For the fourth time in a row, RandoriSec sponsored Hexacon, an offensive security event in Paris. Around ten researchers from RandoriSec attended the conference.
As usual, you can find a quick review of the talks we attended.
Exploiting the Undefined: PWNing Firefox - Tao Yan & Edouard Bochin (Settling its Promises)
Tao Yan and Edouard Bochin, from Palo Alto, explained how they managed to find and exploit a bug they used for Pwn2Own 2025 in Berlin.
Based on their knowledge and experience, they have decided to look at the Promise API of the Firefox web browser.
It is a well-known API in all browsers. The Promises API offers the ability to execute functions asynchronously, that introduce a bunch of bug possibilities. This time they have found an Out-Of-Bound Write, but the write only happen if the destination is NULL, which can be a thing for the exploitation. Finally, they manage to transform the bug into a Use after Free (UaF), and coming back on a normal browser exploitation setup that they explain very well. This talk is a nice introduction to discover the browser exploitation world, with even a good example of the “demo effect”, successfully managed.
ReVault! Compromised by Your Secure SoC - Philippe Laulheret (Cisco Talos)
This talk went into research done on a hardware component found on Dell’s laptops: the ControlVault3+. This component is used as a secure storage for authentication features and uses a Broadcom BCM5820X ARM chip. The host software, paired with this module, shows weak secure configuration (e.g. no ASLR on an NT AUTHORITY\SYSTEM process), making it an interesting target for local privilege escalation.
After a bit of research and fiddling, Philippe was able to communicate with the device and to decrypt the encrypted firmware file in the ControlVault3 bundle, thus starting the vulnerability research phase. This work yielded a few vulnerabilities, most notably an arbitrary free using function cv_close that can be leveraged into a stack-based buffer overflow using securebio_identify.
Then, it is possible to get code execution and leak the OTP keys on the secure module. These keys can be used to create a new update file with a valid signature and push it into devices using the cv_flash_update update feature.
Once the module is compromised, the speaker demonstrated a few paths to further escalate the impact. First, he used an unsafe deserialization due to the host software trusting data types from the module firmware. Leveraging this into a stack-based buffer overflow, it is possible to execute a reverse shell as NT AUTHORITY\SYSTEM thus gaining privileged access to the host operating system.
To push this even further, the talk showed that the ControlVault module uses a USB bus for connection with the host. Extracting the vulnerable module and breaking out the UHS port into a physical USB port, it can be tampered with, without user access, to the original host operating system. If the host uses features such as Windows Hello for user access, this can be used to bypass it.
This talk was a good example of how a system is only as secure as its weakest link, with some poorly designed firmware used by security features and communicating with a privileged process on the host operating system.
Where the Shells Land - Donncha Ó Cearbhaill (Head of the Security Lab at Amnesty International)
The speaker presented several case studies illustrating the exploitation of security vulnerabilities in real-world contexts, often linked to targeted surveillance of journalists, activists, and human rights defenders:
- Exploitation of Qualcomm zero-days: A vulnerability in the EdgeTPU kernel driver was used to gain root access on Android devices, enabling full data extraction. This flaw, identified by Google and Project Zero, was exploited in the wild before it was patched.
- Use of Cellebrite UFED: The forensic extraction tool was implicated in multiple cases, including that of an environmental activist living in the Sinai region and a Serbian student arrested in Belgrade. Sophisticated USB exploit chains were used to bypass device protections.
- Physical access attacks: Another case involved a Mexican journalist whose Android phone was infected after being temporarily confiscated by authorities. Forensic analysis revealed the use of an exploit to unlock the device without consent.
- Ethical and political implications: The presentation highlighted the sensitive nature of these techniques, particularly in the context of targeted surveillance using Pegasus and Predator spyware.
Key Issues Raised :
- Exploit proliferation: Vulnerabilities such as CVE-2022-30190 (Follina) and CVE-2023-23397 have been used by APT groups and cybercriminals, demonstrating the increasing reuse of exploits across threat actors.
- Need for collaboration: The speaker emphasized the importance of stronger cooperation between security researchers, software vendors, and institutions to prevent abuse and enhance system resilience.
Arise from the Wireless: Breaking the Security Barrier in Wi-Fi - Xiaobye (DEVCORE)
This was one of our favourite talks, Xiaobye made a deep dive into the Mediatek Wi-Fi stack. The Mediatek Wi-Fi architecture is a SoftMAC one, Management frames are processed by the kernel, this means that most of the meat resides in kernel land. The firmware, running an NDS32 core, process very few OTA frame. Despite that, Xiaobye managed to find and exploit a bug inside the firmware. Bugs which later was quickly patch. As the surface was not very thick, he decided to look at the WiFi-7 chip. The firmware was encrypted. Abusing the memory dump feature, he managed to get plaintext code. The instruction set was different (RISCV), a few instructions were customs one. Still, as the frame processing is done in the kernel, he started to audit the kernel driver code and found several issues. Most of the issues are Heap buffer overflow, but one was a frame injection, which led to an authentication bypass. He finished its presentation with a successful demo of a remote heap exploitation on a target, which was not using kASLR nor FREELIST_HARDENING. This was a really good talk, which gave an excellent overview of the Mediatek Wi-Fi implementation. He will be giving it at hardwear.io in November, if you missed it, go for it!
