Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)

Update June 9, 2020: As of June 2020, CVE 2020-0796 was highlighted once again and too hot in the wild as it gave “SMBGhost pre-auth RCE abusing Direct Memory Access structs”. A researcher published a presentation of the same in his/her tweet entailed below. CISA said “Although Microsoft disclosed and provided updates for this vulnerability … Continue reading “Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)”

Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)

Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The vulnerability affects Windows 10 and Windows Server 2016/2019 systems. This is a serious vulnerability and patches should be applied immediately. An attacker could … Continue reading “Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)”

Microsoft Released Out-of-Band Security Updates

Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities – The Internet Explorer remote code execution vulnerability (CVE-2019-1367) and Microsoft Defender Denial of Service Vulnerability (CVE-2019-1255). According to the Microsoft advisory CVE-2019-1367, the Internet Explorer scripting engine vulnerability has been exploited in active attacks in the wild. Users are advised to manually update … Continue reading “Microsoft Released Out-of-Band Security Updates”

Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)

Cisco published an update for Cisco IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of Cisco REST API virtual service container. The security issue is tracked as CVE-2019-12643 and has received a maximum severity rating score of 10 based … Continue reading “Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)”

Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch

In the August 2019 Patch Tuesday release, Microsoft disclosed 7 RDP Vulnerabilities, out of which 4 are labeled as critical and 3 as important. All the critical vulnerabilities exist in Remote Desktop Services – formerly known as Terminal Services – and do not require authentication or user interaction. To exploit the vulnerabilities, an attacker would need to … Continue reading “Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch”

Cisco ASA Shadow Brokers Exploit – CVE-2016-6366

Cisco recently released an advisory for Cisco ASA (Adaptive Security Appliance) SNMP Remote Code Execution Vulnerability. (cisco-sa-20160817-asa-snmp) The vulnerability allows the attacker to obtain full control of the system when crafted SNMP packets are sent to the affected system using SNMP community string. All supported versions of SNMP (v1, v2c, and 3) are affected by … Continue reading “Cisco ASA Shadow Brokers Exploit – CVE-2016-6366”