{"vulnerability": "CVE-2021-32471", "sightings": [{"uuid": "5372f479-b5f9-4259-8477-193e3081a022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32471", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3364", "content": "#Research\n\"Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine\", 2021.\n\n]-> Arbitrary Code Execution in the Universal Turing Machine\" as per CVE-2021-32471:\nhttps://github.com/intrinsic-propensity/turing-machine", "creation_timestamp": "2021-05-14T11:02:31.000000Z"}, {"uuid": "62245259-e69e-4017-88f5-a957efedf4ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32471", "type": "published-proof-of-concept", "source": "https://t.me/auraxchan/9208", "content": "l+f: Undiscovered for 54 years - mother of all security vulnerabilities.\n\nThe reference implementation of the blueprint of all computers - the universal Turing machine - contains a critical bug. What does this mean for our IT?\n\nThe universal Turing machine (UTM) is considered the simplest blueprint for today's computers. A full 54 years after the publication of Minsky's reference implementation of such a UTM, a researcher is now uncovering a security flaw in it: By feeding the UTM with specially prepared data, an attacker could inject and execute arbitrary code of his own into the Turing machine.\n\nThe fact that such a flaw could sneak into the simplest possible implementation of a computer and remain undetected there for so long is disturbing. 54 years - that alone could be a record. In any case, MITRE has now given the vulnerability the entry CVE-2021-32471.\n\nPontus Johnson of the KTH Royal Institute of Technology in Stockholm describes the details in \"Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine\", where he also discusses whether this is even a fundamental problem for all computers. Of course, he also discusses the controversy of \"von Neumann versus Harvard architecture\" and finally ends up with the notorious Weird Machines. In their frequency, he ultimately sees the root of the problem - just like researchers like Thomas Dullien aka Halvar Flake.\n\nHowever, we make it clear at this point that the title of the report is meant purely prosaically. In particular, the discoverer explains that the security hole now found has no real consequences. So the world will end - but certainly not today.\n\n11/05/2021\nhttps://www.heise.de/news/l-f-44-Jahre-unentdeckt-Mutter-aller-Sicherheitsluecken-entdeckt-6043359.html", "creation_timestamp": "2021-05-17T22:41:56.000000Z"}, {"uuid": "1728baf4-85ce-4d17-949e-d5d802d66c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32471", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}]}