Emergency Response

Oracle WebLogic Server Deserialization Remote Code Execution Vulnerability Threat Alert

May 3, 2019 | Mina Hao

1 Vulnerability Overview On April 17, China National Vulnerability Database (CNVD) published details of a remote code execution vulnerability in Oracle WebLogic Server. Specifically, this vulnerability exists in the wls9_async_response.war component that comes with Oracle WebLogic Server as this component fails to properly deserialize the input information. An unauthorized attacker could exploit this vulnerability to […]

Cisco IOS XR 64-Bit Critical Vulnerability (CVE-2019-1710) Threat Alert

May 2, 2019 | Mina Hao

Overview Cisco has released a security advisory to announce the fix of a vulnerability (CVE-2019-1710) in Cisco IOS XR 64-bit Software running on Cisco ASR 9000 Series Aggregation Services Routers. This vulnerability is the result of incorrect isolation of the secondary management interface from internal sysadmin applications. An unauthenticated attacker could exploit this vulnerability to […]

Oracle April 2019 Critical Patch Update for All Product Families Threat Alert

April 30, 2019 | Mina Hao

Overview On April 16, 2019, local time, Oracle released its security advisory of the Critical Patch Update (CPU) for the second quarter. The CPU fixes 297 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the following link: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Cisco Common Service Platform Collector Default Password Vulnerability (CVE-2019-1723) Threat Alert

April 29, 2019 | Mina Hao

Overview Cisco officially released a security advisory, announcing the fix of a vulnerability (CVE-2019-1723) existing in the Cisco Common Service Platform Collector (CSPC). This vulnerability exists because the affected software has a default account with a fixed password. An attacker could exploit this vulnerability to remotely access an affected device by using this account. This […]

Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232) Threat Alert

April 26, 2019 | Mina Hao

Overview On April 10, local time, Apache Software Foundation officially released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2019-0232). The Java Runtime Environment (JRE), when running on a Windows system with enableCmdLineArguments enabled, passes command-line parameters to Windows in an incorrect manner. This leads to the CGI servlet susceptible to […]

Siemens Multiple Products Vulnerabilities Threat Alert

April 25, 2019 | Mina Hao

Overview On April 9, local time, Siemens officially released a security advisory, announcing the fix of vulnerabilities of different risk levels in a spectrum of products such as SIMATIC WinCC Open Architecture (SIMATIC WinCC OA), Spectrum Power, and RUGGEDCOM RXO II. Of all these vulnerabilities, two have a CVSS v3.0 base score of 10.

Confluence SSRF and Remote Code Execution Vulnerability Handling Guide

April 22, 2019 | Mina Hao

1 Vulnerability Overview Recently, Atlassian officially released a security bulletin, announcing a server-side request forgery (SSRF) vulnerability and a remote code execution vulnerability (CVE-2019-3396). The two vulnerabilities respectively reside in WebDAV and Widget Connector and could be exploited by an attacker for remote code execution and server-side request forgery.

Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert

April 19, 2019 | Mina Hao

Overview The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain (www.xmltoday.com) or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP request to a malicious web […]

Microsoft’s April 2019 Patches Fix 76 Vulnerabilities Threat Alert

April 18, 2019 | Mina Hao

Overview Microsoft released April 2019 security patches on Tuesday that fix 76 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, Adobe Flash Player, CSRSS, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft […]

Adobe Security Advisory for April Security Updates

April 15, 2019 | Mina Hao

Overview On April 9, local time, Adobe officially released April security updates which fix multiple vulnerabilities in such products as Adobe Flash Player, Shockwave Player, Dreamweaver, XD CC, InDesign, Experience Manager Forms, and Bridge CC.