> Glad they were able to figure out the branding though.
That's pretty obviously something someone threw together in a few minutes after grabbing a few [0] random images from the internet. This isn't one of those exploit sites with more effort poured into marketing than the exploits themselves.
The vulnerability branding trend is stupid, but I'm not sure it's worse for communicating what you're talking about than "CVE-2023-129038, 109239, and 120993" or "Those 5G vulnerabilities from uh I think 2022 or 2023? No not those, the other ones." Is there a better method?
I don't think it's stupid because I can't, off the top of my head, tell you the CVE number for Heartbleed, despite being very involved with it for a couple of weeks.
Heartbleed I remember, along with Spectre/Meltdown, but I couldn't name the weak exploits that turn out to be nothing burgers. Log4j could have used a brand though, imo.
They observed just crashes and they didn't try to research exploitability. Absent more details, and knowing the usual exploitability distribution of C crash bugs, this would seem in doubt still.
jdiff|2 years ago
That's pretty obviously something someone threw together in a few minutes after grabbing a few [0] random images from the internet. This isn't one of those exploit sites with more effort poured into marketing than the exploits themselves.
[0] https://www.flaticon.com/free-icon/ghost_1227567
coldpie|2 years ago
fragmede|2 years ago
Heartbleed I remember, along with Spectre/Meltdown, but I couldn't name the weak exploits that turn out to be nothing burgers. Log4j could have used a brand though, imo.
bryancoxwell|2 years ago
Not directly, but downgrading to LTE would almost certainly force a UE to expose its IMSI at least.
gafage|2 years ago
zapcto|2 years ago
fulafel|2 years ago
unknown|2 years ago
[deleted]