This week’s post covers recent vulnerabilities found in various software, including Google Chrome, Adobe products, Cisco SD-WAN solution, Trend Micro antivirus solutions and more.
Multiple vulnerabilities in Google Chrome could allow for arbitrary code execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow an attacker to execute arbitrary code and compromise vulnerable system. The flaws can be exploited by tricking a user into visiting a specially crafted site. Details of the vulnerabilities are as follows:
-
Use after free in WebGL (CVE-2020-6422)
-
Use after free in media (CVE-2020-6424)
-
Insufficient policy enforcement in extensions (CVE-2020-6425)
-
Improper input validation (CVE-2020-6426)
-
Use after free (CVE-2020-6427, CVE-2020-6428, CVE-2020-6429)
-
Out of bounds read (CVE-2019-20503)
Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser, perform unauthorized actions, or cause denial-of-service conditions.
None of the above mentioned vulnerabilities have been spotted exploited in the wild.
Adobe patches multiple flaws in Photoshop, ColdFusion, Reader and Acrobat
Adobe has issued security updates that address more than 40 vulnerabilities across several products, including Photoshop, ColdFusion, Reader and Acrobat.
Photoshop contained the highest number of vulnerabilities with 22 CVEs listed with 16 considered high-severity issues due to buffer errors, out of bounds write, memory corruption and heap corruption that could lead to remote code execution.
Adobe ColdFusion has two vulnerabilities, one of which (CVE-2020-3794) allows a remote attacker to include and execute arbitrary PHP files on the system.
Adobe Reader and Acrobat contains 13 vulnerabilities, the most dangerous of which could allow an attacker execute code on a target system.
Trend Micro addresses two 0Days exploited in the wild
Antivirus vendor Trend Micro has released patches for several flaws in Worry-Free Business Security, Apex One and OfficeScan products, including two issues (CVE-2020-8467, CVE-2020-8468) that have been exploited in the wild.
The first bug affects migration tool component of Trend Micro Apex One and OfficeScan and allows to remotely execute arbitrary code on affected installations, and the later one is a content validation escape issue, which allows an authenticated attacker to “manipulate certain agent client components.”
Cisco fixes root privilege, command injection vulnerabilities in Cisco SD-WAN solutionCisco has addressed five security vulnerabilities in its Software-Defined WAN (SD-WAN) solution, two of which could allow an authenticated, local attacker to either gain root privileges on the underlying operating system or to execute arbitrary commands on the target system. Other flaws could be used by a remote attacker to execute arbitrary SQL queries in database or to perform cross-site scripting (XSS) attacks.
Multiple vulnerabilities in Drupal
The Drupal development team has released security updates for versions 8.8.x and 8.7.x that address several vulnerabilities, including two XSS flaws that affect the CKEditor library.
The most severe vulnerability exists due to usage of vulnerable Archive_Tar library and could allow a remote attacker to compromise vulnerable system. The updates also cover two flaws that could be exploited by a remote attacker to perform a denial of service attack, or to bypass imposed security restrictions.
Drupal 8 versions prior to 8.7.x have reached end-of-life and will not receive security updates.