YoVDO

How Embedded TCP-IP Stacks Breed Critical Vulnerabilities

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Embedded Systems Courses IPv6 Courses Vulnerability Analysis Courses Dynamic Analysis Courses Static Analysis Courses

Course Description

Overview

Explore the rise of critical vulnerabilities in embedded TCP/IP stacks in this 37-minute Black Hat conference talk. Delve into the reasons behind the recent discovery of long-standing vulnerabilities, examining their direct, unauthenticated, and cross-perimeter network exposure. Learn about dynamic and static analysis techniques used to uncover these issues, and understand the types of vulnerabilities found, including heap buffer overflows and IPv6 extension header vulnerabilities. Gain insights from real-world examples, analyze the consequences of these vulnerabilities, and discover valuable lessons learned from the research conducted by security experts Amine Amri, Stanislav Dashevskyi, Daniel dos Santos, and Jos Wetzels.

Syllabus

Introduction
Overview
Prior vulnerabilities
Dynamic and static analysis
Positive results
Vulnerability analysis
Initial vulnerabilities
Vulnerability types
Cpip stack
ipv6 extension headers
destination options extension header
heap buffer overflow
highlevel overview
proof of concept
lessons learned
examples
consequences


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube