Dell Technologies published an advisory on June 24, 2021 notifying customers of a set of vulnerabilities that can be combined to impersonate Dell.com and take control of the target devices’ boot process to break OS-level security controls. The vulnerabilities affect a wide range of Dell systems. Dell recommends that all customers update to the latest … Continue reading “Dell Client Platform BIOSConnect and HTTPS Boot Multiple Vulnerabilities (DSA-2021-106, CVE-2021-21571, CVE-2021-21572, CVE-2021-21573, CVE-2021-21574)”
Author: Dhiren Vaghela
SonicWall Buffer Overflow Vulnerability (SNWLID-2021-0006, CVE-2021-20019)
Tracked as CVE-2021-20019, a vulnerability was observed in SonicOS where the HTTP server response leaks partial memory by sending a crafted unauthenticated HTTP request. This can potentially lead to an internal sensitive data disclosure vulnerability. The shortcoming was rectified in an update rolled out to SonicOS on June 22. However, there is no evidence that … Continue reading “SonicWall Buffer Overflow Vulnerability (SNWLID-2021-0006, CVE-2021-20019)”
Google Chrome Zero-Day Use-After-Free Vulnerability (CVE-2021-30554)
The seventh zero-day of Google Chrome was talk of the town in mid-June 2021, two weeks after the sixth zero-day was observed in the wild. The earlier six zero-days were: CVE-2021-21148 – February 4th, 2021 CVE-2021-21166 – March 2nd, 2021 CVE-2021-21193 – March 12th, 2021 CVE-2021-21220 – April 13th, 2021 CVE-2021-21224 – April 20th, 2021 … Continue reading “Google Chrome Zero-Day Use-After-Free Vulnerability (CVE-2021-30554)”
Microsoft Windows June 2021 Zero-day Vulnerabilities
On June 2021 Patch Tuesday, Microsoft addressed 50 vulnerabilities; and out of these, 5 were critical and 45 were important bugs. 3 vulnerabilities were previously known, and 6 are being actively exploited by attackers. The 6 exploited vulnerabilities are: CVE-2021-31955, CVE-2021-31956, CVE-2021-33739, CVE-2021-33742, CVE-2021-31199, & CVE-2021-31201. CVE-2021-31955 and CVE-2021-31956 are Windows Kernel Information Disclosure vulnerability … Continue reading “Microsoft Windows June 2021 Zero-day Vulnerabilities”
Google Chrome Zero-day Type confusion Vulnerability
The sixth zero day of Google Chrome was talk of the town during the June 2021 Patch Tuesday. The earlier 5 zero days were: CVE-2021-21148 – February 4th, 2021 CVE-2021-21166 – March 2nd, 2021 CVE-2021-21193 – March 12th, 2021 CVE-2021-21220 – April 13th, 2021 CVE-2021-21224 – April 20th, 2021 Google states that they are “aware … Continue reading “Google Chrome Zero-day Type confusion Vulnerability”
Pulse Connect Secure Authenticated Arbitrary Code Execution Vulnerability (CVE-2021-22908)
Pulse Connect Secure (PCS) gateway contains a buffer overflow vulnerability in Samba-related code that may allow authenticated remote attacker to execute arbitrary code. By performing certain SMB operations with a specially crafted server name, an authenticated attacker may be able to execute arbitrary code with root privileges on a vulnerable PCS server. PCS allows to … Continue reading “Pulse Connect Secure Authenticated Arbitrary Code Execution Vulnerability (CVE-2021-22908)”
Webmin Critical Security vulnerabilities (CVE-2021-31760, CVE-2021-31761, CVE-2021-31762)
Webmin is a web-based system administration tool for Unix-like servers, and services with over 1,000,000 installations worldwide. Using Webmin, you can configure operating system internals, such as users, disk quotas, services, or configuration files, as well as modify, and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and many more. … Continue reading “Webmin Critical Security vulnerabilities (CVE-2021-31760, CVE-2021-31761, CVE-2021-31762)”
Adobe Reader arbitrary code execution vulnerability (CVE-2021-28550)
Adobe has released security updates to address Out-of-Bounds Read, Out-of-Bounds Write, Type Confusion, use-after-free and Heap Overflow vulnerabilities. Among the vulnerabilities patched by Adobe, CVE-2021-28550 is a zero-day that needs immediate attention. CVE-2021-28550 is a Remote Code Execution vulnerability impacting Adobe Acrobat and Reader, and is being actively exploited in the wild on Windows devices. … Continue reading “Adobe Reader arbitrary code execution vulnerability (CVE-2021-28550)”
Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)
As a part of their usual process of Patch Tuesday, Microsoft has released patches to mitigate security flaws in products such as Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. A new Windows network Remote Code Execution (RCE) zero-day exploit – CVE-2021-31166, has been in the news since Patch Tuesday. … Continue reading “Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)”
21 Nails: Exim Mail Server Multiple Vulnerabilities
The Qualys Research Team (QRT) has discovered multiple vulnerabilities in the Exim mail server, some of the which can be chained together and have devastating impact via full remote unauthenticated code execution to gain root privileges. The name “21Nails” is a pun intended on vulnerabilities in a “Mail” transfer agent, corresponding to each CVE listed … Continue reading “21 Nails: Exim Mail Server Multiple Vulnerabilities”