Earlier this year, Qualys discovered a heap-based buffer overflow in Sudo, named ‘Baron Samedit’ (CVE-2021-3156). Baron Samedit A vulnerability in the command line parameter parsing code of Sudo could allow an attacker with access to Sudo to execute commands or binaries with root privileges. Baron Samedit is exploitable by any local user (normal users and … Continue reading “Aruba AirWave Web-Based Management Interface Stored Cross Site Scripting (XSS) Vulnerability (CVE-2021- 37715)”
Author: Neelam Kadbane
ProxyShell – A New Attack Surface on Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)
The Proxyshell vulnerability was discovered by Orange Tsai, a security researcher at Devcore, in the Pwn2Own hacking contest, April 2021. ProxyShell is chained with three bugs – CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. CVE-2021-34473: Pre-auth Path Confusion that leads to ACL bypass CVE-2021-34523: Elevation of Privilege on Exchange PowerShell Backend CVE-2021-31207: Post-auth Arbitrary-File-Write leads to Remote Code … Continue reading “ProxyShell – A New Attack Surface on Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)”
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities
An old bug fixed by Cisco is again in the news for actively being exploited in the wild. Cisco had published an advisory cisco-sa-asaftd-xss-multiple-FCB3vPZe on 21st October 2020; to address the bug, CVE-2020-3580. About the Vulnerability This vulnerability exists due to insufficient validation of user-supplied input by the web service’s interface of an affected device. … Continue reading “Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities”
Microsoft Windows Privilege Escalation Vulnerability (CVE-2021-1732)
On the second Patch Tuesday of 2021, Microsoft published advisories to address 56 new security vulnerabilities. Of these, nine were rated as critical and one is actively exploited in the wild. Elevation of Privileges in Windows Kernel (CVE-2021-1732) This bug is in the Windows Win32k operating system kernel. It allows a logged-in user to execute … Continue reading “Microsoft Windows Privilege Escalation Vulnerability (CVE-2021-1732)”
Zero Days In-the-Wild Series (CVE-2020-6418, CVE-2020-0938, CVE-2020-1020, CVE-2020-1027)
On January 12, 2021, Google Project Zero published a six-part report on hacking operation targeted for Windows and Android devices. Exploit servers in the hacking operation contained 4 Google chrome vulnerabilities, 2 sandbox escape exploits and publicly known privilege escalation n-day exploits. Of these, 4 were still zero-day at the time of its discovery. Following … Continue reading “Zero Days In-the-Wild Series (CVE-2020-6418, CVE-2020-0938, CVE-2020-1020, CVE-2020-1027)”
Backdoor Account in Zyxel Products (CVE-2020-29583)
On December 23rd, 2020, Zyxel published an advisory for a hardcoded credential vulnerability. More than 100,000 Zyxel firewalls, access point controllers and VPN gateways are prone to this vulnerability. Vulnerability Details Zyxel firewalls and AP controllers contain hardcoded admin-level backdoor account, which can grant attackers root access to devices via either the SSH interface or … Continue reading “Backdoor Account in Zyxel Products (CVE-2020-29583)”
Privilege Escalation in Microsoft Windows (Zero-Day)
In June, Microsoft released a patch for a vulnerability in Windows Kernel (CVE-2020-0986), which was fixed with a patch. However, attackers could still exploit this vulnerability using a different methodology (CVE-2020-17008). CVE-2020-0986 – Old Vulnerability An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. This flaw was … Continue reading “Privilege Escalation in Microsoft Windows (Zero-Day)”
Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks
AMNESIA:33 is a study published by Forescout Research Labs under Project Memoria. The study consists of a report on 33 new vulnerabilities found in TCP/IP stacks used by multiple IoT, OT and IT device vendors. AMNESIA:33 affects multiple open-source TCP/IP stacks, which means a single vulnerability tends to spread easily and silently across multiple codebases, … Continue reading “Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks”
VMware Zero-day flaw in Multiple Products
On November 23, 2020, VMware released an Advisory addressing a zero-day flaw in multiple products. In the initial advisory, VMware has released a workaround to address the critical vulnerability that affects multiple VMware Workspace One components. Later, VMware released security updates to fix the zero-day flaw. CVE-2020-4006 It’s a command injection vulnerability that could allow … Continue reading “VMware Zero-day flaw in Multiple Products”
VMware Multiple Vulnerabilities (VMSA-2020-0026)
On November 19, 2020, VMware published an advisory addressing critical vulnerabilities in various VMware products. VMware has evaluated the severity of CVE-2020-4004 to be “Critical” with a maximum CVSSv3 base score of 9.3. The severity of CVE-2020-4005 has been evaluated to be “Important” with a maximum CVSSv3 base score of 8.8. Affected VMware Products VMware … Continue reading “VMware Multiple Vulnerabilities (VMSA-2020-0026)”