CVE-2020-3952: Sensitive Information Disclosure in VMware vCenter Server (VMSA-2020-0006)

VMware patches a critical information disclosure flaw in vCenter Server with a CVSSv3 score of 10.0. Background On April 9, VMware published VMSA-2020-0006, a security advisory for a critical vulnerability in vCenter Server that received the maximum CVSSv3 score of 10.0. Analysis CVE-2020-3952 is a sensitive information disclosure flaw in VMware vCenter Server. The flaw resides in the VMware … [Read more...]

Microsoft’s November 2019 Patch Tuesday: Tenable Roundup

With over 70 CVEs, Microsoft’s November 2019 Patch Tuesday corrects 13 critical vulnerabilities, including a patch for an Internet Explorer vulnerability exploited in the wild. Microsoft’s November 2019 Patch Tuesday contains updates for 74 CVEs, 13 of which are rated critical. This month’s release covers 16 remote code execution (RCE) vulnerabilities and 27 elevation of privilege (EoP) flaws … [Read more...]

Microsoft’s October 2019 Patch Tuesday: Tenable Roundup

Administrators rejoice: only nine of the 59 vulnerabilities in Microsoft's October 2019 Security Update are rated critical. Microsoft’s October 2019 Patch Tuesday contains updates for 59 CVEs, nine of which are rated critical. Administrators may rejoice this month with a smaller than usual Patch Tuesday. The following is a breakdown of the most important CVEs from this month’s … [Read more...]

CVE-2019-16928: Critical Buffer Overflow Flaw in Exim is Remotely Exploitable

CVE-2019-16928, a critical heap-based buffer overflow vulnerability in Exim email servers, could allow remote attackers to crash Exim or potentially execute arbitrary code. Background Exim Internet Mailer, the popular message transfer agent (MTA) for Unix hosts found on nearly 5 million systems, is back in the news. Earlier this month, CVE-2019-15846, a critical remote code execution (RCE) flaw, … [Read more...]

Microsoft’s September 2019 Patch Tuesday: Tenable Roundup

Microsoft’s September 2019 Security Updates address 79 vulnerabilities, 17 of which are rated critical. Microsoft’s September 2019 Patch Tuesday release contains updates for 79 CVEs, 17 of which are rated critical. In the wake of BlueKeep in May, and the four additional CVEs for Remote Desktop Services in August (DejaBlue), Microsoft has addressed four new CVEs for Remote Desktop Client. … [Read more...]

CVE-2019-11510: Proof of Concept Available for Arbitrary File Disclosure in Pulse Connect Secure

A proof of concept has been made public for CVE-2019-11510, an arbitrary file disclosure vulnerability found in popular virtual private network software, Pulse Connect Secure. Background On April 24, Pulse Secure released a security advisory (later amended to include CVEs on the 25th) and patch for multiple critical and high severity vulnerabilities. The issues were identified in Pulse Connect … [Read more...]

Tenable Roundup for Microsoft’s August 2019 Patch Tuesday

Microsoft’s August 2019 Security Updates, released on August 13, address over 90 vulnerabilities, 29 of which are critical. Microsoft’s August 2019 Patch Tuesday release contains updates for 93 CVEs, 29 of which are rated Critical. This month brings patches for the usual suspects, namely the various flavors of Microsoft Windows, Office Products, Browsers IE and Edge, as well as Microsoft Dynamics, … [Read more...]

CVE-2019-0708: BlueKeep Exploits Could Be Around the Corner

Nearly 80 days after the announcement of BlueKeep, threats of exploitation remain. Those who have not patched remain at risk as rumors of exploit scripts surface. Background In May 2019, Microsoft released a critical patch for CVE-2019-0708, dubbed BlueKeep, a critical remote code execution vulnerability that could allow an unauthenticated attacker to exploit a vulnerable host running Remote … [Read more...]

Exim Buffer Overflow RCE Vulnerability (CVE-2018-6789) – What You Need to Know

On February 10, the Unix-based email server Exim released an update to address a heap buffer overflow vulnerability that can be used by an unauthenticated attacker to remotely execute arbitrary code. The flaw, assigned CVE-2018-6789, is noted to exist in all versions of Exim, prior to their latest release, 4.90.1, which means the attack surface potential is very wide. A quick search on Shodan … [Read more...]

Identifying Systems Affected by Cisco ASA Critical Vulnerability (CVE-2018-0101)

On January 29, Cisco released an advisory for a critical vulnerability in their Adaptive Security Appliance (ASA) software. The critical flaw, assigned CVE-2018-0101, has a CVSS score of 10.0 and could allow for a denial-of-service attack and remote code execution. On February 5, Cisco updated the advisory indicating they’d found additional attack vectors and more affected products. They also … [Read more...]