Emergency Response

Type1 Font Parsing 0-day Remote Code Execution Vulnerability Threat Alert

April 3, 2020 | Mina Hao

Overview On March 23, local time, Microsoft released an out-of-band security advisory ADV200006 to address two critical 0-day vulnerabilities in Adobe Type Manager Library. A vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a crafted multi-master font, namely, the Adobe Type 1 PostScript format. An attacker could exploit the […]

Spring Cloud Config Server Path Traversal (CVE-2020-5405) Threat Alert

March 31, 2020 | Mina Hao

Vulnerability Description Security researchers from NSFOCUS found a directory traversal vulnerability (CVE-2020-5405) in the Spring Cloud Config component. On February 26, Spring released a security bulletin to announce this vulnerability and also expressed appreciation to NSFOCUS.

Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution

March 30, 2020 | Mina Hao

Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An attacker could exploit this vulnerability […]

Microsoft SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Threat Alert

March 29, 2020 | Mina Hao

Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. Instead of a security patch, Microsoft currently provides a workaround for users to mitigate this vulnerability.

Linux System PPPD Remote Code Execution Vulnerability (CVE-2020-8597) Threat Alert

March 27, 2020 | Mina Hao

Vulnerability Description On March 6, the United States Computer Emergency Readiness Team (US-CERT) release a security bulletin to announce a 17-year-old remote code execution vulnerability in the PPP daemon (pppd). This vulnerability affects nearly all Linux-based operating systems and network device firmware. This vulnerability is a buffer overflow vulnerability (CVE-2020-8597), with a CVSS score of […]

V8 Type Confusion Vulnerability (CVE-2020-6418) Threat Alert

March 24, 2020 | Mina Hao

Vulnerability Description On February 25, security updates were released for Google Chrome and Microsoft Edge. The open-source JavaScript and WebAssembly engines in V8 in Google Chrome before 80.0.3987.122 and Microsoft Edge browser before 80.0.361.62 are prone to a type confusion vulnerability (CVE-2020-6418), which allows attackers to access data in an unauthorized way, thereby executing malicious […]

jackson-databind/Fastjson Remote Code Execution Vulnerability Threat Alert

March 23, 2020 | Mina Hao

Overview Recently, two remote code execution vulnerabilities (CVE-2020-9547 and CVE-2020-9548) were fixed in jackson-databind. By using two components (ibatis-sqlmap and anteros-core) to bypass the blacklist restriction, attackers could exploit these vulnerabilities to cause remote code execution on the victim’s machine.

Oracle Coherence Deserialization Remote Code Execution Vulnerability (CVE-2020-2555) Threat Alert

March 20, 2020 | Mina Hao

Vulnerability Description On January 15, 2020, Oracle released Critical Patch Update (CPU) for January 2020 that fixes 334 vulnerabilities of different risk levels, including a remote code execution vulnerability (CVE-2020-2555) with the CVSS score of 9.8 in the deserialization by Oracle Coherence deserialization. This vulnerability allows an unauthenticated attacker to launch attacks via a crafted […]

OpenSMTPD Remote Code Execution Vulnerability (CVE-2020-8794) Threat Alert

March 18, 2020 | Mina Hao

Overview On February 24, local time, researchers from Qualys released a remote code execution vulnerability (CVE-2020-8794) existing in OpenSMTPD. As part of the OpenBSD part, OpenSMTPD (also known as OpenBSD’s mail server) is a free implementation of the server-side SMTP protocol as defined by RFC 5321. CVE-2020-8794 is an out-of-bounds read vulnerability. Attackers could exploit […]

Google Chrome Releases Updates for Remediation of the Zero-day Vulnerability (CVE-2020-6418) Threat Alert

March 16, 2020 | Mina Hao

Overview On February 24, local time, Google released updates for fixing multiple vulnerabilities existing in the desktop Chrome browser, including the high-risk CVE-2020-6418 vulnerability that has been exploited by attackers in the wild. CVE-2020-6418 is a type confusion vulnerability in V8, which is Google Chrome’s open-source JavaScript and WebAssembly engine. This vulnerability was discovered and […]