The WebKitGTK and WPE WebKit team released updates to address several flaws in the server applications, four of which (CVE-2020-9948, CVE-2020-9951, CVE-2020-9983, CVE-2020-13584) are use-after-free, out-of-bounds-write, and type confusion vulnerabilities that can lead to remote code execution. The remaining vulnerability (CVE-2020-9952) is a cross-site scripting bug, which exists due to insufficient sanitization of user-supplied data in WebKit component in Apple Safari.
cPanel released patches to fix three vulnerabilities in cPanel & WebHost Manager (WHM), including one leading to two-factor authentication bypass. The 2FA bypass issue could allow attackers to perform brute-force attacks on cPanel & WHM. The issue affects cPanel & WHM builds before 184.108.40.206, 220.127.116.11, 18.104.22.168.
A couple of vulnerabilities were found in Intel AMT and ISM up to 14.0.45, 12.0.70, 11.22.80, 11.12.80, 11.8.80. Out-of-bounds write (CVE-2020-8754) in subsystem for Intel AMT, Intel ISM may allow a remote user to trigger out-of-bounds write and execute arbitrary code on the target system with elevated privileges. The second vulnerability (CVE-2020-8753) is rated as medium risk and could be exploited to gain access to sensitive data.
A high risk flaw was discovered in Zyxel firewalls and access points, which, if exploited, could allow a remote attacker to take over the system. The flaw impacts the following software versions:
VPN series: 4.30, 4.55, before 4.39 week38, 10.03 patch 1
USG series: 4.30, 4.55, before 4.39 week38
USG FLEX series: 4.30, 4.55, before 4.55 week38
Unified Pro series: before 6.10 patch 8
Unified series: before 6.10 patch 8
Standalone series: before 6.10 patch 8
The Drupal team patched two remote code execution bugs (CVE-2020-28949, CVE-2020-28948). The first one exists due to improper sanitization of the user-supplied input when processing URI handlers in filenames, while the latter stems from insecure input validation when processing serialized data, related to case sensitivity issues (e.g. "phar:" protocol is blocked, however "PHAR:" is not).
Systems running Windows 7 and Server 2008 R2 are vulnerable to a local privilege escalation issue related to incorrect permissions set for two registry keys for the RPC Endpoint Mapper and DNSCache services. A local user can modify keys and leverage behavior of other system services to load a malicious DLL and execute arbitrary code with SYSTEM privileges. The vulnerability affects Windows versions 7, 7 SP1, and Windows Server 2008, 2008 R2, 2008 R2 SP1, 2008 SP2.
Red Hat OpenShift Container Platform contains more than a dozen vulnerabilities, the most notable of which is CVE-2020-15999. The flaw affects Red Hat OpenShift Container Platform releases before 4.5.20 and allows a remote attacker to take control over the vulnerable system. Note, this vulnerability is being exploited in the wild.
A command injection vulnerability (CVE-2020-11830) was found in OPPO QualityProtect 2.0 solution, which allows a remote attacker to execute arbitrary shell commands on the target system. The vulnerability exists due to improper input validation in com.oppo.qualityprotect. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system. Additionally, OPPO OvoiceManager and OPPO com.coloros.codebook contain high risk flaws (CVE-2020-11831, CVE-2020-11829 accordingly), using which a remote attacker can elevate their privileges on the system.