Multiple vulnerabilities in Microsoft .NET Framework and ASP.NET



Published: 2018-07-10
Risk High
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2018-8284
CVE-2018-8260
CVE-2018-8202
CVE-2018-8356
CVE-2018-8171
CWE-ID CWE-20
CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Microsoft .NET Framework
Server applications / Frameworks for developing and running applications

ASP.NET Core MVC
Universal components / Libraries / Software for developers

ASP.NET Web Pages
Universal components / Libraries / Software for developers

ASP.NET MVC
Universal components / Libraries / Software for developers

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Improper input validation

EUVDB-ID: #VU13766

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8284

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation by the Microsoft .NET Framework. A remote unauthenticated attacker can pass specific input to an application utilizing susceptible .Net methods, inject and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft .NET Framework: 2.0 - 4.7.2

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

EUVDB-ID: #VU13767

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8260

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper checking of the source markup of a file. A remote unauthenticated attacker can trick the victim into opening a specially crafted file with an affected version of .NET, inject and run arbitrary code in the context of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft .NET Framework: 4.7.2

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Privilege escalation

EUVDB-ID: #VU13768

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8202

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to improper activation of COM objects by .NET Framework. A local attacker can run a malicious program and gain elevated privileges to conduct further attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft .NET Framework: 2.0 - 4.7.2

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Security restrictions bypass

EUVDB-ID: #VU13769

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8356

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to  improper validation of certificates by .NET Framework components. A remote unauthenticated attacker can present expired certificates when challenged and bypass security restrictions to conduct further attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft .NET Framework: 3.0 - 4.7.2

ASP.NET Core MVC: 1.0.0 - 2.0

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security restrictions bypass

EUVDB-ID: #VU13773

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8171

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists in ASP.NET due to the number of incorrect login attempts is not validated. A remote unauthenticated attacker can try an infinite number of authentication attempts and bypass security restrictions to conduct further attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ASP.NET Core MVC: 1.0.0 - 2.0

ASP.NET Web Pages: 3.2.3

ASP.NET MVC: 5.2

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###