Rusty pearls: Postgres RCE on cloud databases

Presented at DEF CON 33 (2025), Aug. 8, 2025, 5:30 p.m. (20 minutes).

In this session, we will delve into CVE-2024-10979, discovered by Varonis Threat Labs, and explain how it can be exploited to execute arbitrary code on cloud-hosted databases. Join us to gain insights into this significant Remote Code Execution (RCE) vulnerability and learn strategies for defending and testing managed databases for vulnerabilities. References: - [link](https://www.varonis.com/blog/cve-postgresql-pl/perl)

Presenters:

• Tal "TLP" Peleg
  Tal Peleg, also known as TLP, is a senior security researcher and cloud security team lead at Varonis. He is a full-stack hacker with experience in malware analysis, Windows domains, SaaS applications, and cloud infrastructure. His research is currently focused on cloud applications and APIs.
• Coby Abrams
  Coby Abrams is a cloud security researcher at Varonis, specializing in Azure and IaaS research, and in-depth overviews of various services. He brings over five years of experience in various types of security research.

Similar Presentations:

• DEF CON 32 (2024) / Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2024-38021
• A New HOPE (2022) / Combating "Ransom-War:" Evolving Landscape of Ransomware Infections in Cloud Databases
• DEF CON 32 (2024) / Atomic Honeypot: A MySQL Honeypot That Drops Shells