::: left till the conference

LPE in Ring -3 / Intel ME

45 min
Main Stage

This talk is about the exploitation of bugs in the ME system component through the IPC mechanism. To escalate our privileges, we have to get arbitrary access to the file system’s objects, bypass the integrity checks of the launched modules and metadata with access rights attributes, and launch a custom module to read/write to the host system’s memory.

Dima Turchenkov
Other Reports
Hardware Zone
Zigbee wireless protocol
Defensive Track
CVEhound: check Linux sources for known CVEs
Main Stage
Apache 0day bug, which still nobody knows of, and which was fixed accidentally