BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.pass-the-salt.org//pts2026//speaker//GQXKTN
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-pts2026-XKQRMJ@cfp.pass-the-salt.org
DTSTART;TZID=CET:20260701T141500
DTEND;TZID=CET:20260701T145000
DESCRIPTION:CVE-2025-54068 exposed a critical vulnerability in Livewire\, a
  popular full-stack framework for Laravel\, enabling pre-authenticated rem
 ote command execution (RCE) by exploiting PHP’s weak typing and Livewire
 ’s hydration mechanism. According to GitHub\, Livewire was downloaded mo
 re than 74 million times\, making it one of the most used Laravel dependen
 cy ever.\n\nTraditionally\, Livewire protects its state with a checksum si
 gned by the application’s APP_KEY. However\, this vulnerability allowed 
 attackers to bypass the APP_KEY requirement entirely by smuggling synthesi
 zers through the updates mechanism\, effectively breaking the state synchr
 onization between server and browser.\n\nThe root cause lies in Livewire
 ’s component property update hydration process\, where recursive calls a
 nd improper context preservation enabled malicious payload injection. Expl
 oitation required only the target application’s URL\, making it accessib
 le to unauthenticated attackers. The vulnerability affected Livewire versi
 ons from 3.0.0-beta.1 up to 3.6.3\, and was patched in version 3.6.4.\n\nT
 his talk will detail the technical chain from weak typing to RCE\, demonst
 rate the exploit process\, discuss the hardening measures implemented by L
 ivewire to prevent similar issues in the future and more especially\, show
  the consequences being the publication of the associated proof of concept
  during the end of last year.
DTSTAMP:20260514T103517Z
LOCATION:Amphitheater 122
SUMMARY:CVE-2025-54068 : Deep dive into Livewire\, from weak typing to pre-
 authenticated remote command execution - Rémi Matasse (Security research\
 , Synacktiv)\, Pierre Martin (Security Researcher\, Depi)
URL:https://cfp.pass-the-salt.org/pts2026/talk/XKQRMJ/
END:VEVENT
END:VCALENDAR