Here’s our latest overview of the most significant vulnerabilities made public this week, one of which made headlines all over the world.
The issue in question is a vulnerability in the SolarWinds Orion platform that allowed threat actors to deploy malicious Orion updates containing a backdoor called Sunburst (or Solarigate) in a wide-spread supply chain attack that affected multiple US government agencies and private-sector firms, including Microsoft and FireEye.
The vulnerability impacts Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1.
Apple released a bunch of updates for its iOS, iPadOS, macOS and WatchOS operating systems to patch a handful of serious security vulnerabilities, including those that allow a remote attacker to compromise vulnerable system. The tech giant also patched a remote execution flaw in Apple Safari (CVE-2020-15969) using which a hacker could execute code on the system by tricking a user into visiting a malicious web page.
Bouncy Castle, a popular open-source cryptography library, contains a severe vulnerability (CVE-2020-28052), which, when exploited, lets an attacker to brute-force password hashes. The vulnerability exists due to comparison error in OpenBSDBCrypt.checkPassword() function in core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java when matching passwords with hashes. A remote attacker can pass an incorrect password that will be accepted as a valid one by the library, bypass authentication process and gain unauthorized access to the application that uses vulnerable version of Bouncy Castle. Bouncy Castle versions 1.65, 1.66 are affected. The flaw was patched in versions 1.67 and above.
Multiple vulnerabilities have been reported in Mozilla Firefox, Firefox ESR, and Mozilla Thunderbird, with five of them allowing remote code execution (CVE-2020-26971, CVE-2020-26972, CVE-2020-26974, CVE-2020-35113, CVE-2020-35114). Other bugs are deemed less severe and could be exploited to bypass certain security restrictions (CVE-2020-16042), or gain access to the important data (CVE-2020-35111).
D-Link DSL-2888A home broadband routers are plagued by multiple serious vulnerabilities, including incorrect session management (CVE-2020-24579), hidden functionality (CVE-2020-24581), information disclosure (CVE-2020-24577), FTP misconfiguration (CVE-2020-24578), and improper authentication (CVE-2020-24580), which could be used by a remote hacker to bypass authentication process, gain unauthorized access to the device and potentially sensitive information, escalate their privileges on the device, or execute arbitrary OS commands. DSL-2888A software versions 2.00, 2.12, 2.29 are said to be impacted.
A high-risk vulnerability (CVE-2020-29563) was found in Western Digital My Cloud OS up to 5.07, which allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing authentication requests within the mod_rewrite module. A remote attacker can bypass authentication process and gain unauthorized access to the application.