Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment. Multiple organizations, operating systems and products were affected by the DNSpooq vulnerability. Attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks on affected … Continue reading “DNSpooq vulnerability (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)”
SAP Solution Manager Missing Authentication Vulnerability (CVE-2020-6207)
Tracked as CVE-2020-6207, an age-old critical vulnerability with a CVSS score of 10 has come into the limelight at the start of 2021. The vulnerability belongs to SAP Solution Manager version 7.2 (March 2020), for which SAP released a patch in March 2020. SolMan is a centralized application used to manage on-premises, hybrid, and cloud … Continue reading “SAP Solution Manager Missing Authentication Vulnerability (CVE-2020-6207)”
Zend Framework Remote Code Execution vulnerability (CVE-2021-3007)
Zend Framework, used by developers to build object-oriented web applications, consists of PHP packages installed millions of times all over the globe. The framework along with Laminas Project is vulnerable to untrusted deserialization, leveraging attacker’s ability to exploit it to gain Remote Code Execution (RCE) on vulnerable PHP sites. Tracked as CVE-2021-3007 and rated high-risk, … Continue reading “Zend Framework Remote Code Execution vulnerability (CVE-2021-3007)”
Zero Days In-the-Wild Series (CVE-2020-6418, CVE-2020-0938, CVE-2020-1020, CVE-2020-1027)
On January 12, 2021, Google Project Zero published a six-part report on hacking operation targeted for Windows and Android devices. Exploit servers in the hacking operation contained 4 Google chrome vulnerabilities, 2 sandbox escape exploits and publicly known privilege escalation n-day exploits. Of these, 4 were still zero-day at the time of its discovery. Following … Continue reading “Zero Days In-the-Wild Series (CVE-2020-6418, CVE-2020-0938, CVE-2020-1020, CVE-2020-1027)”
Backdoor Account in Zyxel Products (CVE-2020-29583)
On December 23rd, 2020, Zyxel published an advisory for a hardcoded credential vulnerability. More than 100,000 Zyxel firewalls, access point controllers and VPN gateways are prone to this vulnerability. Vulnerability Details Zyxel firewalls and AP controllers contain hardcoded admin-level backdoor account, which can grant attackers root access to devices via either the SSH interface or … Continue reading “Backdoor Account in Zyxel Products (CVE-2020-29583)”
SUPERNOVA – SolarWinds Orion API Authentication Bypass Vulnerability (CVE-2020-10148)
SolarWinds has multiple Orion Platform products as a suite of infrastructure and system monitoring and management. SolarWinds Orion API is vulnerable to authentication bypass, which can allow an attacker to remotely execute arbitrary API commands. SolarWinds Orion API is embedded into the Orion Core and is used to interface with all SolarWinds Orion Platform products. … Continue reading “SUPERNOVA – SolarWinds Orion API Authentication Bypass Vulnerability (CVE-2020-10148)”
Privilege Escalation in Microsoft Windows (Zero-Day)
In June, Microsoft released a patch for a vulnerability in Windows Kernel (CVE-2020-0986), which was fixed with a patch. However, attackers could still exploit this vulnerability using a different methodology (CVE-2020-17008). CVE-2020-0986 – Old Vulnerability An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. This flaw was … Continue reading “Privilege Escalation in Microsoft Windows (Zero-Day)”
URGENT/11 – Programmable Logic Controllers Vulnerabilities (CVE-2019-12255,CVE-2019-12260, CVE-2019-12261, CVE-2019-12263, CVE-2019-12265, CVE-2019-12259, CVE-2019-12264, CVE-2019-12262, CVE-2019-12258, CVE-2019-12257, CVE-2019-12256)
URGENT/11 is a set of vulnerabilities that affects operational technology (OT) devices and CDPwn of Cisco devices, which was reported by the IoT security firm – Armis. Despite fixes being delivered in 2019, Armis researchers observed that 97% of the OT devices impacted by URGENT/11 and 80% of devices affected by CDPwn were vulnerable/unpatched. Ben … Continue reading “URGENT/11 – Programmable Logic Controllers Vulnerabilities (CVE-2019-12255,CVE-2019-12260, CVE-2019-12261, CVE-2019-12263, CVE-2019-12265, CVE-2019-12259, CVE-2019-12264, CVE-2019-12262, CVE-2019-12258, CVE-2019-12257, CVE-2019-12256)”
SolarWinds Backdoor Supply Chain Attack
On December 8, 2020, FireEye disclosed the theft of their Red Team assessment tools. FireEye has confirmed that the attack leveraged trojanized updates to the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. Communications at U.S.Treasury and Commerce Departments were also compromised by a highly skilled manual supply chain … Continue reading “SolarWinds Backdoor Supply Chain Attack”
Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks
AMNESIA:33 is a study published by Forescout Research Labs under Project Memoria. The study consists of a report on 33 new vulnerabilities found in TCP/IP stacks used by multiple IoT, OT and IT device vendors. AMNESIA:33 affects multiple open-source TCP/IP stacks, which means a single vulnerability tends to spread easily and silently across multiple codebases, … Continue reading “Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks”
