˼¿ÆÇå¾²Æô¶¯Ó²¼þ¸Ä¶¯ThrangrycatÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-05-17

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1649£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖм¶£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º6.7£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1862£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ß¼¶£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.2£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾

CVE-2019-1649

Ö§³ÖTAmµÄ100¶à¿î˼¿Æ²úÆ·


CVE-2019-1862

ÔËÐÐIOS XE°æ±¾16ÇÒÆôÓÃÁËHTTP Server¹¦Ð§µÄ˼¿Æ×°±¸


Îó²î¸ÅÊö


Ñо¿Ö°Ô±ÔÚ˼¿Æ²úÆ·Öз¢Ã÷ÁËÒ»¸öÎó²î£¬£¬£¬£¬£¬£¬£¬¿Éµ¼Ö¹¥»÷ÕßÔÚÆóÒµºÍÕþ¸®ÍøÂçÖеĴó×Ú×°±¸Èç·ÓÉÆ÷¡¢½»Á÷»úºÍ·À»ðǽÉÏÖ²È볤ÆÚºóÃÅ¡£¡£¡£¡£Õâ¸öÎó²î±»ÃüÃûΪ¡°Thrangrycat¡±£¨¡°ÈýÖ»ÄÕÅ­µÄ衱£©£¬£¬£¬£¬£¬£¬£¬ÓÉÇå¾²¹«Ë¾Red Baloon·¢Ã÷ÇÒ±àºÅΪCVE-2019-1649£¬£¬£¬£¬£¬£¬£¬Ó°ÏìÖ§³ÖÐÅÈÎêµãÄ£¿£¿£¿é(TAm)µÄ¶à¿î˼¿Æ²úÆ·¡£¡£¡£¡£


ƾ֤Çå¾²³§ÉÌRed BalloonµÄ±¨¸æ£¬£¬£¬£¬£¬£¬£¬ThrangrycatÎó²îÊÇÓÉ˼¿ÆÐÅÈÎêģ¿£¿£¿é£¨TAm£©ÖеÄÓ²¼þÉè¼ÆȱÏÝÒýÆðµÄ¡£¡£¡£¡£Ë¼¿ÆTAmÊÇ×Ô2013ÄêÒÔÀ´ÏÕЩÔÚËùÓÐ˼¿ÆÆóÒµ×°±¸ÖÐʵÏֵĻùÓÚÓ²¼þµÄÇå¾²Æô¶¯¹¦Ð§£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚÈ·±£ÔÚÓ²¼þƽ̨ÉÏÔËÐеĹ̼þÊÇÕæʵÇÒδ¾­Ð޸ĵġ£¡£¡£¡£¸ÃÎó²îÊÇÓÉÓÚ¶Ô´úÂëÇøÓòµÄ²»×¼È·¼ì²éÔì³ÉµÄ£¬£¬£¬£¬£¬£¬£¬¸Ã´úÂëÇøÓòÖÎÀíÇå¾²Æô¶¯Ó²¼þµÄFPGAÍâµØ¸üС£¡£¡£¡£¹¥»÷Õßͨ¹ýÐÞ¸ÄFPGA±ÈÌØÁ÷£¬£¬£¬£¬£¬£¬£¬¿É½«¶ñÒâ¹Ì¼þдÈë¸Ã×é¼þ£¬£¬£¬£¬£¬£¬£¬´Ó¶øÆÆËðÇå¾²Æô¶¯Àú³Ì²¢Ê¹Ë¼¿ÆµÄÐÅÈÎÁ´´Ó»ù´¡ÉÏÎÞЧ¡£¡£¡£¡£ÕâÒ»Ð޸ľßÓг¤ÆÚÐÔ£¬£¬£¬£¬£¬£¬£¬¿ÉÔÚºóÐøµÄÆô¶¯Àú³ÌÖнûÓÃÐÅÈÎ꣬£¬£¬£¬£¬£¬£¬Ò²¿É½ûÓÃÖ®ºóµÄTAmÈí¼þ¸üС£¡£¡£¡£


ÓÉÓÚʹÓøÃÎó²îÐèÒª¾ßÓиùȨÏÞ£¬£¬£¬£¬£¬£¬£¬Òò´Ë˼¿ÆÐû²¼Ç徲ͨ¸æÌåÏÖ£¬£¬£¬£¬£¬£¬£¬Ö»ÓоßÓжÔÄ¿µÄϵͳÎïÆÊÎö¼ûȨÏÞµÄÍâµØ¹¥»÷Õ߲ŻªÔÚ×é¼þÖÐдÈë¾­Ð޸ĵĹ̼þ¾µÏñ¡£¡£¡£¡£


È»¶ø£¬£¬£¬£¬£¬£¬£¬Red BalloonÑо¿Ö°Ô±Ö¸³ö£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÒ²ÄÜÁ´½ÓÆäËüȱÏÝÔ¶³ÌʹÓÃThrangrycatÎó²î£¬£¬£¬£¬£¬£¬£¬´Ó¶ø»ñÈ¡¸ùȨÏÞ»òÕßÖÁÉÙÒÔ¸ùÉí·ÝÖ´ÐÐÏÂÁî¡£¡£¡£¡£


ΪÁËÑÝʾ¸Ã¹¥»÷£¬£¬£¬£¬£¬£¬£¬Ñо¿Ö°Ô±Åû¶ÁË»ùÓÚwebµÄ˼¿ÆIOS²Ù×÷ϵͳµÄÓû§½Ó¿ÚRCEÎó²îCVE-2019-1862£¬£¬£¬£¬£¬£¬£¬¿Éµ¼ÖÂÒѵǼµÄÖÎÀíÔ±ÒÔ¸ùȨÏÞÔÚÊÜÓ°Ïì×°±¸µÄµ×²ãLinux shellÉÏÖ´ÐÐí§ÒâÏÂÁî¡£¡£¡£¡£


»ñµÃ¸ù»á¼ûȨÏ޺󣬣¬£¬£¬£¬£¬£¬¶ñÒâÖÎÀíÔ±Äܹ»Ê¹ÓÃThrangrycatÎó²îÔ¶³ÌÈƹýÄ¿µÄÉè±¹ØÁ¬ÄTAm£¬£¬£¬£¬£¬£¬£¬²¢×°ÖöñÒâºóÃÅ¡£¡£¡£¡£


Ñо¿Ö°Ô±ÌåÏÖ£¬£¬£¬£¬£¬£¬£¬Í¨¹ýÁ´½ÓThrangrycatºÍÔ¶³ÌÏÂÁî×¢ÈëÎó²î£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÄܹ»Ô¶³Ì²¢³¤ÆÚµØÈƹý˼¿ÆµÄÇå¾²ÆôÄîÍ·ÖƲ¢Ëø¶¨ËùÓÐTAmµÄδÀ´Èí¼þ¸üС£¡£¡£¡£

Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º


CVE-2019-1649

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot


CVE-2019-1862

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-webui#fshttps://thrangrycat.com/


²Î¿¼Á´½Ó


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-webui#fshttps://thrangrycat.com/
https://thehackernews.com/2019/05/cisco-secure-boot-bypass.html