Vulnerabilities

CVE-2021-25424

June 17, 2021

Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user’s bluetooth device without user awareness.

Summary:

Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user’s bluetooth device without user awareness.

Reference Links(if available):

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=6

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Tags: CVE, CVE-2021-25424, MISC, Vendor Advisory, vulnerability

CVE-2021-25424

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

CACTUS Ransomware Victim: https://www[.]saglobal[.]com/

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

CACTUS Ransomware Victim: https://www[.]saglobal[.]com/