info[at]nsec.ir
(+۹۸)-۳۱-۳۳۹۱۵۳۳۶

آسیب‌پذیری‌های حیاتی هفته چهارم تیر‌ماه

 

این هفته چندین آسیب‌پذیری در یکی از مهم‌ترین محصولات شرکت Adobe یعنی َAdobe Acrobatگزارش شد. همچنین در مرورگر محبوب موزیلا فایرفاکس چندین آسیب‌پذیری خطرناک شناسایی شد. بیشتر آن که  محصولات شرکت‌های IBM، NVIDIA، McAfee، Huawei، Dell، سامسونگ و ... چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت که وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شده است.

لیست این آسیب‌پذیری‌ها به همراه لینک وصله‌ها و به‌روزرسانی‌های ارائه‌شده در جدول زیر آمده است.

رفع آسیب‌پذیری

ارزش روز صفر

نوع آسیب‌پذیری

محصول آسیب‌پذیر

امتیاز مبنا

شناسه آسیب‌پذیری

Official Fix

$۲۵k-$50k

Memory Corruption

Adobe Acrobat Reader Heap-based

۶.۳

CVE-2019-8066

Official Fix

$۱۰k-$25k

Information Disclosure

Adobe Acrobat Reader Type Confusion

۴.۳

CVE-2019-8252

Official Fix

$۲۵k-$50k

Memory Corruption

Adobe Acrobat Reader Type Confusion

۶.۳

CVE-2019-8251

Official Fix

$۲۵k-$50k

Memory Corruption

Adobe Acrobat Reader Type Confusion

۶.۳

CVE-2019-8250

Official Fix

$۲۵k-$50k

Memory Corruption

Adobe Acrobat Reader Type Confusion

۶.۳

CVE-2019-8249

Official Fix

$۱۰k-$25k

Privilege Escalation

Apache Tomcat Camel Templating Injection

۵.۵

CVE-2020-11994

Official Fix

$۰-$۱k

Weak Encryption

Atlassian Bitbucket Server Man-in-the-Middle

۳.۷

CVE-2020-14171

Official Fix

$۲k-$5k

Server-Side Request Forgery

Atlassian Bitbucket Server Webhooks

۶.۳

CVE-2020-14170

Official Fix

$۲k-$5k

Privilege Escalation

Atlassian JIRA Server/Data Center DLL

۷.۸

CVE-2019-20419

Official Fix

$۱k-$2k

XSS

Atlassian JIRA Server/Data Center File Upload

۵.۴

CVE-2020-14173

Official Fix

$۲k-$5k

Privilege Escalation

Atlassian JIRA Server/Data Center Web Resources Manager Injection

۹.۸

CVE-2020-14172

Official Fix

$۰-$۱k

DoS

Atlassian JIRA Server/Data Center wiki

۶.۵

CVE-2019-20418

Official Fix

$۰-$۱k

DoS

ChangXiang 8 Plus Base Station

۳.۵

CVE-2020-1837

Not Defined

$۱k-$2k

Code Execution

Code42 Email Invite

۵.۳

CVE-2020-12736

Not Defined

$۲k-$5k

SQL Injection

DataTables Records.php

۹.۸

CVE-2020-8521

Not Defined

$۲k-$5k

SQL Injection

DataTables Records.php

۹.۸

CVE-2020-8520

Not Defined

$۲k-$5k

SQL Injection

DataTables Records.php

۹.۸

CVE-2020-8519

Not Defined

$۱۰k-$25k

Command Injection

Privilege Escalation

Dell EMC Data Protection Advisor OS

۸.۸

CVE-2020-5352

Not Defined

$۵k-$10k

Information Disclosure

Dell EMC EMC VxRail

۹.۸

CVE-2020-5368

Official Fix

$۱۰k-$25k

Directory Traversal

Dell EMC iDRAC9

۷.۱

CVE-2020-5366

Not Defined

$۱۰k-$25k

Privilege Escalation

Dell EMC Isilon OneFS/EMC PowerScale File Permission

۸.۰

CVE-2020-5371

Official Fix

$۵k-$10k

DoS

Dell EMC PowerStore Test Interface

۸.۶

CVE-2020-5372

Official Fix

$۱۰k-$25k

