← back
CVE-2019-9768

CVE-2019-9768

EPSS 11.7%
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/152182/Canarytokens-2019-03-01-Detection-Bypass.htmlunverifiedcve_referencewww.exploit-db.com/exploits/46589/unverifiedexploitdbwww.exploit-db.com/exploits/46589unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/152182/Canarytokens-2019-03-01-Detection-Bypass.htmlhttps://github.com/thinkst/canarytokens/issues/35https://www.exploit-db.com/exploits/46589/