1 |
http://fail0verflow.com/blog/2012/cve-20... |
CVE-2012-0217: Intel's sysret Kernel Privilege Escalation (on FreeBSD) |
05-07-2012 |
iZsh |
FreeBSD |
Sysret; CVE-2012-0217 |
2 |
https://media.blackhat.com/bh-us-12/Brie... |
Stitch In Time Saves Nine: A Stitch In Time Saves Nine: A Case Of Multiple OS Vulnerability |
25-07-2012 |
Rafal Wojtczuk |
- |
Sysret; CVE-2006-0744, CVE-2012-0217 |
3 |
http://www.vupen.com/blog/20120806.Advan... |
Advanced Exploitation of Windows Kernel Intel 64-Bit Mode Sysret Vulnerability (MS12-042) |
06-08-2012 |
Jordan Gruskovnjak |
Windows |
Sysret; CVE-2012-0217 |
4 |
http://www.vupen.com/blog/20120904.Advan... |
Advanced Exploitation of Xen Hypervisor Sysret VM Escape Vulnerability |
04-09-2012 |
Matthieu Bonetti |
- |
Sysret; CVE-2012-0217 |
5 |
http://blog.azimuthsecurity.com/2013/04/... |
Unlocking the Motorola Bootloader |
08-04-2013 |
Dan Rosenberg |
TrustZone, Android |
N/A |
6 |
http://blog.cr4.sh/2015/02/exploiting-ue... |
Exploiting UEFI boot script table vulnerability |
06-02-2015 |
Dmytro (Cr4sh) Oleksiuk |
UEFI |
N/A |
7 |
https://googleprojectzero.blogspot.de/20... |
Exploiting the DRAM rowhammer bug to gain kernel privileges |
09-03-2015 |
Mark Seaborn, Thomas (Halvar Flake) Dullien |
DRAM |
Rowhammer, N/A |
8 |
https://blog.exodusintel.com/2016/02/10/... |
EXECUTE MY PACKET |
10-02-2016 |
David Barksdale, Jordan Gruskovnjak, Alex Wheeler |
Cisco ASA |
N/A |
9 |
http://blog.cr4.sh/2016/02/exploiting-s... |
Exploiting SMM callout vulnerabilities in Lenovo firmware |
24-02-2016 |
Dmytro (Cr4sh) Oleksiuk |
SMM |
N/A |
10 |
http://theroot.ninja/disclosures/SAMDUNK... |
eMMC backdoor leading to bootloader unlock on Samsung Galaxy Devices |
26-03-2016 |
Sean (beaups) Beaupre |
eMMC |
N/A |
11 |
https://bits-please.blogspot.de/2016/04... |
Exploring Qualcomm's Secure Execution Environment |
26-04-2016 |
laginimaineb |
TrustZone |
N/A |
12 |
https://bits-please.blogspot.de/2016/05... |
QSEE privilege escalation vulnerability and exploit (CVE-2015-6639) |
02-05-2016 |
laginimaineb |
QSEE |
CVE-2015-6639 |
13 |
https://bits-please.blogspot.de/2016/05... |
War of the Worlds - Hijacking the Linux Kernel from QSEE |
05-05-2016 |
laginimaineb |
QSEE |
CVE-2015-6639 |
14 |
http://esec-lab.sogeti.com/posts/2016/0... |
SMM unchecked pointer vulnerability |
30-05-2016 |
Bruno |
SMM |
N/A |
15 |
https://bits-please.blogspot.de/2016/06... |
TrustZone Kernel Privilege Escalation (CVE-2016-2431) |
15-06-2016 |
laginimaineb |
TrustZone |
CVE-2016-2431 |
16 |
http://blog.cr4.sh/2016/06/exploring-an... |
Exploring and exploiting Lenovo firmware secrets |
28-06-2016 |
Dmytro (Cr4sh) Oleksiuk |
SMM |
N/A |
17 |
https://bits-please.blogspot.de/2016/06... |
Extracting Qualcomm's KeyMaster Keys - Breaking Android Full Disk Encryption |
30-06-2016 |
laginimaineb |
TrustZone |
N/A |
18 |
https://mjg59.dreamwidth.org/48429.html |
Intel's remote AMT vulnerablity |
01-05-2017 |
mjg59 |
Intel AMT |
N/A |
19 |
https://googleprojectzero.blogspot.de/2... |
Trust Issues: Exploiting TrustZone TEEs |
24-07-2017 |
Gal Beniamini |
TrustZone |
N/A |
20 |
https://blog.exodusintel.com/2017/07/26/broadpwn/ |
BROADPWN: REMOTELY COMPROMISING ANDROID AND IOS VIA A BUG IN BROADCOM’S WI-FI CHIPSETS |
26-07-2017 |
Nitay Artenstein |
Broadcom |
N/A |
21 |
http://gsec.hitb.org/materials/sg2017/W... |
Intel AMT. Stealth breakthrough |
xx-08-2017 |
Ermolov, Evdokimov, Malyutin |
Intel AMT |
CVE-2017-5689 |
22 |
https://www.pnfsoftware.com/blog/firmwa... |
FIRMWARE EXPLOITATION WITH JEB: PART 1 |
20-08-2017 |
HUGO GENESSE |
Router Firmware |
N/A |
23 |
https://www.pnfsoftware.com/blog/firmwa... |
FIRMWARE EXPLOITATION WITH JEB: PART 2 |
22-08-2017 |
HUGO GENESSE |
Router Firmware |
N/A |
24 |
https://www.pnfsoftware.com/blog/firmwa... |
FIRMWARE EXPLOITATION WITH JEB PART 3: REVERSING THE SMARTRG’S SR505N |
28-08-2017 |
HUGO GENESSE |
Router Firmware |
N/A |
25 |
http://blog.ptsecurity.com/2017/08/disa... |
Disabling Intel ME 11 via undocumented mode |
28-08-2017 |
Mark Ermolov, Maxim Goryachy |
Intel ME |
N/A |