AsherDLL

Phantom DLL hijacking vulnerabilities in Iconics Suite - CVE-2023-6061

By Asher Davila and Malav Vyas, Palo Alto Networks Researchers

Iconics Suite is a collection of software tools and solutions primarily focused on automation, building management, manufacturing, and industrial applications. It offers a range of functionalities including:

• SCADA (Supervisory Control and Data Acquisition): Provides real-time monitoring and control of industrial, infrastructure, and facility-based processes.

• HMI (Human-Machine Interface): Offers interactive interfaces for operators to monitor and manage industrial and building automation systems.

AsherDLL

Binary Ninja Python API Cheat Sheet

This is a work in progress by someone who is learning about Binary Ninja.

References

• https://api.binary.ninja/binaryninja.binaryview-module.html
• https://gist.github.com/psifertex/6fbc7532f536775194edd26290892ef7

Metadata Details

Get database name

AsherDLL

Vulnerabilities found on Arcadyan Routers

The two vulnerabilities were found by Asher Davila L. in Arcadyan wireless modems with model number VRV9506JAC23. It is probable that they are also present in other Arcadyan models as well because their web interfaces are similar and they have common features. The following are the two found vulnerabilities:

• CVE-2020-9420: Cleartext transmission of sensitive information
• CVE-2020-9419: Stored cross-site scripting

In combination, these vulnerabilities pose a significant risk: Malicious users on the network can sniff wireless modem user credentials. They can then use the sniffed credentials to access the web interface and inject persistent malicious scripts into it. It is recommended that users contact their ISPs to request a router that implements the usage of secure protocols such as HTTPS instead of HTTP.

According to [Shodan](h