Arista Firewall XSS to RCE Chain
Arista NG Firewalls: researchers confirm real-world RCE risk and incomplete patches. Learn impact, affected setups, and mitigation steps.
Our blog post on the Arista XSS to RCE chain is now live! We withheld exploit details because the root cause has not been fully mitigated. Patch now if you haven't already, disable your captive portal to reduce the likelihood of exploitation, and stay tuned for new vulns to be disclosed soon!
05.12.2025 09:17 β π 0 π 0 π¬ 0 π 0
My team confirmed that recently disclosed Arista NGFW vulnerabilities are fully exploitable! RCE is possible with victim interaction. More details coming soon to our blog: bishopfox.com/blog
04.12.2025 11:48 β π 2 π 2 π¬ 0 π 0
Vulnerability Discovery with LLM-Powered Patch Diffing
Read our most recent research to see how LLMs can assist in scaling patch diffing workflows, saving valuable time in a crucial race against attackers.
Just published a new blog about using LLMs to accelerate patch diffing! We developed a semi-automated analysis workflow and benchmarked four high-impact vulns using a few different Claude models. Check out how they performed!
16.08.2025 16:54 β π 0 π 0 π¬ 0 π 0
YouTube video by DistrictCon - Live stream Here for day 2
DistrictCon 2025 Day 1 Talk 3 - Reverse Engineering Sonicwall Firmware Jon Williams, Caleb Gross
The DistrictCon talk @noperator.bsky.social and I gave on decrypting SonicWall NSv firmware is up on YouTube now: www.youtube.com/watch?v=FIYK...
19.03.2025 14:54 β π 0 π 0 π¬ 0 π 0
DISTRICTCON
Friday - Saturday, Feb 21-22, 2025
Yours Truly Hotel, Washington DC
Tearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryption with Jon Williams and Caleb Gross
Donβt miss @br4inde4d.bsky.social and @noperator.bsky.social presenting: βTearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryptionβ at @districtcon.bsky.social Feb 21 at 1:30p.m. And stop by our Coffee Cart for βοΈ & convo! More: bishopfox.com/events/bisho...
#SonicWall #firewall
17.02.2025 16:12 β π 2 π 1 π¬ 0 π 0
YouTube video by Bishop Fox
SonicWall CVE-2024-53704: SSL VPN Session Hijacking
They got me on camera to talk about my recent SonicWall exploit π
11.02.2025 23:55 β π 2 π 0 π¬ 0 π 0
SonicWall CVE-2024-53704: SSL VPN Session Hijacking
Security researchers have exploited CVE-2024-53704, an authentication bypass affecting the SSL VPN component of unpatched SonicWall firewalls. Watch demo!
As promised, our blog post on CVE-2024-53704, a session hijacking vulnerability affecting the SSL VPN component of SonicWall firewalls, has been updated to include full exploitation details. Check it out!
10.02.2025 20:24 β π 1 π 0 π¬ 0 π 0
Successfully exploited SonicWall CVE-2024-53704, allowing active SSL VPN sessions to be hijacked on affected firewalls. We'll be withholding details for a while because there are still thousands of vulnerable appliances on the public internet.
17.01.2025 18:14 β π 0 π 0 π¬ 0 π 0