F5 BIG-IP Remote Code Execution Exploit – CVE-2020-5902

When CyberOne began research into the vulnerability identified in the F5 TMUI RCE vulnerability advisory, we initially started by reading the advisory and mitigation steps, which contained minimal details but included key […]

Local Privilege Escalation Discovered in GlobalProtect App

Versions Tested: GlobalProtect App < 5.1.4 on Windows GlobalProtect App < 5.0.10 on Windows Product: https://www.paloaltonetworks.com/products/globalprotect Security Advisories: https://security.paloaltonetworks.com/CVE-2020-2032 CVE Numbers: CVE-2020-2032 CVSS Score: 7.0 CWE: CWE-367 Time-of-check Time-of-use (TOCTOU) […]

Local Privilege Escalation Discovered in VMware Fusion

Versions Tested: VMware Fusion 11.5.3 Products: https://www.vmware.com/products/fusion.html https://docs.vmware.com/en/VMware-Remote-Console/index.html https://docs.vmware.com/en/VMware-Horizon-Client/index.html Security Advisories: https://www.vmware.com/security/advisories/VMSA-2020-0011.html CVE Number(s): CVE-2020-3957 CVSS Score: 7.3 CWE: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-424: Improper Protection of Alternate […]

Hard-Coded Administrator Password Discovered in OpsRamp Gateway

Version Tested: 3.0.0 Product: https://www.opsramp.com/ CVE Numbers: CVE-2020-11543 CVSS Score: 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CWE: CWE-798: Use of Hard-coded Credentials OWASP: https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password Summary: During a recent penetration test, CyberOne’s researchers discovered that […]

Vulnerabilities Discovered in CIPAce Enterprise Platform

Versions Tested: CIPAce Version < 6.80 Build 2016031401 CIPAce Version < 9.1 Build 2019092801 Product: https://www.cipplanner.com/Products/CIPAce/Pages/CPMPlatform.aspx Security Advisories: N/A CVE Numbers: CVE-2020-11586 CVE-2020-11587 CVE-2020-11588 CVE-2020-11589 CVE-2020-11590 CVE-2020-11591 CVE-2020-11592 CVE-2020-11593 CVE-2020-11594 […]

Authentication Bypass Vulnerability Discovered in Infinias eIDC32 WebServer

Versions Tested: Web Revision: 1.107, Board: 3.001, Firmware: 2.213 Product: https://www.3xlogic.com/products/access-control/infinias-ethernet-enabled-integrated-door-controller-eidc Security Advisories: N/A CVE Numbers: CVE-2020-11542 CVSS Score: N/A CWE: CWE-305: Authentication Bypass by Primary Weakness NIST: IA-4: Identifier […]