22 January 2021

Vulnerability summary for the week: January 22, 2021


Vulnerability summary for the week: January 22, 2021

Here’s our latest overview highlighting the most notable security vulnerabilities that made headlines this week. One such report describes seven flaws affecting a popular DNS caching proxy and DHCP server known as dnsmasq that pose a significant risk of widespread attacks.

The flaws, collectively dubbed DNSpooq, are believed to be impacting products from more than 40 IT vendors, including Cisco, Comcast, Google, Netgear, Red Hat, and Ubiquiti, and major Linux distributions. Three of the vulnerabilities are cache poisoning issues (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) while other four are buffer overflow bugs (CVE-2020-25687, CVE-2020-25683, CVE-2020-25682, CVE-2020-25681). The issue was addressed in Dnsmasq 2.83.

Oracle this week released its first cumulative set of security updates for 2021, which contains a total of 329 new patches, including those that address multiple high risk vulnerabilities across such products as Oracle Utilities Framework, Oracle ZFS Storage Appliance Kit, Oracle Retail Merchandising System, Oracle Retail Sales Audit, Oracle Retail Order Broker, MySQL Workbench, MySQL Server, and others.

The January 2021 CPU also includes fixes for CVE-2020-14750, an exploited vulnerability in WebLogic Server, which Oracle addressed with the release of an out-of-band update on November 1, 2020.

Cisco has warned its customers of multiple dangerous flaws in its software-defined networking for wide-area networks (SD-WAN) solutions for business users and Cisco Smart Software Manager On-Prem software.

One of the bugs (CVE-2021-1300) is a buffer-overflow flaw, which stems from incorrect handling of IP traffic; an attacker could exploit the flaw by sending crafted IP traffic through an affected device, which may cause a buffer overflow when the traffic is processed. As a result, a remote attacker can execute arbitrary code on the target system. The flaw affects the following software releases: IOS XE SD-WAN Software, SD-WAN vBond Orchestrator Software, SD-WAN vEdge Cloud Routers, SD-WAN vEdge Routers, SD-WAN vManage Software and SD-WAN vSmart Controller Software.

Three high risk flaws were found in Cisco Smart Software Manager On-Prem (CVE-2021-1138, CVE-2021-1140, CVE-2021-1142) that could allow an unauthenticated, remote attacker to execute arbitrary commands as a high-privileged user on an affected device.

Maintainers behind VLC media player released version 3.0.12 to address multiple serious issues, including CVE-2020-26664 that could be abused either to trigger a crash of VLC or an arbitrary code execution with the privileges of the target user by tricking the victim into opening a malicious file.

Also, multiple high risk vulnerabilities were reported in Eclipse OpenJ9 (CVE-2020-27221), PeopleSoft Enterprise PeopleTools (CVE-2021-2071), Archive_Tar (CVE-2020-36193), and Hyperion Infrastructure Technology (CVE-2019-12415, CVE-2020-11984). If exploited, these flaws could allow a malicious actor to compromise the affected system, or access sensitive data.

Back to the list

Latest Posts

Vulnerability summary for the week: March 5, 2021

Vulnerability summary for the week: March 5, 2021

A weekly vulnerability digest.
5 March 2021
Microsoft shares details on three new malware strains used in SolarWinds hack

Microsoft shares details on three new malware strains used in SolarWinds hack

GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
5 March 2021
Four notorious cybercrime forums hacked

Four notorious cybercrime forums hacked

The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
5 March 2021