Privilege Escalation

Dell PowerProtect Data Manager/PowerProtect X400

۷.۷

CVE-2020-5356

Workaround

$۱۰k-$25k

Privilege Escalation

D-Link DIR-610 command.php

۵.۵

CVE-2020-9377

Not Defined

$۵k-$10k

Information Disclosure

D-Link DIR-610 getcfg.php

۳.۵

CVE-2020-9376

Not Defined

$۱k-$2k

Information Disclosure

Eclipse Jetty Long Request Memory

۳.۷

CVE-2019-17638

Official Fix

$۲k-$5k

Privilege Escalation

Electron Context Isolation

۶.۸

CVE-2020-15096

Official Fix

$۱k-$2k

Information Disclosure

Electron event.preventDefault()‎

۶.۸

CVE-2020-4075

Official Fix

$۱k-$2k

Privilege Escalation

Electron Isolation

۷.۸

CVE-2020-4076

Official Fix

$۲k-$5k

Privilege Escalation

Electron Isolation

۷.۷

CVE-2020-4077

Official Fix

$۱۰k-$25k

Privilege Escalation

FreeBSD

۵.۵

CVE-2020-7458

Official Fix

$۱۰k-$25k

Code Execution

Memory Corruption

FreeBSD Synchronization

۵.۵

CVE-2020-7457

Not Defined

$۲k-$5k

Memory Corruption

GeoVision Door Access Control Command

۹.۸

CVE-2020-3931

Not Defined

$۱k-$2k

Privilege Escalation

GOG Galaxy File Permission

۷.۸

CVE-2020-15529

Not Defined

$۱k-$2k

Privilege Escalation

GOG Galaxy File Permission

۷.۸

CVE-2020-15528

Official Fix

$۲k-$5k

Privilege Escalation

google-oauth-java-client PKCE

۷.۴

CVE-2020-7692

Not Defined

$۲k-$5k

Privilege Escalation

HCL AppScan Enterprise API Documentation Clickjacking

۵.۵

CVE-2019-4323

Not Defined

$۰-$۱k

XSS

HCL AppScan Enterprise Test Policy Import

۳.۵

CVE-2019-4324

Official Fix

$۲k-$5k

SQL Injection

Hibernate ORM JPA Criteria API

۶.۳

CVE-2019-14900

Not Defined

$۵k-$10k

XSS

HPE IceWall SSO Dfw/IceWall SSO Dgfw

۴.۳

CVE-2020-7140

Official Fix

$۱۰k-$25k

Code Execution

Huawei Mate 30

۶.۳

CVE-2020-1839

Official Fix

$۰-$۱k

Weak Authentication

Huawei Mate 30 Pro

۵.۵

CVE-2020-1838

Official Fix

$۱۰k-$25k

Code Execution

Huawei Mate 30 Remote

۷.۸

CVE-2020-9261

Official Fix

$۱۰k-$25k

Memory Corruption

Huawei Mate 30 Use-After-Free

۷.۸

CVE-2020-9262

Official Fix

$۱۰k-$25k

Weak Authentication

Huawei P30 Signature Validation

۵.۵

CVE-2020-9226

Official Fix

$۵k-$10k

Information Disclosure

Huawei P30/P30 Pro WiFi

۵.۳

CVE-2020-1836

Not Defined

$۱۰k-$25k

Memory Corruption

Huawei Products SIP Module

۶.۳

CVE-2019-19417

Not Defined

$۱۰k-$25k

Memory Corruption

Huawei Products SIP Module

۶.۳

CVE-2019-19416

Not Defined

$۱۰k-$25k

Memory Corruption

Huawei Products SIP Module

۶.۳

CVE-2019-19415

Official Fix

$۵k-$10k

Information Disclosure

IBM Guardium Activity Insights

۳.۱

CVE-2020-4173

Official Fix

$۱۰k-$25k

Privilege Escalation

IBM InfoSphere Information Server Deserialization

۸.۱

CVE-2020-4305

Not Defined

$۱k-$2k

XSS

kingcomposer Plugin Reflected

۴.۳

CVE-2020-15299

Not Defined

$۱k-$2k

Weak Authentication

