βΌ CVE-2020-24580 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13547 βΌ
π Read
via "National Vulnerability Database".
A type confusion vulnerability exists in the JavaScript engine of Foxit SoftwareΓ’β¬β’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24581 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It contains an execute_cmd.cgi feature (that is not reachable via the web user interface) that lets an authenticated user execute Operating System commands.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24578 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files (such as the password hash file).π Read
via "National Vulnerability Database".
π΄ Emotet Campaign Restarts After Seven-Week Hiatus π΄
π Read
via "Dark Reading".
Multiple security researchers note the return of an email campaign attempting to spread the malware, which is often used to drop the Ryuk ransomware and Trickbot banking Trojan.π Read
via "Dark Reading".
Dark Reading
Emotet Campaign Restarts After Seven-Week Hiatus
Multiple security researchers note the return of an email campaign attempting to spread the malware, which is often used to drop the Ryuk ransomware and Trickbot banking Trojan.
π΄ Microsoft Ups Security of Azure AD, Identity π΄
π Read
via "Dark Reading".
A roundup of Microsoft's recent security news and updates that focus on protecting identity.π Read
via "Dark Reading".
Darkreading
Microsoft Ups Security of Azure AD, Identity
A roundup of Microsoft's recent security news and updates that focus on protecting identity.
βΌ CVE-2020-14874 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure Identity and Access Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Cloud Infrastructure Identity and Access Management accessible data as well as unauthorized read access to a subset of Oracle Cloud Infrastructure Identity and Access Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Cloud Infrastructure Identity and Access Management. CVSS 3.1 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L).π Read
via "National Vulnerability Database".
βΌ CVE-2020-29583 βΌ
π Read
via "National Vulnerability Database".
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24680 βΌ
π Read
via "National Vulnerability Database".
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27338 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the DHCPv6 client component allows an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27337 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24674 βΌ
π Read
via "National Vulnerability Database".
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24677 βΌ
π Read
via "National Vulnerability Database".
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24675 βΌ
π Read
via "National Vulnerability Database".
In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24679 βΌ
π Read
via "National Vulnerability Database".
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24683 βΌ
π Read
via "National Vulnerability Database".
The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25066 βΌ
π Read
via "National Vulnerability Database".
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2020-14270 βΌ
π Read
via "National Vulnerability Database".
HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27336 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24676 βΌ
π Read
via "National Vulnerability Database".
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24673 βΌ
π Read
via "National Vulnerability Database".
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability.π Read
via "National Vulnerability Database".