It's a blog post I should have published months ago, but here we finally are.
-
It's a blog post I should have published months ago, but here we finally are.
"CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP"
Credit goes to t0zhang (on X) for the discovery.
https://itm4n.github.io/cve-2025-59201-ncsi-eop/I'd like to write more of those but it's so time-consuming.
-
It's a blog post I should have published months ago, but here we finally are.
"CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP"
Credit goes to t0zhang (on X) for the discovery.
https://itm4n.github.io/cve-2025-59201-ncsi-eop/I'd like to write more of those but it's so time-consuming.
@itm4n That's a very cool patch analysis, the detective work is crazy on this one! Also seeing an analysis of another type of vulnerability than memory corruption is very refreshing
-
@itm4n That's a very cool patch analysis, the detective work is crazy on this one! Also seeing an analysis of another type of vulnerability than memory corruption is very refreshing
@CravateRouge Hey! Merci.
Yes, there are many interesting vulnerabilities like this that get patched each month. It's too bad they are generally not documented publicly. I have another one in store from the January 2026 Patch Tuesday. Hopefully, I'll be able to figure it out and publish a writeup as well.
-
R relay@relay.infosec.exchange shared this topic
-
@CravateRouge Hey! Merci.
Yes, there are many interesting vulnerabilities like this that get patched each month. It's too bad they are generally not documented publicly. I have another one in store from the January 2026 Patch Tuesday. Hopefully, I'll be able to figure it out and publish a writeup as well.
@itm4n Hope you will!
