Treck IP stack implementations for embedded systems are affected by multiple zero-day vulnerabilities. Total 19 vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc have been discovered by the JSOF research lab, who calls them Ripple20. Treck TCP/IP Stack Treck IP network stack is designed for and used in a variety of embedded systems. The software is often licensed and integrated … Continue reading “Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack”
Kubernetes Kube-Controller-Manager Server Side Request Forgery (SSRF) Vulnerability
Summary: Kubernetes is an open source container orchestration system for automating application deployment, management and scaling. A security flaw was discovered and disclosed on June 1, 2020 in Kubernetes . A Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager. The vulnerability allows an attacker to users to leak up to 500 bytes of arbitrary … Continue reading “Kubernetes Kube-Controller-Manager Server Side Request Forgery (SSRF) Vulnerability”
Mozilla Firefox, Firefox ESR, and Thunderbird Security Updates
Overview: Mozilla has released a security advisory to address multiple vulnerabilities. By exploiting these vulnerabilities, an attacker could take control of a vulnerable system. In this security updates, Mozilla addressed total 8 vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Out of 8, five vulnerabilities flagged as High, one rated as Moderate, two rated as Low in severity. Timing … Continue reading “Mozilla Firefox, Firefox ESR, and Thunderbird Security Updates”
Cisco NX-OS IP-in-IP Information Disclosure vulnerability (CVE-2020-10136)
Summary: Multiple products such as Cisco, Digi, HP and such other were reported to be vulnerable to IP-in-IP packet processing vulnerability. CVE-2020-10136 and CWE-19 were assigned to the said vulnerability. Here we’ll share some information about the same for Cisco NX-OS devices. Description: An authentication is primary requirement to access this vulnerability. An unauthenticated attacker … Continue reading “Cisco NX-OS IP-in-IP Information Disclosure vulnerability (CVE-2020-10136)”
Microsoft Windows SMBv3 SMBleed Vulnerability (CVE-2020-1206)
Summary: Recently cyber-security researchers from Zecops disclosed a new critical vulnerability affecting SMB(Server Message Block)v3 protocol that may allow an attacker to leak kernel memory remotely, also when combined with a previously disclosed SMBGhost(CVE-2020-0796) bug, the flaw can further be exploited to achieve remote code execution on the target system.This issue was assigned under CVE-2020-1206. … Continue reading “Microsoft Windows SMBv3 SMBleed Vulnerability (CVE-2020-1206)”
Apache Tomcat Remote Code Execution Vulnerability(CVE-2020-9484)
Summary: Recently a new remote code execution vulnerability was disclosed for Apache Tomcat. Apache Tomcat is prone to by a Java deserialization vulnerability. However successful exploitation of this vulnerability requires the attacker to be able to upload an arbitrary file onto the server. This issue was assigned under CVE-2020-9484. Description: There are number of prerequisites … Continue reading “Apache Tomcat Remote Code Execution Vulnerability(CVE-2020-9484)”
Universal Plug and Play (UPnP) CallStranger Vulnerability(CVE-2020-12695)
Overview: On 8 June 2020, A new vulnerability has been disclosed in public domain for Universal Plug and Play (UPnP). The vulnerability has been given a name CallStranger. Exploitation of this bug, could result into exfiltration of data, distributed denial of service (DDoS) attack or scanning your network etc. Universal Plug and Play (UPnP) is a … Continue reading “Universal Plug and Play (UPnP) CallStranger Vulnerability(CVE-2020-12695)”
Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)
Update June 5, 2020: Qualys’ standard procedure is to give proper credit to the security research teams working diligently to discover and report vulnerabilities. In our rush to deliver this article to customers, we missed giving credit to the talented Cisco Talos team, who are the original authors of this research. After additional review with a … Continue reading “Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)”
VMware Cloud Director Remote Code Execution Vulnerability
On May 19,2020 VMware released an advisory to address Remote Code Execution vulnerability in VMware Cloud Director. CVE-2020-3956 has assigned to track this vulnerability. vCloud Director VMware Cloud Director (formerly known as vCloud Director) is a popular deployment, automation, and management software that’s used to operate and manage cloud resources, allowing businesses to data centers distributed … Continue reading “VMware Cloud Director Remote Code Execution Vulnerability”
ISC BIND NXNSAttack Vulnerability (CVE-2020-8616,CVE-2020-8617)
Summary: Two critical vulnerabilities were observed as CVE-2020-8616 and CVE-2020-8617 for ISC BIND in May 2020. To address those vulnerabilities patches were released. ISC Berkeley Internet Name Domain (BIND) is the most widely used Domain Name System (DNS) software on the Internet. This vulnerability can be exploited when an unwanted user get an access of … Continue reading “ISC BIND NXNSAttack Vulnerability (CVE-2020-8616,CVE-2020-8617)”