MAVLink

۹.۸

CVE-2020-10282

Not Defined

$۰-$۱k

Weak Encryption

MAVLink

۷.۵

CVE-2020-10281

Official Fix

$۲k-$5k

Information Disclosure

McAfee Network Security Management Command Line Interface

۸.۶

CVE-2020-7284

Official Fix

$۵k-$10k

Privilege Escalation

McAfee Total Protection Symbolic Link

۷.۵

CVE-2020-7283

Official Fix

$۵k-$10k

Privilege Escalation

McAfee Total Protection Symbolic Link

۷.۵

CVE-2020-7282

Official Fix

$۵k-$10k

Privilege Escalation

McAfee Total Protection Symbolic Link

۷.۵

CVE-2020-7281

Not Defined

$۲k-$5k

Command Injection

Mitsubishi Electric GOT2000 TCP/IP

۶.۳

CVE-2020-5599

Not Defined

$۲k-$5k

Memory Corruption

Mitsubishi Electric GOT2000 TCP/IP

۶.۳

CVE-2020-5595

Not Defined

$۲k-$5k

Memory Corruption

Mitsubishi Electric GOT2000 TCP/IP NULL Pointer Dereference

۶.۳

CVE-2020-5597

Not Defined

$۲k-$5k

Privilege Escalation

Mitsubishi Electric GOT2000 TCP/IP

۶.۳

CVE-2020-5600

Not Defined

$۲k-$5k

Privilege Escalation

Mitsubishi Electric GOT2000 TCP/IP

۶.۳

CVE-2020-5598

Not Defined

$۲k-$5k

Privilege Escalation

Mitsubishi Electric GOT2000 TCP/IP

۶.۳

CVE-2020-5596

Official Fix

$۱k-$2k

Information Disclosure

MobileIron Core/Connector

۷.۵

CVE-2020-15507

Official Fix

$۲k-$5k

Privilege Escalation

MobileIron Core/Connector

۹.۸

CVE-2020-15505

Official Fix

$۱k-$2k

Weak Authentication

MobileIron Core/Connector

۹.۸

CVE-2020-15506

Not Defined

$۲k-$5k

Code Execution

Mods for HESK Access Control

۶.۳

CVE-2020-13994

Not Defined

$۰-$۱k

XSS

Mods for HESK Stored

۶.۱

CVE-2020-13992

Not Defined

$۲k-$5k

SQL Injection

Mods for HESK Time-Based

۷.۳

CVE-2020-13993

Official Fix

$۲۵k-$50k

Privilege Escalation

Mozilla Firefox Address Bar

۵.۵

CVE-2020-12408

Official Fix

$۵۰k-$100k

Unknown Vulnerability

Mozilla Firefox AppCache unknown vulnerability

۵.۵

CVE-2020-12415

Official Fix

$۱۰k-$25k

Information Disclosure

Mozilla Firefox Date.parse()‎

۴.۳

CVE-2020-12425

Official Fix

$۱۰k-$25k

Spoofing

Mozilla Firefox History API

۴.۳

CVE-2020-12412

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox

۶.۳

CVE-2020-12426

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox

۶.۳

CVE-2020-12411

Official Fix

$۱۰k-$25k

Information Disclosure

Mozilla Firefox Native-to-JS Bridging

۳.۵

CVE-2020-12404

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox Out-of-Bounds

۶.۳

CVE-2020-12422

Official Fix

$۵k-$10k

Information Disclosure

Mozilla Firefox Private Browsing

۳.۳

CVE-2020-12414

Official Fix

$۱۰k-$25k

Information Disclosure

Mozilla Firefox RSA Key Generation Side-Channel

۳.۷

CVE-2020-12402

Official Fix

$۱۰k-$25k

Spoofing

Mozilla Firefox URL

۴.۳

CVE-2020-12409

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox VideoStreamEncoder AddOrUpdateSink

