+44 (0)203 88 020 88

Menu

Search

Cyber Security News & Articles

 

Cyber Security
News & Articles

Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic

The Top 10 vulnerabilities being exploited today

The NSA (National Security Agency) recently published a security advisory about the publicly known vulnerabilities currently being exploited by Chinese state-sponsored actors. While this security advisory is focused on the activities of state-sponsored actors, it does show the threats and vulnerabilities considered most useful for exploitation. Taking a quick look at the list could provide you with some valuable information on what your security team need to be defending against right now.

All these vulnerabilities have patches available to mitigate or resolve them, demonstrating again the importance of regular security patching.

1.   Pulse Secure VPN

Now, more than ever, VPNs are being used in more businesses to facilitate remote working, so a VPN vulnerability like this one needs to be taken seriously by your security managers. Detailed  information on this vulnerability along with some third party advisories can be found here.

CVE-2019-11510 can be exploited by simply sending a maliciously crafted URI to perform an unauthenticated arbitrary file reading. This vulnerability could be used to steal keys or passwords and has been given the top CVSS score of 10.0 Critical.

This vulnerability affects Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4.

2.   F5 BIG-IP

CVE-2020-5902 has a vulnerability that can be exploited in the Traffic Management User Interface (TMUI) to perform a remote code execution. Anytime arbitrary code can be run, the consequences can be incredibly serious – in the words of F5’s security advisory:

All information present on an infiltrated system should be considered compromised. This includes, but is not limited to, logs, configurations, credentials, and digital certificates.

This vulnerability has been given a CVSS score of 9.8 Critical. More information on this vulnerability can be found here

This vulnerability affects BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1.

3.   Citrix Application Delivery Controller (ADC) and Gateway

A vulnerability inside of Citrix Application Delivery controller and Gateway systems allows for traversal of directories and remote code execution.

CVE-2019-19781 opens the door for attackers to perform remote code execution on these systems which could allow for total takeovers of the systems to occur. The vulnerability holds a 9.8 Critical CVSS score.

CVE-2019-19781 affects Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.

4,5 and 6. More Citrix ADC and Gateway vulnerabilities

3 more vulnerabilities inside of Citrix Application Delivery Controller and Gateway systems are present on this NSA list, meaning they are commonly utilised and exploited by Chinese state-sponsored actors, along with many other cyber criminals. These three vulnerabilities share characteristics, vulnerable versions, and are used together so they appear together in the NSAs advisory.

CVE-2020-8193, CVE-2020-8195 and CVE-2020-8196 are bugs that can allow for unauthenticated access to URL endpoints and allow low privileged users access to privileged information through information disclosure. Any vulnerability that is being actively exploited requires immediate attention from your security team, and luckily, these three, like all others on this list, have patches available right now that can fix or mitigate them. The vulnerabilities have a 6.5 Medium and 4.3 Medium CVSS scores.

These three vulnerabilities affect Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7

7. Bluekeep (Remote Desktop Services)

Bluekeep is a vulnerability in Remote Desktop services that allows unauthenticated attacker the ability to connect to systems using RDP and send specially crafted requests. We published an article about Bluekeep back in May of 2019, yet over a year after Microsoft published patches to remediate the problem there are enough unpatched systems still around for Bluekeep to make it into this top 10 list.

CVE-2019-0708 allows attackers to perform remote code execution on victim systems via connecting to the machine with RDP and then sending specially crafted requests. More information on the vulnerability can be found here. Bluekeep has a CVSS score of 9.8 Critical.

Bluekeep affects Microsoft Windows®11 XP – 7, Microsoft Windows Server®12 2003 – 2008, and while you may have been mitigating this vulnerability previously through disabling RDP, if RDP has been re-enabled to facilitate remote working, make sure that your security team are on top of patching this vulnerability.

8. MobileIron MDM (Mobile Device Management)

MobileIron’s Mobile Device Management Software is used to manage, monitor and secure mobile devices that are required to access business critical information. While it is used to secure devices the MDM software contains a remote code execution vulnerability that can allow for attackers to execute arbitrary code.

