Earlier this year, Qualys discovered a heap-based buffer overflow in Sudo, named ‘Baron Samedit’ (CVE-2021-3156). Baron Samedit A vulnerability in the command line parameter parsing code of Sudo could allow an attacker with access to Sudo to execute commands or binaries with root privileges. Baron Samedit is exploitable by any local user (normal users and … Continue reading “Aruba AirWave Web-Based Management Interface Stored Cross Site Scripting (XSS) Vulnerability (CVE-2021- 37715)”
Confluence Server OGNL injection Vulnerability (CVE-2021-26084)
On 31st August 2021, a critical remote code execution vulnerability was found in Confluence Server and Confluence Data Center. The vulnerability is tracked as CVE-2021-26084 and has a severity of 9.8. The OGNL (Object-Graph Navigation Language) injection vulnerability found allows an authenticated user, and in some instances unauthenticated users, to execute arbitrary code on a … Continue reading “Confluence Server OGNL injection Vulnerability (CVE-2021-26084)”
ProxyShell – A New Attack Surface on Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)
The Proxyshell vulnerability was discovered by Orange Tsai, a security researcher at Devcore, in the Pwn2Own hacking contest, April 2021. ProxyShell is chained with three bugs – CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. CVE-2021-34473: Pre-auth Path Confusion that leads to ACL bypass CVE-2021-34523: Elevation of Privilege on Exchange PowerShell Backend CVE-2021-31207: Post-auth Arbitrary-File-Write leads to Remote Code … Continue reading “ProxyShell – A New Attack Surface on Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)”
Pulse Connect Secure Remote Code Execution Patch Bypass Vulnerability (CVE-2021-22937)
In the first week of August, Pulse Secure published an advisory and patches for vulnerability, CVE-2021-22937. This is a post-authentication, distant codification execution (i.e.,Remote Code Execution) vulnerability that exists on Pulse Connect Secure virtual backstage web (i.e.,VPN) appliances. This vulnerability, classified as CWE-434 and a CVSSv3 of 9.1, is an uncontrolled archive extraction vulnerability that … Continue reading “Pulse Connect Secure Remote Code Execution Patch Bypass Vulnerability (CVE-2021-22937)”
Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era
In July 2021, Cybersecurity and Infrastructure Security Agency (CISA), together with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI), published an advisory notifying about the top 30 vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual … Continue reading “Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era”
Sequoia – Linux’s Filesystem Layer Local Privilege Escalation Vulnerability (CVE-2021-33909)
The Qualys Research Team has discovered a size_t-to-int type conversion vulnerability in the Linux Kernel’s filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration. The Linux file system interface is implemented as a layered architecture, separating the user … Continue reading “Sequoia – Linux’s Filesystem Layer Local Privilege Escalation Vulnerability (CVE-2021-33909)”
Google Chrome Zero-Day Type Confusion Vulnerability (CVE-2021-30563)
Another zero-day vulnerability of Google Chrome was in the news in mid-July 2021. The zero-days prior to this one were as follows: CVE-2021-21148 – February 4th, 2021 CVE-2021-21166 – March 2nd, 2021 CVE-2021-21193 – March 12th, 2021 CVE-2021-21206 – April13th, 2021 CVE-2021-21220 – April 13th, 2021 CVE-2021-21224 – April 20th, 2021 CVE-2021-30551 – June 9th, … Continue reading “Google Chrome Zero-Day Type Confusion Vulnerability (CVE-2021-30563)”
Windows DNS Server Out-of-Bounds Write to Remote Code Execution Vulnerability (CVE-2021-26897)
According to Microsoft Security Bulletin published on March 09, 2021, seven vulnerabilities concerning Microsoft’s DNS server were corrected. These vulnerabilities, identified as CVE-2021-26877, CVE-2021-26897, CVE-2021-26893, CVE-2021-26894 and CVE-2021-26895, are considered critical. Among these, two allow a denial of service, while the five others allow an execution of remote arbitrary code. By default, DNS servers are … Continue reading “Windows DNS Server Out-of-Bounds Write to Remote Code Execution Vulnerability (CVE-2021-26897)”
Kaseya REvil Ransomware Attack
Kaseya, a Florida-based software provider, stated that their businesses have been impacted by the ransomware attack last Friday, on July 2. According to the dark web blog, the REvil gang, also known as Sodinokibi, has asked for a payout of $70 million to unlock what it claims to be “more than a million systems.” The ransom … Continue reading “Kaseya REvil Ransomware Attack”
Microsoft Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527)
A zero-day exploit which allows authenticated users with a regular Domain User account to gain full SYSTEM-level privileges was observed on June 29, 2021 on a fully patched Windows system. Named PrintNightmare and tracked as CVE-2021-34527, was disclosed by MS on July 1, 2021. PrintNightmare (CVE-2021-34527) is a vulnerability that allows an attacker with a … Continue reading “Microsoft Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527)”