Project Zero: FireEye security appliance Exploited by passing jar file through it

FireEye sell security appliances to enterprise and government customers. FireEye’s flagship products are monitoring devices designed to be installed at egress points of large networks, i.e. where traffic flows from the intranet to the internet.

Source: Project Zero: FireEye Exploitation: Project Zero’s Vulnerability of the Beast

All you need to do is send the jar in an email or get someone to visit a site with the jar on it and you can modify the bios and get access to their network information.

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

Leave a Reply