Talk 11:00 - 11:45 August 09, 2020

Mehmet D. Ince

@mdisec

Most security products require to be placed in the heart of the organization's IT configuration. Even though we are highly paranoid and security aware about every single third party tool that we include in our IT structure; we lose these concerns when it comes to security products. We forget to see that even though these are security products in their nature; they are not necessarily secure in terms of their operation; despite the fact that they require much more permission than any other software. In this talk, I will take you through the steps of vulnerability research, which attack vectors were more promising than the others, which critical vulnerabilities were easier to find, how was the exploiting phase and much more. To do that, I will be using one of my 0day remote code execution exploit that targets Trend Micro Web Security product, which uses a combination of 3 different vulnerabilities to gain RCE as a case-study.