Here is a short overview of the most important security vulnerabilities that came to light this week, including flaws in Google Chrome, Mozilla Firefox, Cisco software, and more.
Google addressed more than two dozen vulnerabilities in Chrome, with nearly half of them rated as high security risk (CVE-2020-16023, CVE-2020-16034, CVE-2020-16029, CVE-2020-16025, CVE-2020-16024, CVE-2020-16014, CVE-2020-16022, CVE-2020-16021, CVE-2020-16018). These bugs reside in various Chrome components and could be used for remote code execution. This said, users are strongly advised to apply the patch as soon as possible.
Several high risk and critical vulnerabilities were fixed in Mozilla Firefox for Android. These include CVE-2020-15999, CVE-2020-26952, CVE-2020-26968, CVE-2020-26969, and CVE-2020-26960. In addition, Mozilla patched numerous less important bugs that allowed a remote attacker to introduce an unexpected behavior, gain access to potentially sensitive information, or perform a DNS rebinding attack (CVE-2020-26961).
Mozilla Thunderbird also received a patch for a number of dangerous bugs (CVE-2020-26960, CVE-2020-15999, CVE-2020-26968) that could be exploited for remote code execution.
Cisco disclosed this week a critical security flaw affecting its Cisco Security Manager software. The vulnerability is a path-traversal issue (CVE-2020-27130), which could allow a remote attacker without credentials to download files from an affected device. The flaw affects Cisco Security Manager releases 4.21 and earlier, the issue is fixed in Cisco Security Manager Release 4.22.
But that is not the only flaw, which plagues Cisco Security Manager. The software contains yet two more serious bugs, one of which (CVE-2020-27131) stems from insecure deserialization of user-supplied content by the affected software, and the other (CVE-2020-27125) exists due to presence of hard-coded credentials in application code, which means an attacker can use these credentials to access the affected system.
Besides above mentioned vulnerabilities, Cisco fixed a slew of severe bugs in Cisco DNA Spaces Connector (CVE-2020-3586), Cisco Integrated Management Controller (CVE-2020-3470), Cisco IoT Field Network Director, and Cisco Webex Meetings and Cisco Webex Meetings Server (CVE-2020-3441, CVE-2020-3471, CVE-2020-3419). In case of CVE-2020-3419, the vulnerability could be used to covertly join Webex meetings.
A stack overflow vulnerability was discovered in Real Time Automation 499ES ENIP stack (CVE-2020-25159). The vulnerability exists due to a boundary error. A remote unauthenticated attacker can send a specially crafted packet, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Security device maker Paradox disclosed a critical bug (CVE-2020-25189) impacting its IP150 Internet Module, which allows a remote unauthenticated attacker trigger stack-based buffer overflow and execute arbitrary code on the target system.
The Drupal team released a patch to address a high risk vulnerability (CVE-2020-13671) related to failure to properly sanitize the names of uploaded files, which can be used by a remote attacker to upload a malicious PHP file and execute it on the server.
VMware released a security update for its SD-WAN Orchestrator, plugging multiple security vulnerabilities, including those that allow a remote user to execute arbitrary SQL queries in database (CVE-2020-3984), gain unauthorized access to restricted functionality (CVE-2020-3985), perform directory traversal attacks (CVE-2020-4000), or gain unauthorized access to the system (CVE-2020-4001).