We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

PreAuth RCE Chains on an MDM - KACE SMA

4
 Cite
 Share
 Download
 Purchase
No logo availableDEF CON
 Hofmann, Jeffrey

Formal Metadata

Title
PreAuth RCE Chains on an MDM - KACE SMA
Title of Series
Number of Parts
85
Author
Contributors
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
MDM solutions are, by design, a single point of failure for organizations. MDM appliances often have the ability to execute commands on most of the devices in an organization and provide an “instant win” target for attackers. KACE Systems Management Appliance is a popular MDM choice for hybrid environments. This talk will cover the technical details of 3 preauthentication RCE as root chains on KACE SMA and the research steps taken to identify the individual vulnerabilities used.