βΌ CVE-2020-28241 βΌ
π Read
via "National Vulnerability Database".
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5645 βΌ
π Read
via "National Vulnerability Database".
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, GT1450-QMBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, GT1450-QLBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, GT1455HS-QTBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, and GT1450HS-QMBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27347 βΌ
π Read
via "National Vulnerability Database".
The function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15708 βΌ
π Read
via "National Vulnerability Database".
Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5647 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, GT1450-QMBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, GT1450-QLBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, GT1455HS-QTBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier, and GT1450HS-QMBDE CoreOS version Γ’β¬β’05.65.00.BDΓ’β¬β’ and earlier) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5667 βΌ
π Read
via "National Vulnerability Database".
Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.π Read
via "National Vulnerability Database".
βΌ CVE-2020-10291 βΌ
π Read
via "National Vulnerability Database".
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol by RMS Sentinel which provides the licensing infrastructurefor the network license server. RMS Sentinel license manager service exposes UDP port 5093 which provides sensitivesystem information that could be leveraged for further exploitation without any kind of authentication. Thisinformation includes detailed hardware and OS characteristics.After a decryption process, a textual protocol is found which contains a simple header with the requested command,application-identifier, and some arguments. The protocol leaks information regarding the receiving serverinformation, license information and managing licenses, among others.Through this flaw, attackers can retreive information about a KUKA simulation system, particularly, the version ofthe licensing server, which is connected to the simulator, and which will allow them to launch local simulationswith similar characteristics, further understanding the dynamics of motion virtualization and opening doors toother attacks (see RVDP#711 and RVDP#712 for subsequent vulnerabilities that compromise integrity andavailability).Beyond compromising simulations, Visual Components provides capabilities to interface with industrial machinery.Particularly, their PLC Connectivity feature 'makes it easy' to connect simulations with control systems usingeither the industry standard OPC UA or other supported vendor specific interfaces. This fills the gap of jumpingfrom simulation to real and enables attackers to pivot from the Visual Components simulator to robots or otherIndustrial Control System (ICS) devices, such as PLCs.π Read
via "National Vulnerability Database".
βΌ CVE-2020-10292 βΌ
π Read
via "National Vulnerability Database".
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol by RMS Sentinel which provides the licensing infrastructurefor the network license server. RMS Sentinel license manager service exposes UDP port 5093 which provides sensitivesystem information that could be leveraged for further exploitation without any kind of authentication. Thisinformation includes detailed hardware and OS characteristics.After a decryption process, a textual protocol is found which contains a simple header with the requested command,application-identifier, and some arguments. The protocol is vulnerable to DoS through an arbitrary pointerderreference. This flaw allows an attacker to to pass a specially crafted package that, when processed by theservice, causes an arbitrary pointer from the stack to be dereferenced, causing an uncaught exception thatterminates the service. This can be further contructed in combination with RVDP#710 which exploits an informationdisclosure leak, or with RVDP#711 for an stack-overflow and potential code execution.Beyond denying simulations, Visual Components provides capabilities to interface with industrial machinery andautomate certain processes (e.g. testing, benchmarking, etc.) which depending on the DevOps setup might beintegrated into the industrial flow. Accordingly, a DoS in the simulation might have higher repercusions, dependingon the Industrial Control System (ICS) ICS infrastructure.π Read
via "National Vulnerability Database".
β Apple Patches Bugs Tied to Previously Identified Zero-Days β
π Read
via "Threat Post".
The actively exploited vulnerabilities discovered by Project Zero exist across iPhone, iPad and iPod devices.π Read
via "Threat Post".
Threat Post
Apple Patches Bugs Tied to Previously Identified Zero-Days
The actively exploited vulnerabilities discovered by Project Zero exist across iPhone, iPad and iPod devices.
π΄ How COVID-19 Changed the VC Investment Landscape for Cybersecurity Companies π΄
π Read
via "Dark Reading".
What trends can startups and investors expect to see going forward?π Read
via "Dark Reading".
βΌ CVE-2020-26882 βΌ
π Read
via "National Vulnerability Database".
In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27589 βΌ
π Read
via "National Vulnerability Database".
Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4483 βΌ
π Read
via "National Vulnerability Database".
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181857.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4484 βΌ
π Read
via "National Vulnerability Database".
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could disclose sensitive information to an authenticated user that could be used in further attacks against the system. IBM X-Force ID: 181858.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4482 βΌ
π Read
via "National Vulnerability Database".
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27196 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26883 βΌ
π Read
via "National Vulnerability Database".
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.π Read
via "National Vulnerability Database".
β Black Friday β stay safe before, during and after peak retail season β
π Read
via "Naked Security".
Yes, we give Black Friday tips every year - but that's because they're worth doing every year!π Read
via "Naked Security".
Naked Security
Black Friday β stay safe before, during and after peak retail season
Yes, we give Black Friday tips every year β but thatβs because theyβre worth doing every year!
π¦Ώ How to view your SSH keys in Linux, macOS, and Windows π¦Ώ
π Read
via "Tech Republic".
If you're not sure how to view your SSH certificates, Jack Wallen walks you through the steps on Linux, macOS, and Windows.π Read
via "Tech Republic".
TechRepublic
How to View Your SSH Keys in Linux, macOS, and Windows
Learn how to find your SSH key on Linux, macOS, or Windows. Follow these simple steps to locate your SSH key for secure connections and setup.
π Friday Five 11/6 π
π Read
via "Digital Guardian".
New privacy laws, botnet schemes, and Bitcoin seizures - catch up on all the week's infosec news with the Friday Five!π Read
via "Digital Guardian".
Digital Guardian
Friday Five 11/6
New privacy laws, botnet schemes, and Bitcoin seizures - catch up on all the week's infosec news with the Friday Five!
π΄ Name That Toon: Masks and Manners π΄
π Read
via "Dark Reading".
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Toon: Masks and Manners
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.