting feature โCreate Core Dumpโ is used, ThinOS saves core dumps to an unencrypted partition.
04.06.2025 10:59 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0You can read our latest blog at blog.amberwolf.com/blog/2025/ja...
17.01.2025 15:41 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 0The Kubernetes Security Response Committee has published an advisory for CVE-2024-9042, affecting Windows worker nodes querying the /logs endpoint.
Iain Smart, Principal Security Consultant at AmberWolf, reproduced the issue & shared detection insights in our latest blog.
All I want for Christmas is U(RL handlers not vulnerable to RCE)...
AmberWolf has published information about CVE-2024-12908, a Remote Code Execution vulnerability in the Delinea Secret Server Protocol Handler.
You can read our blog & PoC here:
blog.amberwolf.com/blog/2024/de...
CVE-2024-5921 is a Remote Code Execution and Privilege Escalation vulnerability in Palo Alto Global Protect, which is also exploitable using NachoVPN. Our full technical write up is available here: blog.amberwolf.com/blog/2024/no...
26.11.2024 11:17 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 1CVE-2024-29014 is an RCE as SYSTEM vulnerability in SonicWall NetExtender that is exploitable using NachoVPN. Full technical details of the vulnerability are available in out blog: blog.amberwolf.com/blog/2024/no...
26.11.2024 11:17 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
You can get the code, the prebuilt container or contribute modules on GitHub: github.com/AmberWolfCyb...
26.11.2024 11:17 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0NachoVPN is a modular server that allows for the automatic exploitation of VPN clients when they connect. It currently supports Cisco AnyConnect, SonicWall NetExtender, Palo Alto GlobalProtect and Pulse/Ivanti Connect Secure) across a multiple platforms. blog.amberwolf.com/blog/2024/no...
26.11.2024 11:17 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0Today, AmberWolf released two blog posts and our tool "NachoVPN" to target vulnerabilities in major VPNs, including CVE-2024-29014 (SonicWall NetExtender SYSTEM RCE) and CVE-2024-5921 (Palo Alto GlobalProtect RCE and Priv Esc), after our SANS HackFest presentation.๐งต
26.11.2024 11:17 โ ๐ 6 ๐ 5 ๐ฌ 1 ๐ 1