NEWS > Research Blog

August 30, 2022
X41 Audited Backstage
X41 finished auditing the Backstage platform and releases the resulting report.
June 28, 2022
AnyZone - Delegated zones for every IP
AnyZone lets you easily get a delegated zone for testing purposes without touching zone files
June 14, 2022
Wrapping up Unikernel Security Research
As part of his master thesis Leonard Rapp analyzed the security of various popular unikernels. This blogpost is the last one in the unikernel series. It discusses some of the findings and draws a conclusion.
May 18, 2022
Missing or Weak Mitigations in Various Unikernels
Several security weaknesses and missing mitigations were discovered in various unikernel systems
March 31, 2022
Critical Vulnerabilities in Spring and Spring Cloud Function That Will Probably Make This Weekend Less Fun - Analysis and Overview
The popular Java Spring framework may be affected by multiple remote code execution (RCE) vulnerabilities.
March 09, 2022
RustyHermit Security Vulnerabilities & Missing Mitigations
The research unikernel RustHermit was further audited for security vulnerabilities and effectiveness of its mitigations.
January 18, 2022
Telenot Complex: Insecure AES Key Generation
CVE-2021-34600: How predictable random numbers (literally) open the door for attackers: Our discovery of a flaw in the generation of AES keys, used for both physical and remote access, in a popular alarm system's parameterization software. Includes a proof-of-concept for cloning NFC tags!
January 18, 2022
Advisory X41-2021-003: Telenot complex - Insecure AES Key Generation
The compasX parameterization software for complex alarm systems generated the AES keys used for both physical access control (via NFC tags) and remote management in an insecure fashion.
January 12, 2022
RustyHermit Missing Memory Protections
The research unikernel RustyHermit lacks of several memory protection mechanisms which significantly ease attacks on vulnerable applications
December 14, 2021
X41 D-Sec GmbH Thetanuts.Finance Public Security Review
X41 D-Sec GmbH ("X41") - a research driven IT-Security company - released a public audit report of the Thetanuts.Finance smart contracts.
May 25, 2021
nginx DNS Resolver Off-by-One Heap Write Vulnerability
An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer.
May 03, 2021
QR Code reconstruction
Reconstructing a QR Code from partially censored images.
January 28, 2021
Advisory X41-2021-001: Multiple Vulnerabilities in YARA
Luis Merino of X41 discovered multiple vulnerabilities in YARA
December 21, 2020
Microsoft Exchange Remote Code Execution - CVE-2020-16875
The patch for CVE-2020-16875 in Microsoft Exchange can bypassed to gain remote code execution again.
October 06, 2020
Pro-bono Pentests for COVID-19-related Apps & Software
COVID-19 pro-bono program finished
September 22, 2020
Decompressing Xamarin DLLs
Solving a small decompression challenge during an audit
July 15, 2020
bspatch strikes back
The tale of a forgotten bug in bspatch.
July 09, 2020
Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch
Luis Merino of X41 discovered an unpatched vulnerability in some bspatch upstream and some forks
June 18, 2020
Advisory X41-2020-002: Multiple Vulnerabilities in Psyprax 3.1.2.2
Eric Sesterhenn of X41 discovered multiple vulnerabilities in psyprax 3.1.2.2
June 15, 2020
Vulnerabilities and Coordinated Disclosure
How X41 deals with coordinated disclosure in light of recent vulnerabilities found in medical software
Background Image