Entries by Hans-Petter Fjeld

CVE-2020-5902 F5 Big-IP – K52145254: TMUI RCE vulnerability

Published: 2020-07-01MITRE CVE-2020-5902 “The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.” “This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the BIG-IP management port and/or Self IPs, to execute arbitrary system commands, create […]

CVE-2020-11996 Apache Tomcat HTTP/2 Denial of Service

Published: 2020-06-25MITRE CVE-2020-11996 “A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.” CVSS Base score: 7.5 (or 5.9 if Attack Complexity turns out to be High)CVSS Temporal Score: 6.5 as of […]

Aerospace and military companies in the crosshairs

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT) ESET researchers are warning about targeted phishing attacks agains high-profile aerospace and military companies in Europe. The attacker will approach individual personnel about possible job vacancies, some file-sharing then commences with the pretense of […]

CVE-2020-4415 – Stack-based Buffer Overflow vulnerability in IBM Spectrum Protect Server

Published: 2020-04-24 MITRE CVE-2020-4415 “IBM Spectrum Protect server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash.” […]

Covid-19 forces changes

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Helpdesksecurity writes “A time of chaos is a time for opportunity for unscrupulous individuals and groups, and COVID-19 is seemingly an unmissable boon for cyber crooks. We’ve already covered a variety of COVID-19-themed scams, […]

Infosec preparedness during Covid-19 outbreak

Our customers’ business continuity is of paramount importance for Basefarm. We are fully aware that several of our clients provide services that are absolutely critical for our society. Basefarm is following the ongoing outbreak closely and is constantly considering the implications for secure operations for us and our customers. There are several ways that this […]

CVE-2020-0852 | Microsoft Word Remote Code Execution Vulnerability

Published: 2020-03-10 MITRE CVE-2020-0852 “A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions […]

CVE-2020-0796 | Server Message Block 3.0 (SMBv3) Remote Code Execution

Published: 2020-03-10 MITRE CVE-2020-0796 As of writing, Microsoft has not released any official information, but FortiGuard writes that there exists a “(…) Buffer Overflow Vulnerability in Microsoft SMB Servers. The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet. A remote, unauthenticated attacker can exploit this to […]