Skip to main content

Fix now: High risk vulnerabilities at large, May 2020

Fix now: High risk vulnerabilities at large, May 2020

12.May.2020
Simon Roe, Product Manager Outpost24
In the world of vulnerabilities, we have seen a few interesting ones released in the last couple of weeks since our last Farsight risk based vulnerability management blog. Various countries cyber security departments are warning citizen’s and business of the increase in phishing attack targeting people’s natural curiosity and fear surrounding COVID-19.
high risk vulnerabilities

Netgear

Following the last blog in April on high risk CVEs we are seeing more home router problems, with Netgear once again being the targets of hacker interest!

CVE Product CVSSv3 likelihood
CVE-2017-18774 Certain Netgear devices 7.1 38.46
CVE-2017-18771 Certain Netgear devices 5.2 38.46
CVE-2017-18760 Certain Netgear devices 5.6 38.46
CVE-2017- 18753 Certain Netgear devices 8.2 24.34

The affected Netgear product list is fairly large, and so, for any of you concerned your staff may be running affected devices take a look at the Netgear KB articles and as with last week to ensure those working from home apply the latest firmware (if they haven’t already been covered through previous recommendations)

Saltstack

Now let’s focus on a couple of recent newsworthy vulnerabilities, the recent Saltstack Salt vulnerabilities that are making the rounds in the media.

CVE Product CVSSv3 likelihood
CVE-2020-11651 Saltstack Salt (before 2019.2.4 and 3000 before 3000.2.) TBD 15.85
CVE-2020-11652 Saltstack Salt (before 2019.2.4 and 3000 before 3000.2.) TBD 5.15

At time of writing (6th May 2020) neither of these vulnerabilities had received a CVSS 3.1 score from NVD. There are several claims suggesting threat actors are currently scanning the internet for unpatched vulnerable systems, with lineageOS being one such targeted OS. As you can see from the likelihood scores, these are trending as likely to be exploited and we expect these values to increase quickly over the coming days as these claims are ratified in the hacking community. The message to readers is to patch affected systems now. Head over to here to grab the release notes and the patch.

Wordpress

CVE Product CVSSv3 likelihood
CVE-2020-11029 Wordpress before 5.4.1 4.9 38.46

This is a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. Affecting most versions before 5.4.1 a minor update has been pushed to address a large list of older versions. It’s strongly recommended that you keep auto updates enabled on your word press sites to allow these minor updates to be installed to keep your websites protected.

Martin Jartelius, our CSO at Outpost24, commented in SC Media UK this week – “depending on your preferred risk you can opt to use this and be kept safe from most attacks that follow a security fix, but this choice comes with the potential impact of a possible downtime should parts of your site not be compatible with an update. For most organisations, using the automatic update feature is advised, and using something else than WordPress may be advisable for sites where the potential downtime is not acceptable. In this specific case, any organisation who applied automatic security fixes were patched well in advance of any wider exploitation.”

Mobile devices not immune

We often focus on PC or server infrastructure and ignore the fact that mobile devices can also be affected by vulnerabilities. (see our Internet of Evil Things report if you want to explore more). After more than a billion Android devices are found to be at risk of being hacked last month here’s another vulnerability for Apple devices.

CVE Product CVSSv3 likelihood
CVE-2020-3878 IOS platforms 7.8 38.46

Affecting several IOS platform this vulnerability can allow a maliciously crafted image to lead to arbitrary code execution. Patched in IOS 13.3.1. WatchOS6.1.2 Catalina 10.15.3 and tvOS 13.3.1. A reminder to ensure all your IOS devices are kept up to date with automatic updates where possible.

RSA Archer

For our customers (and readers of this blog) who are using RSA Archer GRC platform, no less than seven (7) new vulnerabilities have been announced recently affecting versions prior to 6.7 P3 (6.7.0.3). The platform consolidates risk data from organizations and leverages risk analytics to provide an integrated and comprehensive picture of risk, which many businesses are using right now to manage their organizatinal risk during the global health crisis.

CVE Product CVSSv3 likelihood
CVE-2020-5337 RSA Archer prior to 6.7 P3 4.6 4.07
CVE-2020-5336 RSA Archer prior to 6.7 P3 4.6 10.73
CVE-2020-5335 RSA Archer prior to 6.7 P3 5.0 7.79
CVE-2020-5333 RSA Archer prior to 6.7 P3 4.3 10.85
CVE-2020-5334 RSA Archer prior to 6.7 P 8.2 6.38
CVE-2020-5331 RSA Archer prior to 6.7 P3 8.8 10.91
CVE-2020-5332 RSA Archer prior to 6.7 P3 7.2 2.89

All of these vulnerabilities are trending above the average (1.0) and whilst no exploits exist currently, we suggest organizations using Archer to get ahead of any potential threats and patch as soon as possible.

Wrap up

As cyber security professionals are having extra pressures placed on them to help secure remote workforce, and threat actors continue to leverage the Covid-19 mayhem to send phishing attacks , focusing on vulnerabilities that will likely be exploited allows a more pragmatic, and aggressive risk strategy to keep you business safe. We hope these vulnerabilities, a small handful of interesting ones that caught our eye, help you to better understand how risk based vulnerability prioritization can play a significant part in more efficient use of those stretched resources when it comes to remediating vulnerabilities that will truly be a risk.

SUBSCRIBE TO OUR EMAIL

Looking for anything in particular?

Type your search word here