Oracle Critical Patch Update for July Contains 265 Fixes

Oracle fixes 265 vulnerabilities in July’s Critical Patch Update. Background On July 16, Oracle released its Critical Patch Update (CPU) for July 2019 as part of its quarterly release of fixes for vulnerabilities. This update contains fixes for 265 CVEs, according to the Oracle Advisory to CVE Map, across several Oracle products. Analysis Oracle’s July 2019 CPU contains 265 addressed CVEs across … [Read more...]

Unauthorized Call and Webcam Access Vulnerability in Zoom Mac Client (CVE-2019-13450)

A zero-day vulnerability in Zoom could potentially lead to a remote code execution attack. Here’s what you need to know. Background Security researcher Jonathan Leitschuh has disclosed a zero day in the Zoom client for Mac, that allows an attacker to force a user to join a Zoom call with their webcam enabled. The disclosure blog also suggests this could potentially lead to a remote code execution … [Read more...]

Microsoft’s July 2019 Patch Tuesday: What You Need to Know

Microsoft’s July 2019 Security Updates were released on July 9, with nearly 80 vulnerabilities patched in this update, 15 of which are critical. CVE-2019-0865 | SymCrypt Denial of Service Vulnerability A denial of service vulnerability was identified in SymCrypt, the cryptographic library used to handle cryptographic functions on Windows. Using a specially crafted digital signature, an attacker … [Read more...]

Tenable Roundup for Microsoft’s June 2019 Patch Tuesday

The SandboxEscaper privilege escalation bug is among the nearly 90 vulnerabilities patched in Microsoft’s June 2019 Security Updates. Here’s what you need to know. Microsoft’s June 2019 Security Updates have been released, with nearly 90 vulnerabilities patched in this update, 21 of which are critical. SandboxEscaper Privilege Escalation Bugs Patched This month’s release contains fixes for the … [Read more...]

Critical Remote Code Execution Vulnerability CVE-2019-0708 Addressed in Patch Tuesday Updates

Microsoft has released its May 2019 Security Updates, which includes a fix for CVE-2019-0708, a critical remote code execution vulnerability affecting the Remote Desktop Service. Background Microsoft has released its monthly security update for May. Included in this month's Patch Tuesday release is CVE-2019-0708, a critical remote code execution vulnerability that could allow an unauthenticated … [Read more...]

CVE-2019-5021: Hard-Coded NULL root Password Found in Alpine Linux Docker Images

A Hard-Coded NULL root user password vulnerability was found in Alpine Linux Docker Images from December 2015’s 3.3 version onward. Users are encouraged to disable the root user, or any services that utilize the system shadow file as an authentication database. Background In November 2015, a bug in Alpine Linux Docker Images was patched to prevent the /etc/shadow file from accepting a NULL … [Read more...]

Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

Oracle WebLogic is vulnerable to a new deserialization vulnerability that could allow an attacker to execute remote commands on vulnerable hosts. Background On April 17, China National Vulnerability Database (CNVD) published a security bulletin about an unauthenticated remote command execution (RCE) vulnerability in Oracle WebLogic (CNVD-C-2019-48814). Oracle WebLogic Server is middleware for … [Read more...]

Magento Security Updates Fix Over 30 Bugs Including an Unauthenticated Remote Code Execution Vulnerability (PRODSECBUG-2198)

Magento Commerce and Open Source advisory provides fixes for RCE, XSS, SQLi, and XSRF vulnerabilities. Background Magento has released a security advisory for 30+ vulnerabilities, including an unauthenticated Remote Code Execution (RCE) vulnerability which Magento is highly recommending users patch as soon as possible. Magento is an e-commerce management tool widely used by many online platforms. … [Read more...]

Multiple Remote Code Execution Vulnerabilities Found in Grandstream Devices

Multiple security vulnerabilities found in Grandstream devices’ web interfaces include remote code execution and user credentials stored in plaintext. Background According to Threatpost, a number of Grandstream telephony and networking devices contain multiple vulnerabilities which could lead to remote code execution (RCE) attacks. Compromised devices would also allow an attacker to install … [Read more...]

Cisco March Advisory Addresses Multiple Vulnerabilities in FXOS and NX-OS

Cisco released security advisories for multiple vulnerabilities including CVE-2019-1614, an authenticated RCE vulnerability affecting many Cisco switches running NX-OS. Background On March 6th, Cisco released advisories for multiple vulnerabilities. One noteworthy update amongst them was an NX-API remote code injection vulnerability (CVE-2019-1614) wherein an authenticated remote attacker could … [Read more...]