One of the research was able to access the Facebook internal system by exploiting a vulnerability (Haworth, 2020). The research able to find an vulnerability within the Mobile Device Management (MDM) software and used that to gain access to the Facebook internal system. The researcher had find a bug within the MDM in 2018 which he reported and used that same bug to gain access to the Facebook system. MDM company was using older version of Apache Groovy library. This was a critical vulnerability since the research was able to gain access remotely. The researcher has reported this finding and MDM company has patched this issue.
References:
Haworth, J. 2020. Internal Facebook systems exposed via unpatched Apache library. Retrieved from: https://portswigger.net/daily-swig/internal-facebook-systems-exposed-via-unpatched-apache-library
Leave a Reply
You must be logged in to post a comment.