Ronen Shustin (@Ronenshh)

Title	Vulnerabilities	Programs	Authors
SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts	AI Cloud Kubernetes Privilege Escalation Missing Authentication	SAP	Hillai Ben-Sasson (@Hillai) Shir Tamari (@Shirtamari) Nir Ohfeld (@Nirohfeld) Sagi Tzadik (@Sagitz_) Ronen Shustin (@Ronenshh)
#BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services	Cloud RCE Container Escape Kubernetes Privilege Escalation Lateral Movement Supply Chain Attack Cross-Tenant Vulnerability	Alibaba	Ronen Shustin (@Ronenshh) Shir Tamari (@Shirtamari)
Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential for unauthorized database access	Cloud SQL Injection Privilege Escalation Information Disclosure	IBM	Ronen Shustin (@Ronenshh) Shir Tamari (@Shirtamari)
Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL	Cross-Tenant Vulnerability Privilege Escalation Authentication Bypass Cloud	Microsoft	Shir Tamari (@Shirtamari) Ronen Shustin (@Ronenshh) Nir Ohfeld (@Nirohfeld) Sagi Tzadik (@Sagitz_)
Inside the Black Box \| How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities	DoS Memory Corruption	Microsoft	Kasif Dekel (@Kasifdekel) Ronen Shustin (@Ronenshh)
Pwning Microsoft Azure Defender for IoT \| Multiple Flaws Allow Remote Code Execution for All	RCE Memory Corruption SQL Injection	Microsoft	Kasif Dekel (@Kasifdekel) Ronen Shustin (@Ronenshh)

Page 1 of 1