SlowMist Chief Information Security Officer: Suspected Privilege Escalation Vulnerability at an Exchange Due to API Permission Control Issues

Bitget App

Trade smarter

ForesightNews2025/07/25 05:12

Show original

According to Foresight News, 23pds, Chief Information Security Officer at SlowMist, tweeted that a certain exchange carried out an API v3 upgrade on June 30, and he suspects that an issue with API permission controls led to a privilege escalation vulnerability. The reasons are as follows: the withdrawals were split into multiple transactions, and it is clear that there were nine malicious users involved. "Therefore, it is highly likely that the vulnerability was caused by the mixed use of old and new APIs, resulting in permission control or logic issues that were exploited by malicious actors."

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops

Lock your assets and earn 10%+ APR

Lock now!

Trending news

The Federal Reserve's overnight reverse repurchase agreement (RRP) usage was $756.1 million on Friday.

Data: In the past 24 hours, total liquidations across the network reached $288 millions, with long positions liquidated for $163 millions and short positions for $125 millions.