Computer forensics specialists have revealed the discovery of multiple vulnerabilities in InterScan Web Security Virtual Appliance software, from Trend Micro. This is a secure Internet gateway that combines application control with zero-day vulnerability detection, anti-malware exploitation, and more.
According to the report, exploiting these vulnerabilities would allow threat actors to deploy malicious scenarios such as arbitrary code execution, cross-site scripting (XSS) attacks, and more. Below is a brief overview of each of the vulnerabilities found, in addition to their respective scores and identification keys in the Common Vulnerability Scoring System (CVSS).
CVE-2020-8606: This vulnerability exists due to an error processing authentication requests within the Apache Solr application and allows remote hackers to evade the authentication process on the affected application.
The flaw received a score of 8.5/10 on the CVSS scale, so it is considered a serious error. Although the vulnerability can be exploited remotely by sending specially crafted requests, there is no exploit for this flaw.
CVE-2020-8603: This vulnerability exists due to inappropriate disinfection of user-provided data and would allow threat actors to deploy cross-site scripting (XSS) attacks. Successful exploitation of this vulnerability could allow hackers to extract potentially sensitive information, modify graphic aspects of a compromised website, deploy phishing attacks, among other malicious activities.
The flaw received a score of 5.3/10 on the CVSS scale, so it is considered a reduced severity error. While this vulnerability can be exploited remotely by simply submitting a specially crafted request, no exploit has yet been detected to start the attack.
CVE-2020-8604: This vulnerability exists due to an input validation error when processing directory cross sequences in the “file” parameter within the Apache Solr application. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
The vulnerability received a score of 6.5/10 on the CVSS scale, so it is considered a medium severity flaw. CVE-2020-8604 can be exploited remotely by sending specially designed requests to the target application, although there is no functional exploit for the attack, computer forensics experts pointed out.
CVE-2020-8605: This flaw exists due to incorrect input validation in the “mount_device” parameter within “LogSettingHandler”. A threat actor could execute arbitrary commands on the target system.
The flaw received a score of 7.7/10 on the CVSS scale, making it a medium severity flaw. This vulnerability can also be exploited remotely, although computer forensics experts do not know if there is malware for the attack.
For further reports on vulnerabilities, exploits, malware variants and computer security risks you can access the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.