Apparently AMD's AutoUpdate downloads the updates over HTTP and executes them without any validation (presumably as SYSTEM user). AMD was notified of the vulnerability but according to them "attack requiring physical access to victim's computer/device, man in the middle or compromised user accounts" are out of scope.
More digital technologies bring greater convenience and efficiency, but also expand the attack surface and increase security risks. In the light of this, EU’S #CyberResilienceAct introduces requirements pertaining to vulnerability disclosure and mitigation. Jukka Ruohonen and Paul Timmers examine the act’s details and sketch out the directions for future research.
Read their paper “Vulnerability Coordination under the Cyber Resilience Act,” now available at https://www.acigjournal.com/Vulnerability-Coordination-under-the-Cyber-Resilience-Act,213350,0,2.html
🌐 Applied Cybersecurity & Internet Governance (#ACIG) is published by #NASK – National Research Institute
Jukka Ruohonen, Paul Timmers, “Vulnerability Coordination under the Cyber Resilience Act.” At the top of the image the logos of ACIG and NASK can be seen. At the bottom there is a tagline “New article.”
Several months ago, I found a #vulnerability from #MantisBT - Authentication bypass for some passwords due to PHP type juggling (CVE-2025-47776).
Any account that has a password that results in a hash that matches ^0+[Ee][0-9]+$ can be logged in with a password that matches that regex as well. For example, password comito5 can be used to log in to the affected accounts and thus gain unauthorised access.
The root cause of this bug is the incorrect use of == to match the password hash:
This vulnerability has existed in MantisBT ever since hashed password support was added (read: decades). MantisBT 2.27.2 and later include a fix to this vulnerability. https://mantisbt.org/download.php