Summary: FortiOS has been reported with an unquoted service path vulnerability. FortiClient FortiTray of FortiClientConsole executable service path is the vulnerable component that leads to escalated privileges. Description: For Mac and Windows Fortigate products like FortiOS for FortiGate firewalls and the FortiClient endpoint antivirus.,uses a weak encryption cipher (XOR) and hardcoded cryptographic keys to communicate … Continue reading “FortiOS and FortiClient Man-In-The-Middle Attack privilege escalation vulnerability (CVE-2018-9195)”
Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-0668)
Summary: An arbitrary file move vulnerability is found in Windows Service Tracing. A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with SYSTEM level permissions. Description: To exploit the vulnerability, developed by individual researcher Clément Labro, a locally … Continue reading “Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-0668)”
Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)
Update June 9, 2020: As of June 2020, CVE 2020-0796 was highlighted once again and too hot in the wild as it gave “SMBGhost pre-auth RCE abusing Direct Memory Access structs”. A researcher published a presentation of the same in his/her tweet entailed below. CISA said “Although Microsoft disclosed and provided updates for this vulnerability … Continue reading “Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)”
ManageEngine Desktop Central unauthenticated remote code execution vulnerability (CVE-2020-10189)
Summary: A zero-day vulnerability has been disclosed in the IT help desk ManageEngine software made by Zoho Corp. The serious vulnerability enables an unauthenticated, remote attacker to launch attacks on affected systems. Description: Zoho ManageEngine Desktop Central faces An untrusted deserialization vulnerability. The vulnerability stems from an improper input validation in the FileStorage class. This … Continue reading “ManageEngine Desktop Central unauthenticated remote code execution vulnerability (CVE-2020-10189)”
Oracle WebLogic Server deserialization bug to remote code execution vulnerability (CVE-2020-2555)
Summary: Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. In the Oracle Critical Patch Update Advisory – January 2020, Oracle officially fixed a high-risk vulnerability (CVE-2020-2555) that affect to Oracle Coherence library in Oracle WebLogic Server. Description: Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 protocol to … Continue reading “Oracle WebLogic Server deserialization bug to remote code execution vulnerability (CVE-2020-2555)”
EAP packet processing, PPPd buffer overflow vulnerability (CVE-2020-8597)
Summary: In the first week of March 2020, an old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. CVE-2020-8597 have CVSS Score of 9.8 can be remotely exploited by unauthenticated attackers. Description: … Continue reading “EAP packet processing, PPPd buffer overflow vulnerability (CVE-2020-8597)”
Zero-days in WordPress Plugins 2020
Summary: During the past two weeks, we’ve seen a resurgence in attacks against WordPress plugins. Most of them have been briefed in below section. Description: Lets try to understand those 8 vulnerable plugins one by one. Duplicator Duplicator is one of the most popular plugins on the WordPress portal, with more than one million installs … Continue reading “Zero-days in WordPress Plugins 2020”
AES-GCM bug in the firmware of Google’s Titan M chip (CVE-2019-9465)
Summary: An android bug was observed in Google’s Android smartphones, using the Titan M chip through the Android Keystore API for AES-GCM in a specific way lead to predictable and bogus ciphertext. Description: Android Keystore, StrongBox and the Titan M chip are the key components that leads to this bug’s discovery. The Android Keystore is … Continue reading “AES-GCM bug in the firmware of Google’s Titan M chip (CVE-2019-9465)”
Kr00k Wi-Fi Vulnerability (CVE-2019-15126)
Summary: In last week of February,2020, after MSPT, a serious vulnerability in Wi-Fi chips, formally known as CVE-2019-15126., very well known as Kr00K in the wild. Krook was hot topic to be discussed in RSA conference 2020. Description: What is Kr00k? Krook is a vulnerability of the wireless egress packet implementation and processing of certain … Continue reading “Kr00k Wi-Fi Vulnerability (CVE-2019-15126)”
Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)
Summary: In second week of February,2020, after MSPT, a static key vulnerability in Microsoft Exchange Control Panel (ECP), a component of Microsoft Exchange Server was observed, that leads to RCE. To perform the exploit, an authenticated user with any privilege level sends a specially crafted request to a vulnerable ECP and gain SYSTEM level arbitrary … Continue reading “Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)”