۶.۳

CVE-2020-12416

Official Fix

$۲۵k-$50k

Code Execution

Mozilla Firefox webauthn.dll

۵.۵

CVE-2020-12423

Official Fix

$۵k-$10k

Information Disclosure

Mozilla Firefox WebRender

۳.۳

CVE-2020-12407

Official Fix

$۲۵k-$50k

Privilege Escalation

Mozilla Firefox WebRTC

۵.۵

CVE-2020-12424

Official Fix

$۲۵k-$50k

Privilege Escalation

Mozilla Firefox/Firefox ESR/Thunderbird Addon Update

۵.۶

CVE-2020-12421

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox/Firefox ESR/Thunderbird Callback Use-After-Free

۶.۳

CVE-2020-12419

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox/Firefox ESR/Thunderbird

۶.۳

CVE-2020-12410

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox/Firefox ESR/Thunderbird

۶.۳

CVE-2020-12406

Official Fix

$۱۰k-$25k

Information Disclosure

Mozilla Firefox/Firefox ESR/Thunderbird NSS Timing

۳.۷

CVE-2020-12399

Official Fix

$۱۰k-$25k

DoS

Mozilla Firefox/Firefox ESR/Thunderbird SharedWorkerService Crash

۴.۳

CVE-2020-12405

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox/Firefox ESR/Thunderbird STUN Server Use-After-Free

۵.۵

CVE-2020-12420

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox/Firefox ESR/Thunderbird URL Out-of-Bounds

