Big thanks to NAV for sponsoring this event!
- 17:00-17:15 Food
- 17:15-18:00 Finding a three 0-day exploit chain in Ivanti EPMM and Ivanti Sentry, Tor E. Bjørstad and Erlend Leiknes, mnemonic
- 18:15-19:00 Testing race conditions has never been faster, Sofia Lindqvist, Binary Security
Finding a three 0-day exploit chain in Ivanti EPMM and Ivanti Sentry
During the summer of 2023, a team at mnemonic discovered three 0-day vulnerabilities in Ivanti Endpoint Protection Manager Mobile (EPMM, formerly known as Mobileiron Core) and Ivanti Sentry.
- CVE-2023-35078: authentication bypass in Ivanti EPMM, CVSS 9.8
- CVE-2023-35081: path traversal / arbitrary file write in Ivanti EPMM, CVSS 7.2
- CVE-2023-38035: authentication bypass in Ivanti Sentry, CVSS 9.8, allowing command execution as root.
All three vulnerabilities are listed in CISA's Known Exploited Vulnerabilities catalog, as they are known to have been exploited by threat actors in the wild. Ivanti has also confirmed that the vulnerabilities can be combined in an exploit chain.
In this talk we'll take a closer look at what actually happened.
Speakers
- Tor E. Bjørstad has spent his entire career in security and privacy. For the last decade he has worked as a principal security consultant at mnemonic, based in Oslo. He has mainly focused on software security and security architecture, with a particular interest in society-critical infrastructure. Tor holds a Ph.d. in cryptography from the University of Bergen.
- Erlend Leiknes, a security consultant at mnemonic as, Oslo, spends his days as a penetration tester. His professional motto is that most vulnerabilities are obvious, the endeavor is to look at the right places. Erlend holds a master's degree in technical societal safety from University of Stavanger.
TESTING RACE CONDITIONS HAS NEVER BEEN FASTER
Historically, testing for race condition vulnerabilities in web apps has been a painful ordeal, likely making race conditions an under-explored attack vector. In the summer of 2023, groundbreaking research by James Kettle completely changed the game, suddenly making it much easier for pentesters (and attackers) to test for this type of vulnerability. In this talk I will show how race conditions work, how to test for them and how to protect against them, based off an example vulnerability I found during a recent pentest.
Speaker
Sofia Lindqvist, security specialist, Binary Security
Sofia works as a security specialist at Binary Security. She started her career with a PhD in pure maths, followed by three years at Cisco developing one of their networking OSs. She eventually made her way into security testing, which she has been doing for a year and a half.