Overview Recently, Oracle released its critical October update to patch CVE-2020-14882. Oracle WebLogic Server has now observed that attackers can now bypass this patch exposing an unauthenticated Remote Code Execution (RCE) vulnerability (CVE-2020-14750). As per CVE-2020-14750, unauthorized attackers can continue to bypass the WebLogic background login restrictions and control the server even after WebLogic is … Continue reading “Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability (CVE-2020-14750)”
Google Fixes Second Chrome Zero Day
Google released an update today for its Chrome web browser that patches ten security bugs. Google confirmed that the “stable channel” desktop Chrome browser is being updated to version 86.0.4240.183 across Windows, Mac, and Linux platforms. About the security bugs The Chrome team has issued updates for several security fixes. Among these security bugs, 7 … Continue reading “Google Fixes Second Chrome Zero Day”
Microsoft Windows Kernel Zero-Day Vulnerability Alert
Security researchers from Google’s Project Zero have disclosed a zero-day vulnerability yesterday (tracked as CVE-2020-17087) in the Windows operating system which is currently being exploited in the wild. According to Google’s Project Zero security researchers Mateusz Jurczyk and Sergei Glazunov, the bug allows an attacker to escalate their privileges in Windows. Attackers are abusing the … Continue reading “Microsoft Windows Kernel Zero-Day Vulnerability Alert”
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-14882)
Overview Recently, Oracle released the Critical Patch Update (CPU) for the critical RCE vulnerability (CVE-2020-14882). This vulnerability is discovered in the console component of WebLogic Server which is a product of Oracle Fusion Middleware. Successful exploitation of this flaw could result in taking complete control over vulnerable systems having network access. In this patch, two … Continue reading “Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-14882)”
Pulse Connect Secure Remote Code Execution via Uncontrolled Gzip Extraction (CVE-2020-8260)
On Oct 26th, 2020, Pulse issued a security advisory addressing multiple vulnerabilities of high severity in Pulse appliances. Among the multiple vulnerabilities, CVE-2020-8260 was identified as a Remote Code Execution vulnerability via Uncontrolled Gzip Extraction with a CVSSv3 base score of 7.2. Vulnerability Details: Security researchers Richard Warren and David Cash of NCC Group Research … Continue reading “Pulse Connect Secure Remote Code Execution via Uncontrolled Gzip Extraction (CVE-2020-8260)”
Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors
In the start of Oct 2020, Cybersecurity and Infrastructure Security Agency (CISA) published an advisory notifying about vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual property, economic, political, as well as military information. According to CISA, in the light of heightened tensions between U.S. and China, these vulnerabilities were … Continue reading “Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors”
Google Chrome Actively Attacked In the Wild
On October 20, 2020, Google Chrome issued an update announcement for the browser across all platforms. Google confirmed that the “stable channel” desktop Chrome browser is being updated to version 86.0.4240.111 across Windows, Mac, and Linux platforms. As per Google’s official sources, this urgent update will start rolling out over the coming few days or … Continue reading “Google Chrome Actively Attacked In the Wild”
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-16952)
On Oct 14th, 2020, Microsoft issued a security advisory addressing CVE-2020-16952, a Remote Code Execution vulnerability in Microsoft SharePoint Servers with a CVSS score of 7.3 and severity marked as Critical. Vulnerability Details: Security researcher Steven Seeley (mr_me) of the Qihoo 360 Vulcan Team discovered and reported the Authenticated Remote Code Execution vulnerability (CVE-2020-16952). This … Continue reading “Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-16952)”
SonicWall VPN Portal Buffer Overflow Vulnerability (CVE-2020-5135)
Overview On 14th October 2020, Tripwire VERT has published the finding of a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). An unauthenticated HTTP request via a custom protocol handler can exploit this vulnerability. Security researcher Craig Young reported this vulnerability. Description A persistent Denial of Service (DoS) condition and potentially arbitrary code execution is possible by sending a crafted HTTP request to the SonicOS firewall. The vulnerability can be exploited without authentication and insecure SSLVPN that is exposed … Continue reading “SonicWall VPN Portal Buffer Overflow Vulnerability (CVE-2020-5135)”
HP Device Manager Multiple Vulnerabilities (CVE-2020-6925, CVE-2020-6926, CVE-2020-6927)
Overview On 25 September 2020, HP released an advisory to address multiple vulnerabilities (CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927) in the HP Device Manager. Successful exploitation of these vulnerabilities could lead to dictionary attacks, unauthorized remote access to resources, and elevation of privilege. Description CVE-2020-6925 – This vulnerability exists due to weak cipher implementation in HP Device Manager. It may allow dictionary attacks against locally managed accounts in … Continue reading “HP Device Manager Multiple Vulnerabilities (CVE-2020-6925, CVE-2020-6926, CVE-2020-6927)”