۶.۳

CVE-2020-12418

Official Fix

$۲۵k-$50k

Memory Corruption

Mozilla Firefox/Firefox ESR/Thunderbird ValueTags

۶.۳

CVE-2020-12417

Official Fix

$۱۰k-$25k

Weak Encryption

Mozilla Thunderbird STARTTLS

۳.۷

CVE-2020-12398

Not Defined

$۰-$۱k

XSS

MrRio jsPDF Filter

۶.۳

CVE-2020-7691

Not Defined

$۰-$۱k

XSS

MrRio jsPDF html

۶.۳

CVE-2020-7690

Official Fix

$۱k-$2k

Directory Traversal

Code Execution

MX Player App MX Transfer

۴.۹

CVE-2020-5764

Official Fix

$۰-$۱k

XSS

NeDi Assets-Management.php

۵.۴

CVE-2020-15031

Official Fix

$۰-$۱k

XSS

NeDi Assets-Management.php

۵.۴

CVE-2020-15029

Official Fix

$۰-$۱k

XSS

NeDi Monitoring-Incidents.php

۵.۴

CVE-2020-15032

Official Fix

$۰-$۱k

XSS

NeDi Monitoring-Map.php

۵.۴

CVE-2020-15035

Official Fix

$۰-$۱k

XSS

NeDi Monitoring-Setup.php

۵.۴

CVE-2020-15034

Official Fix

$۰-$۱k

XSS

NeDi Reports-Devices.php

۵.۴

CVE-2020-15037

Official Fix

$۰-$۱k

XSS

NeDi snmpget.php

۵.۴

CVE-2020-15033

Official Fix

$۰-$۱k

XSS

NeDi Topology-Linked.php

۵.۴

CVE-2020-15036

Official Fix

$۰-$۱k

XSS

NeDi Topology-Map.php

۵.۴

CVE-2020-15028

Official Fix

$۰-$۱k

XSS

NeDi Topology-Routes.php

۵.۴

CVE-2020-15030

Official Fix

$۲k-$5k

Privilege Escalation

NVIDIA JetPack SDK Installation Script

۵.۵

CVE-2020-5974

Official Fix

$۰-$۱k

DoS

Palo Alto PAN-OS dnsproxyd Integer Underflow

۴.۹

CVE-2020-2031

Official Fix

$۲k-$5k

Command Injection

Privilege Escalation

Palo Alto PAN-OS GlobalProtect Portal OS

۸.۱

CVE-2020-2034

Official Fix

$۲k-$5k

Command Injection

Privilege Escalation

Palo Alto PAN-OS Management Interface OS

۷.۲

CVE-2020-2030

Official Fix

$۰-$۱k

Weak Encryption

Palo Alto PAN-OS

۴.۸

CVE-2020-1982

Not Defined

$۰-$۱k

XSS

PHPList Administrator Import

۵.۴

CVE-2020-15073

Not Defined

$۲k-$5k

SQL Injection

PHPList Administrator Import Error

۸.۸

CVE-2020-15072

Not Defined

$۱k-$2k

Privilege Escalation

Python python3.dll

۵.۳

CVE-2020-15523

Official Fix

$۲k-$5k

Memory Corruption

Realtek RTL8195AM/RTL8711AM/RTL8711AF/RTL8710AF WPA2 Handshake Stack-based

۵.۵

CVE-2020-9395

Not Defined

$۱k-$2k

Weak Authentication

Redgate SQL Monitor TLS Certificate Validation

۵.۵

CVE-2020-15526

Official Fix

$۰-$۱k

DoS

Samba AD DC NBT Server Crash

۳.۵

CVE-2020-14303

Official Fix

$۲k-$5k

Memory Corruption

Samba AD LDAP Server Use-After-Free

۵.۵

CVE-2020-10730

Official Fix

$۲k-$5k

Memory Corruption

Samba LDAP Server Use-After-Free

۵.۵

CVE-2020-10760

Official Fix

$۰-$۱k

DoS

Samba NetBIOS over TCPIP CPU Exhaustion

۴.۳

CVE-2020-10745

Official Fix

$۲k-$5k

Memory Corruption

Samsung Mobile Devices 4k Wallpaper ImageProcessHelper

۵.۵

CVE-2020-15584

Official Fix

$۲k-$5k

Memory Corruption

Samsung Mobile Devices Bluetooth Low Energy

۵.۵

CVE-2020-15582

Official Fix

$۲k-$5k

Privilege Escalation

Samsung Mobile Devices Cameralyzer

۵.۵

CVE-2020-15577

Official Fix

$۲k-$5k

Privilege Escalation

Samsung Mobile Devices Factory Reset Protection

۵.۵

CVE-2020-15580

Official Fix

$۲k-$5k

Privilege Escalation

Samsung Mobile Devices Factory Reset Protection

۵.۵

CVE-2020-15579

Official Fix

$۲k-$5k

Privilege Escalation

Samsung Mobile Devices FactoryCamera

۵.۵

CVE-2020-15578

Official Fix

$۱k-$2k

Information Disclosure

