Unknown Vulnerabilities – Responsibilities of the Finder

18. February 2020

The security analysts of usd HeroLab frequently discover previously unknown security vulnerabilities in products as part of their daily work. For these zero-day vulnerabilities, no security patches (corrective changes applied to the product to remedy security gaps) have been made or released yet. It is therefore essential to use any knowledge of such vulnerabilities responsibly to support manufacturers in finding timely solutions and close critical entry points for potential attackers.

Read the full article on the usd website.

RESPONSIBLE DISCLOSURE | SECURITY ADVISORIES | SECURITY RESEARCH | ZERO-DAY VULNERABILITIES

Also interesting:

Security Advisory for CleverReach

Jul 26, 2022

The analysts at usd HeroLab examined CleverReach as part of their security analyses. This revealed a vulnerability in the Authentication Bypass Using an Alternate Path or...

Security Advisories for CA Harvest

Jul 11, 2022

The analysts at usd HeroLab examined CA Harvest Software Change Manager as part of their security analyses. This revealed a vulnerability in the CSV export functionality, which...

Security Advisories for Vodafone Station

Jun 17, 2022

usd HeroLab analysts have identified vulnerabilities in the software of Vodafone station routers that allowed an unauthenticated user with access to the network to make changes...