In July 2021, Cybersecurity and Infrastructure Security Agency (CISA), together with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI), published an advisory notifying about the top 30 vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual … Continue reading “Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era”
Tag: CVE-2020-0787
Privilege Escalation in Microsoft Windows BITS(CVE-2020-0787)
Vulnerability overview The Microsoft Windows Background Intelligent Transfer Service(BITS) is vulnerable to Elevation of Privilege. Vulnerability occurs due to incorrect handling of symbolic links. Background Intelligent Transfer Service(BITS) is a Microsoft component used to transfer files using idle bandwidth. Vulnerability Description To check where vulnerability actually exists, we will first analyse the behaviour of Legacy … Continue reading “Privilege Escalation in Microsoft Windows BITS(CVE-2020-0787)”