• Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Menu
  • Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Phone-alt Linkedin

Common Vulnerabilities & Exposures

Vulnerability 1:

DotCMS Remote Code Execution Vulnerability (10.0 Critical)

Description: A Remote Code Execution (RCE) vulnerability exists within DotCMS v5.2.3. An RCE attack involves an attacker executing code from an external location without, technically, physically operating on the compromised device. In DotCMS’ situation, an attacker is able to specially craft a HTTP POST request, through the exploitation of a URI, and execute arbitrary remote commands to gain information about the target system directory structure and more.

Likelihood: High – This vulnerability could enable an attacker to generate a ‘reverse shell’ which would mean that they’d be able to gain access to systems from a completely different location. Furthermore, attackers are able to exploit this vulnerability without authentication, increasing the risk/reward ratio.

Recommendation: A URI filter can be implemented to check whether there are any additional unwanted parameters in the URI. This will aid in preventing attackers from tagging on these commands to the POST request.

 

Vulnerability 2:

Mac OSX Arbitrary Code Execution Vulnerability (10.0 Critical)

Description: An arbitrary code execution vulnerability exists within Mac OSX Big Sur 11.3. Arbitrary code execution involves the exploitation of flaws within applications that can be used to execute code to generate a malicious outcome on the compromised device or retrieve sensitive information. In Apple’s case, an attacker could compromise a Big Sur 11.3 device by exploiting wifi functionalities.

Likelihood: High – Apple is a major target for attackers as it is one of the most widely used devices in the world. The attack surface for such an attack is enormous and the reward is high for attackers, as they can attack both business and personal devices to gather sensitive information about a company or individual target.

Recommendation: A patch for this vulnerability has been released by Apple and can be applied by updating Mac OSX with the latest Security Update.

 

Vulnerability 3:

Adobe Illustrator Memory Corruption Vulnerability (9.3 Critical)

Description: A memory corruption vulnerability exists within Adobe Illustrator version 25.2 and earlier. This type of vulnerability affects the way in which application data is stored in memory and can be used to alter the amount of memory being used for that application and can enable the allocation of memory for unwanted software to be executed. In Adobe’s instance, a specially crafted file can be uploaded and executed to run arbitrary code on the target device, leading to the disclosure of sensitive memory related information.

Likelihood: Medium – Although this vulnerability holds a great prize for attackers, being the retrieval of sensitive memory based information, attackers still have to physically open and upload the file on the target device, which increases its difficulty and risk as an attacker would need to successfully social engineer or get control of the device through other mechanisms, before exploitation.

Recommendation: Adobe has released a patch for this vulnerability which involves updating to the latest version of Adobe Illustrator, which can be found on their website or by updating your current installation.

Recent blog posts

Common Vulnerabilities and Exposures – October 2022

Read More »

Hacks – October 2022

Read More »

Protecting your data – The CIA Triad – Part One: Confidentiality

Read More »

Need help with this?

Enter your details below and one of our team will get in touch

Other Similar Articles

Partner Message Checkpoint Breakfast

Read More »

Ransomware A Real World Incident

Read More »

March 2022 Okta LAPSUS$ security incident

Read More »

Common Vulnerabilities and Exposures

Read More »
View all our blog articles
Linkedin
  • Insights
  • Contact Us
Menu
  • Insights
  • Contact Us

Our Office

Level 2, 157 Walker Street, North Sydney, NSW 2060

Call Us

(02) 9136 6066

Email Address

info@brace168.com