26 February 2021

Vulnerability summary for the week: February 26, 2021


Vulnerability summary for the week: February 26, 2021

Security vulnerabilities often provide a way for hackers to compromise computer systems for malicious purposes, and that is why it’s important to keep an eye on fresh bugs discovered in various software and hardware solutions. So here is our latest overview covering multiple vulnerabilities affecting Mozilla Firefox, Cisco’s network gear, and other products.

The Mozilla Foundation has released Firefox 86, which comes with a slew of security vulnerability fixes, including a couple of high-risk flaws (CVE-2021-23978, CVE-2021-23979) that could be exploited for remote code execution.

The latest version of Firefox also offers new privacy protections in the form of a feature called Total Cookie Protection. It works by maintaining a separate “cookie jar” for each website a user visits. Any time a website, or third-party content embedded in a website, deposits a cookie in the browser, that cookie is confined to the cookie jar assigned to that website, such that it is not allowed to be shared with any other website.

Mozilla also released updates for its Thunderbird free email application that address four vulnerabilities, including a bug (CVE-2021-23978), which allows a remote attacker to execute arbitrary code on the target system using a malicious webpage. Other flaws could be used to gain access to sensitive data, or to bypass implemented security restrictions.

Cisco this week released patches for a number of vulnerabilities affecting multiple products, including three dangerous bugs impacting its ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software, namely CVE-2021-1388, CVE-2021-1361, and CVE-2021-1393. The first one is a privilege escalation bug in ACI Multi-Site Orchestrator that allows a remote attacker to obtain a token with administrator-level privileges using a specially crafted request. Other two bugs affect Cisco NX-OS and Cisco Application Services Engine respectively, and could be used for system takeover.

Rockwell Automation FactoryTalk Services Platform contains a vulnerability (CVE-2020-14516), which lets a remote, unauthenticated attacker to create new users in the FactoryTalk Services Platform administration console. The issue is related to usage of password hash with insufficient computational effort. It impacts FactoryTalk Services Platform versions 6.10.00 and 6.11.00.

A severe vulnerability (CVE-2021-22667) has been found in Advantech BB-ESWGP506-2SFP-T industrial ethernet switches. The issue stems from presence of hard-coded credentials in application code. By taking advantage of this flaw, a remote hacker can gain unauthorized access to sensitive information and execute arbitrary code. BB-ESWGP506-2SFP-T appliances versions 1.01.09 and prior are known to be affected. Note, a patch for this bug has yet to be released.

Back to the list

Latest Posts

Chinese hackers reportedly behind hundreds cyber attacks in Japan

Chinese hackers reportedly behind hundreds cyber attacks in Japan

The attacks targeted nearly 200 companies and organizations in Japan, including the country's space agency and defence firms.
20 April 2021
Lazarus APT has found a clever way to conceal its malicious code

Lazarus APT has found a clever way to conceal its malicious code

The hacker group is now using BMP images to drop its RAT.
20 April 2021
Reuters: Hundreds of customer networks breached in Codecov supply-chain attack

Reuters: Hundreds of customer networks breached in Codecov supply-chain attack

Hackers have used Bash Uploader to gain access to hundreds of networks belonging to the company’s customers.
20 April 2021