CISA All NCAS Products

Vulnerability Summary for the Week of November 9, 2020

Read the original article: Vulnerability Summary for the Week of November 9, 2020

Original release date: November 16, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product		DescriptionPublishedCVSS ScoreSource & Patch Info
bbraun — onlinesuite_application_packageA relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.2020-11-067.5CVE-2020-25172
MISC
google — androidIn btm_sec_disconnected of btm_sec.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution in the Bluetooth server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-1624971432020-11-109.3CVE-2020-0449
MISC
google — androidIn sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9 Android-8.0 Android-8.1Android ID: A-1587628252020-11-109.3CVE-2020-0451
MISC
google — androidIn Message and toBundle of Notification.java, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service requiring a device reset to fix with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1583042952020-11-107.8CVE-2020-0441
MISC
google — androidIn Message and toBundle of Notification.java, there is a possible UI slowdown or crash due to improper input validation. This could lead to remote denial of service if a malicious contact file is received, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-1473580922020-11-107.8CVE-2020-0442
MISC
google — androidThere is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-1682645272020-11-107.5CVE-2020-0445
MISC
google — androidThere is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-1682645282020-11-107.5CVE-2020-0446
MISC
google — androidThere is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-1682516172020-11-107.5CVE-2020-0447
MISC
google — androidIn exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-1596257312020-11-107.5CVE-2020-0452
FEDORA
MISC
google — androidAn issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020).2020-11-087.5CVE-2020-28340
MISC
ibm — filenet_content_managerIBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.2020-11-099.3CVE-2020-4759
XF
CONFIRM
linuxfoundation — nats-serverThe JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.2020-11-067.5CVE-2020-26892
MISC
CONFIRM
magento — magentoMagento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components.2020-11-099CVE-2020-24407
MISC
sap — netweaver_application_server_javaSAP NetWeaver AS JAVA, versions – 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate mechanism to execute OS commands through the uploaded file leading to Privilege Escalation and completely compromise the confidentiality, integrity and availability of the server operating system and any application running on it.2020-11-109CVE-2020-26820
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product		DescriptionPublishedCVSS ScoreSource & Patch Info
bbraun — onlinesuite_application_packageA DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user.2020-11-066.9CVE-2020-25174
MISC
bbraun — onlinesuite_application_packageAn Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.2020-11-066.8CVE-2020-25170
[…]

Read the original article: Vulnerability Summary for the Week of November 9, 2020

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!