Research Lab

Positive Technologies Research Team and SecurityLab are willing to cooperate with independent researches in the analysis of the discovered vulnerabilities, in contacts with software vendors and CVE Number Reservation process. The vulnerabilities will be published in sections "Laboratory" and PT-advisory. The name of the researches will be preserved.

Our disclosure policy: en.securitylab.ru/lab/disclosure-policy.php

PT-2017-12 - Intel
Severity:   ()
Vulnerability status:   Unpatched
:  
Vendor:   Intel
 
Timeline   26.07.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 84
Discovered by:
Maxim Goryachy, Mark Ermolov, Positive Research Center (Positive Technologies Company)
 
PT-2017-11 - ABB
Severity:   Medium (5.3) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   ABB
 
Timeline   02.04.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 199
Discovered by:
Ilya Karpov, Evgeniy Druzhinin, Damir Zainullin, Positive Research Center (Positive Technologies Company)
 
PT-2017-10 - Hirschmann
Severity:   Medium (6.5) (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   Hirschmann
 
Timeline   16.03.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 216
Discovered by:
Ilya Karpov, Evgeniy Druzhinin, Damir Zainullin, Positive Research Center (Positive Technologies Company)
 
PT-2017-09 - Hirschmann
Severity:   Medium (5.3) (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   Hirschmann
 
Timeline   16.03.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 216
Discovered by:
Ilya Karpov, Evgeniy Druzhinin, Damir Zainullin, Positive Research Center (Positive Technologies Company)
 
PT-2017-08 - Hirschmann
Severity:   Medium (4.2) (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   Hirschmann
 
Timeline   16.03.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 216
Discovered by:
Ilya Karpov, Evgeniy Druzhinin, Mikhail Tsvetkov, Damir Zainullin, Positive Research Center (Positive Technologies Company)
 
PT-2017-07 - Hirschmann
Severity:   High (7.5) (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   Hirschmann
 
Timeline   16.03.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 216
Discovered by:
Ilya Karpov, Evgeniy Druzhinin, Damir Zainullin, Positive Research Center (Positive Technologies Company)
 
Severity:   High (7.8) (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Vulnerability status:   Patched
Exploitation vector:   Local
Vendor:   Linux
Product:   Linux Kernel 4.10.x
 
Identifier:   PT-2017-06   Advisory published: 28.02.2017
CVE ID:   CVE-2017-2636   Fix issued: 10-03-2017
Discovered by:
Alexander Popov, Positive Research Center (Positive Technologies Company)
 
PT-2017-05 - RocketChat
Severity:   High (7.8) (AV:N/AC:M/Au:N/C:C/I:P/A:N)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   RocketChat
 
Timeline   20.02.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 240
Discovered by:
Mikhail Klyuchnikov, Positive Research Center (Positive Technologies Company)
 
PT-2017-04 - Kaspersky Labs
Severity:   High (7.0) (AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
Vulnerability status:   Unpatched
Exploitation vector:   Local
Vendor:   Kaspersky Labs
 
Timeline   27.01.2017 - Vendor gets vulnerability details
 
Days sinse vendor notification: 264
Discovered by:
Georgy Zaytsev, Positive Research Center (Positive Technologies Company)
 
Severity:   High (8.8) (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   GMV
Product:   Checker ATM Security
 
Identifier:   PT-2017-03   Advisory published: 18.01.2017
CVE ID:   CVE-2017-6968   Fix issued: 06-04-2017
Discovered by:
Georgy Zaytsev, Positive Research Center (Positive Technologies Company)