Summary: Oracle’s April 2020 patch addresses, a critical flaw in Oracle WebLogic Server as CVE-2020-2883 that can be exploited by an unauthenticated user for remote code execution. It has got major attention as CVssV3 score is 9.8/10. Description: WebLogic is a Java-based middleware solution, with thousands of servers running online. It sits between a front-facing … Continue reading “Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-2883)”
Author: Dhiren Vaghela
Sophos XG-firewall SQL injection bug (CVE-2020-12271)
Summary: Amidst the global lockdown 2020, while the April month is about to end, a major security giant, Sophos was affected with SQL injection bug exploited in the wild, impacting its XG Firewall product. Sophos said it first learned of the zero-day on late Wednesday, April 22, after it received a report from one of … Continue reading “Sophos XG-firewall SQL injection bug (CVE-2020-12271)”
Autodesk FBX-SDK multiple vulnerabilities (CVE-2020-7080,CVE-2020-7081,CVE-2020-7082,CVE-2020-7083,CVE-2020-7084,CVE-2020-7085)
Summary: Multiple vulnerabilities were observed in software development kit (SDK) of Autodesk products. Applications and Services that utilize the Autodesk FBX-SDK Ver. 2020.0 or earlier can be impacted by buffer overflow, type confusion, use-after-free, integer overflow, NULL pointer dereference, and heap overflow vulnerabilities. Description: This Autodesk vulnerabilities have a high severity, which if exploited, would … Continue reading “Autodesk FBX-SDK multiple vulnerabilities (CVE-2020-7080,CVE-2020-7081,CVE-2020-7082,CVE-2020-7083,CVE-2020-7084,CVE-2020-7085)”
Google Chrome use-after-free Vulnerability (CVE-2020-6457)
Summary: In the headlines today, we have, Amidst the global lockdown, in the same week where Microsoft had confirmed seven critical vulnerabilities for Windows 10 users, Google has confirmed what it refers to as a critical security vulnerability. Google has not disclosed more details on the vulnerability, but independent cyber-security experts have dug into the … Continue reading “Google Chrome use-after-free Vulnerability (CVE-2020-6457)”
Apache ShardingSphere UI Remote Code Execution Vulnerability (CVE-2020-1947)
Summary: Recently, Apache ShardingSphereofficial release announcement of the 4.0.1 version. An authenticated attacker with default credentials can cause code execution when he/she submits a malicious yaml in the background management office. Classified as CWE-269, impacting confidentiality, integrity, and availability. Description: SnakeYAML library for parsing YAML inputs to load datasource configuration in ShardingSphere’s web console of … Continue reading “Apache ShardingSphere UI Remote Code Execution Vulnerability (CVE-2020-1947)”
Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)
Summary: An unusual buffer overflow vulnerability. that allows LPE was observed prior to April’s PT (patch-tuesday) in various Oracle Solaris platform. The researcher have published a POC publicly that was acclaimed by Oracle as well for CVE-2020-2944. Description: A buffer overflow in the _SanityCheck() function in the Common Desktop Environment version distributed with Oracle Solaris … Continue reading “Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)”
Fortinet FortiOS SSL VPN Multiple Cross-Site Scripting Vulnerabilities (CVE-2018-13379,CVE-2018-13380,CVE-2018-13381,CVE-2018-13382,CVE-2018-13383)
Summary: Amidst the global lock-down environment, hackers have come forward to use SSL VPN vulnerabilities and gets lucrative. Hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies., throughout the previous year (which already Qualys have protection covered) and again this time they have come up with FortiOS … Continue reading “Fortinet FortiOS SSL VPN Multiple Cross-Site Scripting Vulnerabilities (CVE-2018-13379,CVE-2018-13380,CVE-2018-13381,CVE-2018-13382,CVE-2018-13383)”
Deskpro multiple vulnerabilities information disclosure , privilege escalation to RCE (CVE-2020-11463,CVE-2020-11464,CVE-2020-11465,CVE-2020-11466,CVE-2020-11467)
Summary: In the first week of April, amidst of global lockdown environment, multiple vulnerabilities that includes information disclosure as well as privilege escalation that leads to remote code execution (RCE) were observed in Deskpro. These issues were classified into CWE-200 and CWE-269 that exists in Deskpro prior to 2019.8.0. The /api/email_accounts endpoint failed to properly … Continue reading “Deskpro multiple vulnerabilities information disclosure , privilege escalation to RCE (CVE-2020-11463,CVE-2020-11464,CVE-2020-11465,CVE-2020-11466,CVE-2020-11467)”
MacOS Catalina memory leakage vulnerability (CVE-2020-3847)
Summary: This time an out-of-bounds read vulnerability was observed in in macOS Catalina 10.15.3. that leads to memory leakage vulnerability. Description: The Vulnerability involved in this exploit is in the processing code of SDP (Service Discovery Protocol) data frames. This section briefly introduces the SDP frame, as follows: Image Source: 360 The first byte PDU … Continue reading “MacOS Catalina memory leakage vulnerability (CVE-2020-3847)”
Mozilla Firefox Critical use-after-free Vulnerabilities(CVE-2020-6819, CVE-2020-6820)
Summary: In the first week of April, amidst of global lockdown environment, Mozilla Foundation had to publish advisory 2020-11 for Mozilla Firefox and Mozilla Firefox Extended Support Release (ESR). Firefox gets fixes for two zero-days exploited in the wild. The frequency of exploiting browsers, particularly mozilla has been trending since the start of this year. … Continue reading “Mozilla Firefox Critical use-after-free Vulnerabilities(CVE-2020-6819, CVE-2020-6820)”
