SB2020111025 - Multiple vulnerabilities in Microsoft Azure Sphere
Published: November 10, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 15 vulnerabilities.
1) Code Injection (CVE-ID: CVE-2020-16970)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-16983)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an administator with physical access to escalate privileges on the system.
The vulnerability exists due to a tampering issue, which leads to security restrictions bypass and privilege escalation.
3) Code Injection (CVE-ID: CVE-2020-16994)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-16993)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an administrator with physical access to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-16992)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Clear
The vulnerability allows a local administrator to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
6) Code Injection (CVE-ID: CVE-2020-16991)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
7) Information disclosure (CVE-ID: CVE-2020-16990)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local attacker can gain unauthorized access to sensitive information on the system.
8) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-16989)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Clear
The vulnerability allows an administrator with physical access to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
9) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-16988)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Clear
The vulnerability allows an administrator with physical access to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
10) Code Injection (CVE-ID: CVE-2020-16987)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
11) Information disclosure (CVE-ID: CVE-2020-16985)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local attacker can gain unauthorized access to sensitive information on the system.
12) Input validation error (CVE-ID: CVE-2020-16986)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A local attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
13) Code Injection (CVE-ID: CVE-2020-16984)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Code Injection (CVE-ID: CVE-2020-16982)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. An administrator with physical access can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
15) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-16981)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions. An administrator with physical access can escalate privileges on the target system.
Remediation
Install update from vendor's website.
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16970
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16983
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16994
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16993
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16992
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16991
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16990
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16989
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16988
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16987
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16985
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16986
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16984
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16982
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16981