test

آژانس امنیت ملی آمریکا لیست 25 آسیب پذیری جدی (https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/) که هکر های چینی از آنها بر علیه سازمانها و شبکه های آمریکایی استفاده میکنند رو منتشر کرده که به نظر من بد نیست ما هم یک نگاه جدی بهش بندازیم .

این آسیب پذیری ها در فاز ها ی مختلفی از سیستم ها سوءاستفاده می کنند و این دسته بندی هم بر همین اساس هست (توضیحات تکمیلی و به روزرسانی های هر آسیب پذیری در متن موجود است )

آسیب پذیری ها در ارتباط ریموت :

•CVE-2019-11510 (https://www.bleepingcomputer.com/news/security/us-govt-warns-of-attacks-on-unpatched-pulse-vpn-servers/) - A Pulse Secure VPN vulnerabilities

•CVE-2020-5902 (https://www.bleepingcomputer.com/news/security/us-govt-confirms-active-exploitation-of-f5-big-ip-rce-flaw/) - A F5 BIG-IP® 8 proxy / load balancer remote code execution vulnerability.

•CVE-2019-19781 (https://www.bleepingcomputer.com/news/security/citrix-adc-cve-2019-19781-exploits-released-fix-now/) - A Citrix Application Delivery Controller (ADC) and Gateway directory traversal vulnerability, which can lead to remote code execution without credentials.

•CVE-2020-8193 (https://www.citrix.com/blogs/2020/01/19/vulnerability-update-first-permanent-fixes-available-timeline-accelerated/) - Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP vulnerability allows unauthenticated access to certain URL endpoints and information disclosure to low-privileged users

•CVE-2020-8195 (https://www.citrix.com/blogs/2020/01/19/vulnerability-update-first-permanent-fixes-available-timeline-accelerated/) - Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP vulnerability allows unauthenticated access to certain URL endpoints and information disclosure to low-privileged users

•CVE-2020-8196 (https://www.citrix.com/blogs/2020/01/19/vulnerability-update-first-permanent-fixes-available-timeline-accelerated/) - Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP vulnerability allows unauthenticated access to certain URL endpoints and information disclosure to low-privileged users

•CVE-2019-0708 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708) - The Windows BlueKeep Remote Desktop Service vulnerability allows unauthenticated users to perform remote code execution.

آسیب پذیری های اکتیو دایرکتوری:

•CVE-2020-1472 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472) - The critical 10/10 Windows ZeroLogon (https://www.bleepingcomputer.com/news/microsoft/microsoft-hackers-using-zerologon-exploits-in-attacks-patch-now/) Netlogon elevation of privilege vulnerability allows threat actors to quickly gain access to domain administrator credentials on a domain controller. From there, they can harvest sensitive data or deploy malware, such as ransomware.

•CVE-2019-1040 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1040) - A Windows NTLM vulnerability (https://www.bleepingcomputer.com/news/security/microsoft-ntlm-flaws-expose-all-windows-machines-to-rce-attacks/) allows attackers to reduce the built-in security for the Windows operating system.

آسیب پذیری هایی در سرور های عمومی مثل ایمیل سرور ، وب سرور و DNS سرور :

•CVE-2020-1350 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350) - The Windows DNS server SigRed (https://www.bleepingcomputer.com/news/security/critical-sigred-windows-dns-bug-gets-micropatch-after-pocs-released/)vulnerability allows attackers to spread laterally through a network.

•CVE-2018-6789 (https://www.bleepingcomputer.com/news/security/vulnerability-affects-half-of-the-internets-email-servers/) - An Exim mail server vulnerability allows unauthenticated, remote code execution.

•CVE-2018-4939 (https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html) - Adobe ColdFusion 14 vulnerability that could lead to arbitrary code execution

آسیب پذیری هایی که موجب دسترسی به سرور های داخلی می شود 

•CVE-2020-0688 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688) - A Microsoft Exchange vulnerability that allows authenticated users to perform remote code execution.(ویدئو استفاده از این آسیب پذیری (https://youtu.be/7d_HoQ0LVy8))

•CVE-2015-4852 - The WLS Security component in Oracle WebLogic15 Server allows remote attackers to execute arbitrary commands via a crafted serialized Java16 object.

•CVE-2020-2555 - A vulnerability exists in the Oracle® Coherence product of Oracle Fusion® Middleware. This easily exploitable 

•CVE-2019-3396 - A server-side template injection vulnerability is present in the Widget Connector in Atlassian Confluence servers that allows remote attackers to perform remote code execution and path traversal.

•CVE-2019-11580 - Attackers who can send requests to an Atlassian® Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, permitting remote code execution. This vulnerability was used in GandCrab ransomware attacks in the past.

•CVE-2020-10189 (https://www.manageengine.com/products/desktop-central/service-packs.html) - Zoho ManageEngine 18 Desktop Central vulnerability (https://www.bleepingcomputer.com/news/security/zoho-fixes-no-auth-rce-zero-day-in-manageengine-desktop-central/) allows remote code execution. This bug was used in attacks to deploy backdoors.

•CVE-2019-18935 (https://www.bleepingcomputer.com/news/security/microsoft-iis-servers-hacked-by-blue-mockingbird-to-mine-monero/) - A vulnerability in Telerik 19 UI for ASP.NET AJAX can lead to remote code execution. It was seen used by a hacker group named 'Blue Mockingbird' to install Monero miners on vulnerable servers but could be used to spread laterally as well.

آسیب پذیری هایی که سطح دسترسی نفوذگر را بر روی سیستم های کاربران بالا می برد

•CVE-2020-0601 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601) - A Windows CryptoAPI Spoofing vulnerability discovered by the NSA (https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-cryptoapi-spoofing-flaw-reported-by-nsa/) allows attackers to spoof code-signing certificates to make malicious executables appear to be signed by a legitimate trusted company.

•CVE-2019-0803 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803) - An elevation of privilege vulnerability exists in Windows® (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0803) when the Win32k component fails to properly handle objects in memory.

آسیب پذیری های دستگاه های شبکه َ

•CVE-2017-6327 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6327) - The Symantec 22 Messaging Gateway can encounter a remote code execution issue.

•CVE-2020-3118 (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce) - A Cisco 'CDPwn' vulnerability (https://www.bleepingcomputer.com/news/security/cisco-patches-critical-cdp-flaws-affecting-millions-of-devices/) in the Cisco Discovery Protocol implementation for Cisco IOS 23 XR Software could allow remote code execution.

•CVE-2020-8515 (https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)/) - DrayTek Vigor 24 devices enable remote code execution as root (without authentication) via shell metacharacters