FortiJump Higher, Pishi, and Breaking Control Flow Flattening

This week, we dive into some changes to V8CTF, the FortiJump Higher bug in Fortinet's FortiManager, as well as some coverage instrumentation on blackbox macOS binaries via Pishi.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/263.html

[00:00:00] Introduction

[00:00:25] V8 Sandbox Bypass Rewards

[00:25:39] Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager [CVE-2024-47575]

[00:38:07] Pishi: Coverage guided macOS KEXT fuzzing.

[00:44:20] Breaking Control Flow Flattening: A Deep Technical Analysis

[00:55:10] Firefox Animation CVE-2024-9680 - Dimitri Fourny

[00:57:13] Internship Offers for the 2024-2025 Season

Podcast episodes are available on the usual podcast platforms:

-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063

-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt

-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz

-- Other audio platforms can be found at https://anchor.fm/dayzerosec

You can also join our discord: https://discord.gg/daTxTK9