CVE-2020-15505 allows attackers to run arbitrary code on company systems and could allow for remote takeovers of company servers. This vulnerability has a CVSS score of 9.8 Critical and should be patched immediately if your business uses MobileIron’s MDM software. More information can be found here.

CVE-2020-15505 affects MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier.

9. Windows Domain Name System

Windows Domain Name Systems contains a vulnerability that has be coined SIGRed. This vulnerability allows for remote code execution to be completed when the server does not correctly handle requests.

CVE-2020-1350 allows attackers to run arbitrary code on Windows DNS servers when they do not correctly handle requests. With the highest possible CVSS score of 10.0 Critical, it is imperative that the latest patches be applied to your Windows DNS sever as soon as possible. More information, along with links to advisories and patches can be found here.

CVE-2020-1350 affects Microsoft Windows Server® 2008 – 2019.

10. Netlogon

Netlogon is a windows service that authenticates users and is used in the Windows Client Authentication Architecture. Netlogon is present as standard and runs in the background if not explicitly disabled by the system administrator so a vulnerability in this service is incredibly far reaching.

CVE-2020-1472 is a privilege escalation vulnerability that could allow attackers access to sensitive information or privileges. It works through establishing a secure channel connection to a domain controller utilising the Netlogon remote protocol (MS-NRPC). This vulnerability has a CVSS score of 10.0 Critical, and should be at the top of any security teams list for immediate patches. More information on this vulnerability can be found here.

CVE-2020-1472 affects Microsoft Windows Server® 2008 – 2019.

 

How you can protect your network from these vulnerabilities

  1. Adopting a monthly security patching cycle is the cornerstone of effective cyber-security.  All these vulnerabilities have had patches available for many months which resolve the flaws.
  2. Running regular vulnerability scans will help identify any device on your network that has not been patched.
  3. Performing security hardening will make it harder for malicious users to identify and exploit any unpatched vulnerabilities on your network.

 

 

Subscribe to our monthly newsletter today

If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter. 

We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.

Why Choose SecureTeam?

Customer Testimonials

“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”

Aim Ltd Chief Technology Officer (CTO)

"Within a very tight timescale, SecureTeam managed to deliver a highly professional service efficiently. The team helped the process with regular updates and escalation where necessary. Would highly recommend"

IoT Solutions Group Limited Chief Technology Officer (CTO) & Founder

“First class service as ever. We learn something new each year! Thank you to all your team.”

Royal Haskoning DHV Service Delivery Manager

“We’ve worked with SecureTeam for a few years to conduct our testing. The team make it easy to deal with them; they are attentive and explain detailed reports in a jargon-free way that allows the less technical people to understand. I wouldn’t work with anyone else for our cyber security.”

Capital Asset Management Head of Operations

“SecureTeam provided Derbyshire's Education Data Hub with an approachable and professional service to ensure our schools were able to successfully certify for Cyber Essentials. The team provided a smooth end-to-end service and were always on hand to offer advice when necessary.”

Derbyshire County Council Team Manager Education Data Hub

“A very efficient, professional, and friendly delivery of our testing and the results. You delivered exactly what we asked for in the timeframe we needed it, while maintaining quality and integrity. A great job, done well.”

AMX Solutions IT Project Officer

“We were very pleased with the work and report provided. It was easy to translate the provided details into some actionable tasks on our end so that was great. We always appreciate the ongoing support.”

Innovez Ltd Support Officer

Get in touch today

If you’d like to see how SecureTeam can take your cybersecurity posture to the next level, we’d love to hear from you, learn about your requirements and then send you a free quotation for our services.

Our customers love our fast-turnaround, “no-nonsense” quotations – not to mention that we hate high-pressure sales tactics as much as you do.

We know that every organisation is unique, so our detailed scoping process ensures that we provide you with an accurate quotation for our services, which we trust you’ll find highly competitive.

Get in touch with us today and a member of our team will be in touch to provide you with a quotation. 

0

No products in the basket.

No products in the basket.