DotCMS Remote Code Execution Vulnerability (10.0 Critical)
Description: A Remote Code Execution (RCE) vulnerability exists within DotCMS v5.2.3. An RCE attack involves an attacker executing code from an external location without, technically, physically operating on the compromised device. In DotCMS’ situation, an attacker is able to specially craft a HTTP POST request, through the exploitation of a URI, and execute arbitrary remote commands to gain information about the target system directory structure and more.
Likelihood: High – This vulnerability could enable an attacker to generate a ‘reverse shell’ which would mean that they’d be able to gain access to systems from a completely different location. Furthermore, attackers are able to exploit this vulnerability without authentication, increasing the risk/reward ratio.
Recommendation: A URI filter can be implemented to check whether there are any additional unwanted parameters in the URI. This will aid in preventing attackers from tagging on these commands to the POST request.
Mac OSX Arbitrary Code Execution Vulnerability (10.0 Critical)
Description: An arbitrary code execution vulnerability exists within Mac OSX Big Sur 11.3. Arbitrary code execution involves the exploitation of flaws within applications that can be used to execute code to generate a malicious outcome on the compromised device or retrieve sensitive information. In Apple’s case, an attacker could compromise a Big Sur 11.3 device by exploiting wifi functionalities.
Likelihood: High – Apple is a major target for attackers as it is one of the most widely used devices in the world. The attack surface for such an attack is enormous and the reward is high for attackers, as they can attack both business and personal devices to gather sensitive information about a company or individual target.
Recommendation: A patch for this vulnerability has been released by Apple and can be applied by updating Mac OSX with the latest Security Update.
Adobe Illustrator Memory Corruption Vulnerability (9.3 Critical)
Description: A memory corruption vulnerability exists within Adobe Illustrator version 25.2 and earlier. This type of vulnerability affects the way in which application data is stored in memory and can be used to alter the amount of memory being used for that application and can enable the allocation of memory for unwanted software to be executed. In Adobe’s instance, a specially crafted file can be uploaded and executed to run arbitrary code on the target device, leading to the disclosure of sensitive memory related information.
Likelihood: Medium – Although this vulnerability holds a great prize for attackers, being the retrieval of sensitive memory based information, attackers still have to physically open and upload the file on the target device, which increases its difficulty and risk as an attacker would need to successfully social engineer or get control of the device through other mechanisms, before exploitation.
Recommendation: Adobe has released a patch for this vulnerability which involves updating to the latest version of Adobe Illustrator, which can be found on their website or by updating your current installation.