CVE-2019-10149: Critical Remote Command Execution Vulnerability Discovered In Exim

Researchers discover critical remote command execution vulnerability in older versions of Exim. Over 4.1 million systems are potentially vulnerable to local exploitation and remote exploitation is possible in non-default configurations. Background On June 3, maintainers of the mail transfer agent (MTA) known as Exim acknowledged on the open source security (OSS) mailing list the existence of a … [Read more...]

SandboxEscaper: Local Privilege Escalation Bugs Including Four Zero-Day Vulnerabilities Disclosed

Five vulnerabilities, including four zero-day vulnerabilities, have been disclosed in Windows Task Scheduler, Windows Error Reporting, Internet Explorer 11, Microsoft Edge and Windows Installer, which could be used by attackers to elevate privileges. Background From May 21 through May 23, a security researcher published proof-of-concept (PoC) code for five vulnerabilities in Windows Task Scheduler … [Read more...]

Microarchitectural Data Sampling: Speculative Execution Side-Channel Vulnerabilities Found in Intel CPUs

Researchers disclose speculative execution side-channel attacks named ZombieLoad, RIDL and Fallout in Intel Central Processing Units (CPUs). Background On May 14, public disclosures from multiple research groups regarding a new set of speculative execution side-channel vulnerabilities in Intel CPUs were published, along with software updates from various operating system, virtualization and cloud … [Read more...]

Thrangrycat: Vulnerabilities in Cisco Secure Boot and Cisco IOS XE (CVE-2019-1649, CVE-2019-1862)

Researchers identify vulnerabilities in Cisco Secure Boot process and Cisco IOS XE devices that could reportedly be chained together for significant impact. Background On May 13, Cisco published two security advisories for vulnerabilities in Cisco Secure Boot and Cisco IOS XE. Researchers at security firm Red Balloon Security, Inc. discovered and reported the vulnerabilities to Cisco’s Product … [Read more...]

CVE-2019-3396: Vulnerability in Atlassian Confluence Widget Connector Exploited in the Wild

Attackers are targeting vulnerable Confluence instances after company published a fix for the vulnerability back in March 2019. Background On March 20, Atlassian published a Confluence Security Advisory to announce fixes for two vulnerabilities, CVE-2019-3395 and CVE-2019-3396. CVE-2019-3395 is a critical server-side request forgery (SSRF) vulnerability in the WebDAV plugin in Confluence Server … [Read more...]

Sea Turtle DNS Hijacking Campaign Utilizes At Least Seven Patched Vulnerabilities

The Sea Turtle campaign exploits seven patchable vulnerabilities dating from 2009 to 2018 to breach organizations and hijack their DNS name records. Background On April 17, researchers at Cisco’s Talos Intelligence Group published a blog entitled DNS Hijacking Abuses Trust In Core Internet Service. This blog provided additional details about a two-year attack campaign targeting a variety of … [Read more...]

Critical OS Command Injection Vulnerability in Citrix SD-WAN Center Discovered

Tenable Research has discovered a critical vulnerability in Citrix SD-WAN Center that could lead to remote code execution. Background On April 10, Citrix released a security bulletin for CVE-2019-10883, an operating system (OS) command injection vulnerability in Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7. Tenable Research discovered this … [Read more...]

Critical Vulnerability in Siemens Spectrum Power (CVE-2019-6579) Patched in Monthly Advisory

<p>Siemens Security Advisory Day (SAD) for April 2019 addresses a variety of vulnerabilities, including a critical vulnerability in Siemens Spectrum Power.</p> <h3>Background</h3> <p>On April 9, Siemens published its monthly Siemens Advisory Day release across a variety of Siemens products. This includes 11 CVEs newly addressed in Siemens products along with updates … [Read more...]

CVE-2019-0211: Proof of Concept for Apache Root Privilege Escalation Vulnerability Published

Researcher publishes proof of concept (PoC) for local root privilege escalation bug patched by Apache last week. Background Last week, Apache published a security update to address six vulnerabilities in HTTP Server versions 2.4.17 to 2.4.38. This release includes a fix for CVE-2019-0211, a local root privilege escalation vulnerability that could lead to arbitrary code execution. Analysis The … [Read more...]

Cisco Fixes Incomplete Patch for RV320 and RV325 Routers, Finds Two New Bugs (CVE-2019-1827, CVE-2019-1828)

Cisco finalizes patch for RV320 and RV325 after researchers determined a previous patch was incomplete. Background On April 4, Cisco published updated advisories to address two vulnerabilities in its RV320 and RV325 routers that were originally reported in January 2019. Additionally, Cisco published advisories for two newly discovered, medium severity bugs in the same routers. Analysis Tenable … [Read more...]