A team of researchers has disclosed the details of the timing vulnerability named Raccoon attack in TLS 1.2 and earlier versions. This is a server-side vulnerability that exploits a TLS specification side-channel. Successful exploitation of the vulnerability could lead an attacker to break the encryption and read sensitive communication. In a paper published by Raccoon, … Continue reading “OpenSSL Raccoon Vulnerability”
VPN Vulnerabilities Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA), with contributions from the Federal Bureau of Investigation (FBI), has published a report detailing nefarious activities originating in Iran, targeting several U.S. agencies. Pioneer Kitten and UNC757 were named as malicious actors in the report. Using various tactics, techniques and procedures (TTPs), it was reported that the affected … Continue reading “VPN Vulnerabilities Exploited in the Wild”
Microsoft Windows Netlogon Privilege Escalation Vulnerability (CVE-2020-1472)
A severe bug identified as CVE-2020-1472 with a criticality of 10 is being exploited publicly in the wild. This bug can take over Windows Servers running as Domain Controllers with domain-level privileges from a remote unauthenticated user. A Dutch team, collectively known as Secura, has published an exploit on Github with a technical writeup. According … Continue reading “Microsoft Windows Netlogon Privilege Escalation Vulnerability (CVE-2020-1472)”
PAN-OS Buffer overflow vulnerability (CVE-2020-2040)
Within a span of three months, one more critical vulnerability with a score of 10.0 has been observed in PAN-OS devices. When a Captive Portal or Multi-factor authentication interface is enabled on PAN-OS devices, it is considered to be vulnerable to critical buffer overflow vulnerability. This vulnerability is classified as CWE-120 and assigned CVE-2020-2040, on … Continue reading “PAN-OS Buffer overflow vulnerability (CVE-2020-2040)”
WordPress File Manager Plugin Remote Code Execution Vulnerability
Overview: On 1st September 2020, researchers at Wordfence published a blog regarding a remote code execution vulnerability in WordPress File Manager plugin. Successful exploitation of this vulnerability allows unauthenticated remote attackers to execute commands and upload malicious files and shells on a target website. The vulnerability currently does not have any CVE assigned to it … Continue reading “WordPress File Manager Plugin Remote Code Execution Vulnerability”
Cisco Jabber for Windows Multiple Vulnerabilities (CVE-2020-3495)
Overview Cisco has addressed four vulnerabilities in Cisco Jabber for Windows. The most critical of these vulnerabilities, CVE-2020-3495, when exploited, allows an attacker to execute arbitrary code via a crafted chat message. Description Cisco Jabber is an instant messaging and video-conferencing application. Cisco Jabber uses the Chromium Embedded Framework (CEF) to embed a Chromium-based web … Continue reading “Cisco Jabber for Windows Multiple Vulnerabilities (CVE-2020-3495)”
Slack Remote Code Execution Vulnerability
Overview A critical remote code execution vulnerability was found in the Slack desktop application. Successful exploitation of this vulnerability gives attacker full control over the Slack desktop app and access to private channels, conversations, passwords, tokens, keys etc. Oskarsv, the security researcher who reported the vulnerability says “With any in-app redirect – logic/open redirect, HTML … Continue reading “Slack Remote Code Execution Vulnerability”
Cisco IOS XR DVMRP Memory Exhaustion Vulnerabilities
Cisco has released a security advisory on multiple memory exhaustion vulnerabilities in the Cisco IOS XR devices. These vulnerabilities allow an unauthenticated attacker to exhaust the process memory of an affected device. Vulnerabilities Description: Distance Vector Multicast Routing Protocol (DVMRP) is a protocol for multicast routing. The vulnerabilities exist in the DVMRP feature of Cisco … Continue reading “Cisco IOS XR DVMRP Memory Exhaustion Vulnerabilities”
Pulse Connect Secure And Policy Secure Code Injection Vulnerability (CVE-2020-8218)
On July 29th, 2020, Pulse issued a security advisory addressing multiple vulnerabilities in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) with severity marked as High. Among the multiple vulnerabilities, CVE-2020-8218 was identified as a Code Injection vulnerability with a CVSSv3 base score 7.2. Vulnerability Details: PPS is a standards-based and scalable NAC solution … Continue reading “Pulse Connect Secure And Policy Secure Code Injection Vulnerability (CVE-2020-8218)”
Apache HTTP2 Header Memory Corruption Vulnerability (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)
Summary Apache, officially known as Apache HTTP Server, is an open-source and free web server software that powers most of the websites around the world. Recently, one Critical and two High severity flaws were fixed in Apache httpd 2.4.44. These flaws were tracked as CVE-2020-9490, CVE-2020-11984, and CVE-2020-11993 – out of which, CVE-2020-9490 is the … Continue reading “Apache HTTP2 Header Memory Corruption Vulnerability (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)”