A null pointer deference vulnerability in Win32k.sys has been disclosed to Microsoft. CVE-2018-8120 has been assigned to track this vulnerability. The attacker needs to be able to execute a crafted application on the target machine to be able to exploit this vulnerability. Upon successful exploitation the attacker can achieve arbitrary code execution with system level … Continue reading “Win32k Elevation of Privilege : CVE-2018-8120”
Multiple DVR Products Authentication Bypass Vulnerability
Last month, a security researcher published a critical vulnerability (CVE-2018-9995) in several Digital Video Recorders (DVR). As DVR is typically connected to home or business security cameras, compromising it can give attackers access to live feeds from all the cameras they are connected to. The researcher also released a proof-of-concept code for the vulnerability, getDVR_Credentials. … Continue reading “Multiple DVR Products Authentication Bypass Vulnerability”
DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)
A critical vulnerability has been found in DHCP client (dhclient) packages in Red Hat Enterprise Linux 6 and 7. The flaw allows unauthenticated remote attackers to execute arbitrary Linux commands with root privileges. An attacker can set up a malicious DHCP server on the local network and spoof DHCP responses in order to exploit this flaw … Continue reading “DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)”
Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897
An elevation of privilege attack was discovered in the stack change mechanism in Intel and AMD. On exploitation an attacker can execute user level code in kernel context or cause DoS. The vulnerability resulted due to misinterpretation of the documents describing the stack change process. CVE-2018-8897 has been assigned to track this vulnerability. The researchers … Continue reading “Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897”
GPON Home Routers Multiple Security Vulnerabilities
A couple of vulnerabilities affecting over one million GPON routers were disclosed recently. One of them was an Authentication Bypass vulnerability (CVE-2018-10561) and other one was a Command Injection vulnerability (CVE-2018-10562). An attacker can chain these vulnerabilities to execute arbitrary code on the targeted devices. A security researcher published his findings along with POC on … Continue reading “GPON Home Routers Multiple Security Vulnerabilities”
Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174
A Zero-Day vulnerability in VBScript was disclosed to Microsoft. The vulnerability was discovered as an active attack in the wild. The bug is in the VBScript engine used in Windows. Its classified as a Use-After-Free (UAF) vulnerability. CVE-2017-8174 is assigned to track this bug. Currently attackers are exploiting this vulnerability to execute shellcode and PowerShell … Continue reading “Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174”
Oracle WebLogic Deserialization Vulnerability : CVE-2018-2628
A deserialization vulnerability was discovered in Oracle WebLogic server’s core components. Upon successful exploitation an attacker can take control of the target server. The exploit targets the server by sending a custom serialized object using T3 protocol and achieves remote arbitrary code execution. T3 and T3S(T3 over TLS) protocol is used to exchange data between … Continue reading “Oracle WebLogic Deserialization Vulnerability : CVE-2018-2628”
Drupal Critical RCE Patch Release [CVE-2018-7602]
Drupal released a critical update to address CVE-2018-7602. Upon exploiting the bug an attacker can gain remote code execution that can compromise the site. The vulnerability affects Drupal 7.x and 8.x. The vulnerability was disclosed by Drupal’s in house team. A similar bug (CVE-2018-7600) was patched SA-CORE-2018-002. Both of these vulnerabilities are being exploited in the wild. … Continue reading “Drupal Critical RCE Patch Release [CVE-2018-7602]”
Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) Installation Manager Missing Access Control Vulnerability (DSA-2018-025)
EMC Avamar Virtual Edition is great for enterprise backup data protection for small and medium-sized offices. Avamar Virtual Edition is optimized for backup and recovery of virtual and physical servers, enterprise applications, remote offices, and desktops or laptops. Avamar Installation Manager is affected by a missing access control check vulnerability which could potentially allow a … Continue reading “Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) Installation Manager Missing Access Control Vulnerability (DSA-2018-025)”
Drupal Critical RCE Patch Release [CVE-2018-7600]
On 21 March 2018 Drupal released a statement that a major vulnerability was reported. They have rated this vulnerability as critical. As per their statement “exploits might be developed within hours or days”, Due to the severity of the issue Drupal is releasing patches for unsupported version as well. CVE-2018-7600 has been assigned to track this issue. Drupal security … Continue reading “Drupal Critical RCE Patch Release [CVE-2018-7600]”
