Overview On November 18, 2020 (local time), Cisco released security advisories fixing vulnerabilities in multiple products. These vulnerabilities include three high-risk ones: CVE-2020-3531, CVE-2020-3586, and CVE-2020-3470. Reference link:

Overview On November 19, 2020 (Beijing time), Drupal released a security advisory that fixes a remote code execution vulnerability (CVE-2020-13671). Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain […]

Overview Recently, XStream released a security advisory that fixes a remote code execution vulnerability (CVE-2020-26217). The vulnerability may allow a remote attacker to execute arbitrary code by sending crafted requests to the web application that uses XStream and thereby taking control of the target server. XStream is a commonly used tool for converting between Java […]

Introduction This chapter analyzes IoT threats from the perspective of vulnerabilities. We first analyze the change trends of IoT vulnerabilities and exploits 1 in the NVD and Exploit Database (Exploit-DB) in 2019 and then IoT exploits captured by NSFOCUS’s threat hunting system. The following dwells upon some representative exploits.

Chapter 1. Brief on the risk In phishing email attacks worldwide, Covid-19 is still an important topic. With the increasing availability of epidemic prevention material supplies in various countries and the transparency of news channels, attackers have begun to look for “hot issues” from other perspectives that may attract people’s attention. With the impact of […]

Heuristic Recon via the Dual-Stack UPnP Service In addition to the recon of IPv6 addresses based on their characteristics, we can also use UPnP to detect IoT assets by referring to the method described in a blog post 28 from Cisco Talos Labs. Principle UPnP is a set of protocols designed to achieve interconnectivity between […]

Overview On November 10, 2020 local time, Microsoft fixed two vulnerabilities in the Windows Network File System (NFS) in its monthly security updates, which are CVE-2020-17051 and CVE-2020-17056. CVE-2020-17051 is a remote code execution vulnerability on the nfssvr.sys driver. It is said that the vulnerability can be reproduced to cause an immediate BSOD (Blue Screen […]

Heuristic Recon of IPv6 Addresses Based on Their Characteristics Previously, we mentioned that IPv6 addresses, when assigned, can, for example, include random values in particular bytes or embed MAC addresses. With these facts in mind, we exercised some restrictions to narrow down the address space to be scanned. Specifically, we employed the following approaches to […]

Overview   Microsoft released November 2020 security updates on Tuesday which fix 112 vulnerabilities ranging from simple spoofing attacks to remote code execution, including 17 critical vulnerabilities, 93 important vulnerabilities, and two low vulnerabilities. All users are advised to install updates without delay. These vulnerabilities affect Azure DevOps, Azure Sphere, Common Log File System Driver, Microsoft […]

Overview On November 11, 2020 (local time), Adobe released security updates which address multiple vulnerabilities in Adobe Connect and Adobe Reader Mobile.