Samsung Mobile Devices Kernel Logging

۵.۳

CVE-2020-15581

Official Fix

$۲k-$5k

Directory Traversal

Samsung Mobile Devices StickerProvider

۵.۵

CVE-2020-15583

Official Fix

$۱k-$2k

Information Disclosure

Solarwinds Serv-U File Server Cookie

۳.۵

CVE-2020-15574

Official Fix

$۰-$۱k

XSS

Solarwinds Serv-U File Server

۳.۵

CVE-2020-15575

Official Fix

$۰-$۱k

XSS

Solarwinds Serv-U File Server

۳.۵

CVE-2020-15573

Official Fix

$۱k-$2k

Information Disclosure

Solarwinds Serv-U File Server HTTP Response

۳.۵

CVE-2020-15576

Official Fix

$۲k-$5k

Unknown Vulnerability

Solarwinds Serv-U FTP Server Argument Path unknown vulnerability

۵.۵

CVE-2020-15543

Official Fix

$۲k-$5k

Unknown Vulnerability

Solarwinds Serv-U FTP Server CHMOD Command unknown vulnerability

۵.۵

CVE-2020-15542

Official Fix

$۲k-$5k

Privilege Escalation

Solarwinds Serv-U FTP Server Command

۶.۳

CVE-2020-15541

Official Fix

$۵k-$10k

Information Disclosure

Symantec Endpoint Detection and Response

۳.۵

CVE-2020-5839

Official Fix

$۰-$۱k

XSS

TimelineJS Stored

۷.۲

CVE-2020-15092

Official Fix

$۱k-$2k

Weak Authentication

tough Library Signature Validation

۸.۶

CVE-2020-15093

Official Fix

$۲k-$5k

Privilege Escalation

typo3_forum Extension Access Control

۵.۵

CVE-2020-15513

Not Defined

$۲k-$5k

Privilege Escalation

Valve Steam Client Permission

۷.۸

CVE-2020-15530

Not Defined

$۱k-$2k

Weak Authentication

Venki Supravizio BPM Brute Force

۳.۱

CVE-2020-15367

Not Defined

$۱k-$2k

Information Disclosure

Venki Supravizio BPM Password Recovery Username

۳.۵

CVE-2020-15392

Not Defined

$۰-$۱k

XSS

We-com Municipality Portal CMS Search Bar

۳.۵

CVE-2020-15538

Not Defined

$۲k-$5k

SQL Injection

We-com Municipality Portal CMS

۶.۳

CVE-2020-15539

Not Defined

$۲k-$5k

SQL Injection

We-com OpenData CMS Administrator Login Page

۶.۳

CVE-2020-15540

Official Fix

$۰-$۱k

DoS

Wireshark GVCP Dissector packet-gvcp.c

۷.۵

CVE-2020-15466

Not Defined

$۵k-$10k

DoS

Xen event-channel Port Allocation Crash

۵.۷

CVE-2020-15566

Not Defined

$۵k-$10k

DoS

Xen Hypervisor Crash

۷.۵

CVE-2020-15564

Not Defined

$۵k-$10k

DoS

Xen Hypervisor Crash

۷.۵

CVE-2020-15563

Not Defined

$۱۰k-$25k

Privilege Escalation

Xen Hypervisor

۵.۵

CVE-2020-15567

Not Defined

$۱۰k-$25k

Privilege Escalation

Xen

۵.۵

CVE-2020-15565

Not Defined

$۰-$۱k

DoS

Yubico libykpiv Error util.c ykpiv_util_generate_key

۴.۳

CVE-2020-13132

Official Fix

$۰-$۱k

Information Disclosure

Yubico libykpiv RSA Key Generation util.c

۴.۳

CVE-2020-13131

Not Defined

$۱k-$2k

Information Disclosure

Yubico YubiKey OTP Application

۳.۵

CVE-2020-15001

Not Defined

$۱k-$2k

Weak Authentication

Yubico YubiKey PIN Management

۴.۶

CVE-2020-15000

Official Fix

$۲k-$5k

Privilege Escalation

ZoneAlarm Firewall/Antivirus File Permission

۵.۵

CVE-2020-6013

 
 

سطح خطر حدود ۲۴% آسیب‌پذیری‌های هفته، «پرخطر» و «حیاتی» برآورد شده است که بسیار قابل‌توجّه است.

 

ارزش روز صفرم بیش از ۶۶% آسیب‌پذیری‌های هفته بالای ۲۰۰۰ دلار برآورد شده است.

خوشبختانه برای ۶۸% آسیب‌پذیری‌‌های هفته، به‌روزرسانی‌ها و یا وصله‌هایی رسماً ارائه شده که برای جلوگیری از سوءاستفاده از آسیب‌پذیری‌ها بهتر است سریعاً اعمال شوند.

 

همچنین با ۴۰ مورد، اکثر آسیب‌پذیری‌های هفته (۲۴%) از نوع «ارتقا امتیاز» بودند.