Breaking the Vault: USB Bugs and Bug Bounty Failures - Sergei Volokitin (Hexplot)
In this lighter talk, Sergei Volokitin explained how he exploited the Cypherock X1 hardware wallet.
This hardware wallet caught his attention because it is based on an interesting cryptographic algorithm: Shamir’s secret sharing (SSS). This is a secret sharing algorithm where the secret cannot be revealed unless a minimum number of the group’s members act together to reveal it. For the X1, the group members are 4 physical cards (X1 Cards) along with the main X1 Vault. Only when 2 parts are combined, the vault can be unlocked (i.e. the vault + 1 card). This has multiple advantages: you can split your cards into multiple secure locations, if a card is a lost or destroyed the wallet is not lost, …
The source code for the X1 is available on Github: https://github.com/Cypherock/x1_wallet_firmware
After skimming through the code, Sergei was able to quickly find a relatively trivial buffer overflow. The vulnerability is located in the USB packet parsing code responsible for the communication between the device and the desktop application: https://github.com/Cypherock/x1_wallet_firmware/blob/63b8b0f36e74efb3403e30f3c20eaac84513c6ca/common/interfaces/desktop_app_interface/usb_internals.c#L213-L215
Then, he was able to exploit it to dump the passphrase from the hardware wallet.
He promptly reported it to the vendor, which has its own Bug Bounty program. This is where things start to get pretty funky. The vendor was supposed to have a 90-days disclosure policy. A few days, weeks, months went by and Sergei still had no response. After a while, he started to perform some “out-of-band” reach (which was discouraged by the program’s guidelines, kind of a red flag). The company finally responded by saying that they already knew about the vulnerability, thus offering a pretty ridiculous bounty.
But after doing some basic OSINT, Sergei noticed some funny “coincidences”. He reported the vulnerability on the 4th of November. On the 5th of November, a commit on the open-source Github repository was pushed to fix the vulnerability: https://github.com/Cypherock/x1_wallet_firmware/commit/a31d1f8d71ae58c56947b7c525ee3a6761674d8e. He also noticed that his LinkedIn profile was visited by people from Cypherock a few days after he reported the vulnerability.
This is unfortunately a very common situation where companies try to exploit the work of talented security researchers, and it’s important to call them out like that.
As a nice conclusion, Sergei disclosed a couple of other bugs he found notably on the NFC stack of the device
NTLM reflection is dead, long live NTLM reflection: Story of an accidental Windows RCE - Wil (Synacktiv)
For nearly two decades, Windows has been plagued with NTLM reflection vulnerabilities, a special case of authentication relay that historically enabled local privilege escalation and remote command execution. After numerous patches, the security community assumed NTLM reflection was dead.
CVE-2025-33073 shatters that assumption, revealing a logical vulnerability in the Windows SMB client. While Microsoft classified it as an elevation of privilege vulnerability, Wilfried Bécard, a Synacktiv researcher, and his team argue it’s more accurately an authenticated remote code execution as SYSTEM on nearly any Windows machine without user interaction.
The vulnerability was discovered accidentally while testing authentication coercion with specially crafted DNS records containing marshalled target information (srv11UWhRCAAAAAAAAAAAAAAAAAAAAAAAAAAAAwbEAYBAAAA).
Network capture analysis revealed the attack triggered NTLM local authentication, a special mode where the server skips normal challenge-response verification. The root cause lies in how Windows processes these DNS records: after stripping the marshalled data, Windows incorrectly identifies the remaining hostname as the local machine. This causes the client to signal that local authentication should be used, and when tools like PetitPotam coerce the LSASS process (running as SYSTEM) to authenticate. The SYSTEM token gets handed directly to the attacker, granting full administrative privileges via SMB operations.
The vulnerability extends beyond NTLM to Kerberos through an undocumented behaviour. When processes running as SYSTEM or NETWORK SERVICE authenticate, Kerberos stores their authentication subkeys in a global list along with their security tokens. The server validates that the authentication came from the machine account and checks if a matching subkey exists with SYSTEM privileges. If validated, the server creates a SYSTEM token for the attacker, effectively granting complete control over the target machine.
The critical takeaway is that enforcing SMB signing would have prevented exploitation entirely, even before the vulnerability was discovered. This demonstrates the importance of defence-in-depth mitigation in Windows hardening, as proper SMB signing configuration provides protection against both known and unknown authentication relay vulnerabilities.
Inside Apple Secure Enclave Processor in 2025 - Quentin Salingue (Synacktiv)
This talk, presented by Quentin Salingue, covered The Secure Enclave Processor (SEP), which is Apple’s cryptographic coprocessor. This is used in iPhones (and other Apple devices) to handle sensitive operations such as encryption of user data, biometric authentication, key storage, etc. Public information in SEP is limited (and many sources are outdated), because Apple encrypts most of its firmware and keeps internal details closely guarded. The Secure Enclave is a dedicated secure subsystem integrated into Apple’s system on a chip (SoC), it is isolated from the main processor to provide an extra layer of security and is designed to keep sensitive user data secure even when the Application Processor kernel becomes compromised. The talk aimed to explore how Apple has evolved the SEP, what protections are and might be in place, and how the internal architecture works in 2025. It included Pointer Authentication Code (PAC) to prevent control-flow hijacking, SEP patches to fix potential vulnerabilities in the SEPROM and trusted Boot Monitor to ensure only the SEPROM code can execute at start.