{"vulnerability": "CVE-2020-15048", "sightings": [{"uuid": "82637736-96f1-415b-adb7-3d4a189dd788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15048", "type": "seen", "source": "https://gist.github.com/sankethj/249a775d52cb74d54393c86738922910", "content": "", "creation_timestamp": "2025-10-07T03:56:54.000000Z"}, {"uuid": "b61ad3e4-0a5f-4ea4-9546-5e91c6838b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15048", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1749", "content": "#Offensive_security\n1. Collection of various techniques to bypass Linux Kernel Address Space Layout Randomization (KASLR) and retrieve the kernel base virtual address on x86/x86_64 architectures as an unprivileged local user\nhttps://github.com/bcoles/kasld\n2. Espressif ESP32: Bypassing Flash Encryption (CVE-2020-15048)\nhttps://raelize.com/blog/espressif-systems-esp32-bypassing-flash-encryption", "creation_timestamp": "2023-02-25T05:56:12.000000Z"}, {"uuid": "ad2c0698-7a0e-4f0f-be70-29d41e47176a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15048", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1764", "content": "#Red_Team_Tactics\n1. Bypassing Flash Encryption by leveraging a design weakness (CVE-2020-15048) in combination with EMFI\nhttps://raelize.com/posts/espressif-systems-esp32-bypassing-flash-encryption\n2. Run as SYSTEM using Evil-WinRM\nhttps://malicious.link/post/2020/run-as-system-using-evil-winrm", "creation_timestamp": "2024-05-08T02:57:25.000000Z"}]}