Threat Watch

Working Spectre Exploit Found on VirusTotal

On March 1, 2021, security researcher Julien Voisin documented his findings on two samples uploaded to VirusTotal that appear to exploit the hardware vulnerability CVE-2017-5753, also known as Spectre. In early 2018 Google’s Project Zero documented two vulnerabilities that exposed weaknesses in the speculative execution features found in Intel, AMD, and ARM processors. Based on the information found in VirusTotal, these samples appear to be featured exploits in Immunity’s Canvas penetration testing framework.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

While the inclusion of exploits for years-old vulnerabilities into legitimate red team operational tools comes as no surprise, the leaking of this tool will pose some problems. If researchers have access to this exploit, adversaries will likely have access to it as well. While many systems should have received automatic firmware upgrades through operating system updates, administrators should seek out any older systems (2015 or older) without the patch and take action to remediate quickly.

Reference:

https://www.bleepingcomputer.com/news/security/working-windows-and-linux-spectre-exploits-found-on-virustotal/

https://dustri.org/b/spectre-exploits-in-the-wild.html

https://www.bleepingcomputer.com/tag/spectre/

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support