{"id":8799,"date":"2020-10-12T13:49:37","date_gmt":"2020-10-12T20:49:37","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8799"},"modified":"2023-03-03T14:17:22","modified_gmt":"2023-03-03T21:17:22","slug":"sep-30-csw-patch-watch-security-updates","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/sep-30-csw-patch-watch-security-updates\/","title":{"rendered":"Sep 30: CSW Patch Watch & Security Updates"},"content":{"rendered":"

Two weeks ago, CISCO, Citrix, IBM, Pulse Secure, Amazon, Dell, RedHat and many others\u00a0 released security updates.<\/span><\/span><\/strong><\/p><\/blockquote>\n

Here is our analysis about these updates –<\/span><\/span><\/p>\n

    \n
  1. 150 <\/strong>vulnerabilities are in focus here and we have for you –<\/span><\/span>\n
      \n
    1. 26<\/strong> hotfixes<\/span><\/span><\/li>\n
    2. 123<\/strong> security updates<\/span><\/span><\/li>\n
    3. 1<\/strong> patch update<\/span><\/span><\/li>\n<\/ol>\n<\/li>\n
    4. We analyzed 150<\/strong> vulnerabiities and here are our findings –<\/span><\/span>\n
        \n
      1. 144<\/strong> CVEs are yet to be weaponized<\/span><\/span><\/li>\n
      2. 6<\/strong> CVEs have known exploits<\/span><\/span>\n
          \n
        1. CVE-2019-15605<\/strong> <\/a>– HTTP Request Smuggling<\/span><\/span><\/li>\n
        2. CVE-2020-0543<\/a><\/strong> – Special Register Buffer Data Sampling (SRBDS)<\/span><\/span><\/li>\n
        3. CVE-2020-14364<\/strong><\/a> – Denial of Service (DOS)<\/span><\/span><\/li>\n
        4. CVE-2020-16845<\/strong><\/a> – Denial of Service (DOS)<\/span><\/span><\/li>\n
        5. CVE-2020-24553<\/a> <\/strong>– Cross-Site Scripting<\/span><\/span><\/li>\n
        6. CVE-2020-1472<\/a><\/strong> – PE capabilities<\/span><\/span><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<\/li>\n
        7. We also discovered that CISA has released security alerts for these\u00a05<\/strong> CVEs\u00a0–<\/span><\/span>\n
            \n
          1. CVE-2020-3486<\/a> (High severity)<\/strong> is a remote vulnerability with a (CVSS) score of 3.0 that exists in\u00a0TwinCAT versions 2.10, 2.11, 2.11R2 and when exploited successfully it could result in Denial of Service.<\/span><\/span><\/li>\n
          2. CVE-2020-0543<\/a> (Medium severity)<\/strong>\u00a0is a vulnerability that exists in Siemens products.\u00a0This vulnerability has a known exploit<\/a>\u00a0that\u00a0triggers Special Register Buffer Data Sampling (SRBDS) and allows an authenticated user to enable information disclosure via local access. The vulnerbaility has a CVSSv3 score of 5.5 and requires low skill to exploit.\u00a0<\/span><\/span><\/li>\n
          3. CVE-2020-1472<\/a> (Critical severity)<\/strong> – Publicly exploitable vulnerability<\/a>\u00a0with the highest Common Vulnerability Scoring System (CVSS) score of 10.0 from Microsoft. Unbeknownst to many, this exists in the Neotlogy Protocol<\/a> as a privilege escalation weakness titled as Zerologon<\/a><\/strong> but the great news is that a patch <\/a>is available and Microsoft is planning to\u00a0 issue the second patch<\/a> by Feb 9, 2021. Leveraging this vulnerability, the attacker could obtain the domain administrator access therefore patching this vulnerability is essential.\u00a0<\/span><\/span><\/li>\n
          4. CVE-2020-13934<\/a> (High severity)<\/strong> is a flaw found in\u00a0Apache Tomcat\u00a0where an h2c direct connection did not release the HTTP\/1.1 processor after the upgrade to HTTP\/2. With a (CVSS) score of 7.5, this vulnerability could lead to\u00a0Denial of Service.\u00a0<\/span><\/span><\/li>\n
          5. CVE-2020-13935<\/a> (High severity)<\/strong> is a flaw in Apache Tomcat where\u00a0invalid payload lengths could trigger an infinite loop.\u00a0<\/span><\/span>With a (CVSS) score of 7.5, this vulnerability causes Denial of Service.\u00a0<\/span><\/span><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

            We also\u00a0found two alerts with high severity for a malware and a ransomware –\u00a0<\/span><\/span><\/p>\n

              \n
            1. LokiBot Malware<\/a> (High severity) <\/strong>– also known as Loki PWS, is a trickster malware with a CVSS score of 9.3 uses trojan malware to steal credentials, and sensitive information is often sent as a malicious attachment. Click here to\u00a0find a script to detect this malware and advisory on mitigation.<\/a><\/span><\/span><\/li>\n
            2. We also found a vulnerability available in QNAP NAS Devices is being targeted by AgeLocker Ransomware<\/strong>. This ransomware also targets Linux and Mac OS devices. Click here to view more information<\/a> about this vulnerability and the process to update the device. Interestingly, a warning about QNAP devices being vulnerable to remote takeover attacks was published in Zdnet in May 2020<\/a>.\u00a0<\/span><\/span><\/li>\n<\/ol>\n