Blog

jackson-databind/Fastjson Remote Code Execution Vulnerability Threat Alert

March 23, 2020 | Mina Hao

Overview Recently, two remote code execution vulnerabilities (CVE-2020-9547 and CVE-2020-9548) were fixed in jackson-databind. By using two components (ibatis-sqlmap and anteros-core) to bypass the blacklist restriction, attackers could exploit these vulnerabilities to cause remote code execution on the victim’s machine.

IP Reputation Report-03152020

March 20, 2020 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 15, 2020.

Oracle Coherence Deserialization Remote Code Execution Vulnerability (CVE-2020-2555) Threat Alert

March 20, 2020 | Mina Hao

Vulnerability Description On January 15, 2020, Oracle released Critical Patch Update (CPU) for January 2020 that fixes 334 vulnerabilities of different risk levels, including a remote code execution vulnerability (CVE-2020-2555) with the CVSS score of 9.8 in the deserialization by Oracle Coherence deserialization. This vulnerability allows an unauthenticated attacker to launch attacks via a crafted […]

OpenSMTPD Remote Code Execution Vulnerability (CVE-2020-8794) Threat Alert

March 18, 2020 | Mina Hao

Overview On February 24, local time, researchers from Qualys released a remote code execution vulnerability (CVE-2020-8794) existing in OpenSMTPD. As part of the OpenBSD part, OpenSMTPD (also known as OpenBSD’s mail server) is a free implementation of the server-side SMTP protocol as defined by RFC 5321. CVE-2020-8794 is an out-of-bounds read vulnerability. Attackers could exploit […]

ICS Information Security Assurance Framework 21

March 17, 2020 | Mina Hao

What to Expect for ICS Security in the Coming Years With the policy guidance of various ministries and commissions under the State Council, related  financial support, and the increased emphasis on ICS security by ICS enterprises, the ICS information security will get on the fast track of development. With the advancement of “one network, one […]

Google Chrome Releases Updates for Remediation of the Zero-day Vulnerability (CVE-2020-6418) Threat Alert

March 16, 2020 | Mina Hao

Overview On February 24, local time, Google released updates for fixing multiple vulnerabilities existing in the desktop Chrome browser, including the high-risk CVE-2020-6418 vulnerability that has been exploited by attackers in the wild. CVE-2020-6418 is a type confusion vulnerability in V8, which is Google Chrome’s open-source JavaScript and WebAssembly engine. This vulnerability was discovered and […]

VMware vRealize Operations for Horizon Adapter Remote Code Execution Vulnerability (CVE-2020-3943) Threat Alert

March 13, 2020 | Mina Hao

Overview Recently, VMware released a security advisory, announcing remediation of a remote code execution vulnerability (CVE-2020-3943) in vRealize Operations for Horizon Adapter. VMware has evaluated the severity of this vulnerability to be in the critical severity range with a maximum CVSSv3 base score of 9.0.

IP Reputation Report-03082020

March 12, 2020 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 8, 2020.

Fastjson 1.2.62 and Earlier Remote Code Execution Vulnerability Threat Alert

March 11, 2020 | Mina Hao

Vulnerability Description On February 19, National Vulnerability Database (NVD) released a JNDI injection vulnerability (CVE-2020-8840) in jackson-databind. However, gadget deserialization in jackson-databind also affects Fastjson. According to researchers from NSFOCUS, when the AutoType fucntion is enabled (disabled by default), this vulnerability affects Fastjson 1.2.62, allowing attackers to result in remote arbitrary code execution on the […]

ICS Information Security Assurance Framework 20

March 10, 2020 | Mina Hao

Petroleum and Petrochemical Industry Overview System introduction Oil field exploitation is field work featuring strong fluidity, large quantities of scattered points, and a long distance. In the process of oil field exploitation, out of management requirements, the oil and gas management center connects to the gathering and transportation control center, gas processing plant control center, […]