3 min
Vulnerability Disclosure
Zoom Video Snooping Security Flaw (CVE-2019-13450): What You Need to Know
Here's what you need to know about the recent Zoom vulnerability disclosure.
3 min
Windows
Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510)
CERT/CC has released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions.
9 min
Vulnerability Disclosure
Investigating the Plumbing of the IoT Ecosystem (R7-2018-65, R7-2019-07) (FIXED)
Two vulnerabilities have been disclosed for Eaton's Home Lighting HALO Home Smart Lighting System and BlueCats' AA Beacon.
3 min
Vulnerability Disclosure
R7-2018-43: Username Enumeration in Okta SSO Del Auth through Response Timing
A vulnerability has been discovered in Okta SSO running in Delegated Authentication (Del Auth) mode, a popular configuration for Okta SSO.
3 min
Vulnerability Disclosure
R7-2019-01: CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass (CVE-2019-5616)
The Sicon-8 ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user’s web browser.
8 min
Vulnerability Management
Understanding Ubiquiti Discovery Service Exposures
On Jan. 29, the Rapid7 Labs team was informed of a tweet by Jim Troutman indicating that Ubiquiti devices were being exploited and used to conduct denial-of-service attacks using a service on 10001/UDP.
3 min
Haxmas
R7-2018-52: Guardzilla IoT Video Camera Hard-Coded Credential (CVE-2018-5560)
Most HaXmas posts are full of fun and frivolity, but this one is a routine vulnerability disclosure in a piece of IoT gear that you should know about.
5 min
Public Policy
Prioritizing the Fundamentals of Coordinated Vulnerability Disclosure
In this post, we aim to distinguish between three broad flavors of CVD processes based on authorization, incentives, and resources required. We also urge wider adoption of foundational processes before moving to more advanced and resource-intensive processes.
8 min
Vulnerability Disclosure
Shoring Up the Defenses Together: 2018Q2 and Q3 Wrap-Up
Today (October 29, 2018) we are sharing several vulnerabilities that have been fixed in Rapid7 products and supporting services.
3 min
Vulnerability Disclosure
R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)
This post describes CVE-2018-5553, a vulnerability in the Crestron Console
service that is preinstalled on the DGE-100. Due to a lack of input
sanitization, this service is vulnerable to command injection that can be used
to gain root-level access. DGE-100 devices running firmware versions
1.3384.00049.001 and lower with default configuration are vulnerable to
CVE-2018-5553.
CVE-2018-5553 is categorized as CWE-78 (Improper Neutralization of Special
Elements used in an OS Command) [https://cwe.m
7 min
Vulnerability Disclosure
Shoring up the defenses together: 2018Q1 wrap-up
Today (April 10, 2018) we are sharing six vulnerabilities that have been fixed
in Rapid7 products and supporting services. You won’t need to take any actions:
all of the issues have been addressed. We are disclosing these vulnerabilities
in order to be transparent, to thank those that take the time to report security
issues responsibly, and to provide a few reminders of security concerns that you
should audit for in your own organization.
Dynamically-generated web server access policies
Generat
4 min
Vulnerability Disclosure
R7-2018-01 (CVE-2018-5551, CVE-2018-5552): DocuTrac Office Therapy Installer Hard-Coded Credentials and Cryptographic Salt
DocuTrac QuickDoc & Office Therapy ships with a number of static accounts which are not disclosed to the end user.
3 min
Public Policy
NIST Cyber Framework Updated With Coordinated Vuln Disclosure Processes
A key guideline for cybersecurity risk management now includes coordinated vulnerability disclosure and handling processes. This revision will help boost adoption of processes for receiving and analyzing vulnerabilities disclosed from external sources, such as researchers.
18 min
Vulnerability Disclosure
R7-2017-25: Cambium ePMP and cnPilot Multiple Vulnerabilities
Summary of Issues
Multiple vulnerabilities in Cambium Networks’ ePMP and cnPilot product lines
were discovered by independent researcher Karn Ganeshen
[https://ipositivesecurity.com/], which have, in turn, been addressed by the
vendor. The affected devices are in use all over the world to provide wireless
network connectivity in a variety of contexts, including schools, hotels,
municipalities, and industrial sites, according to the vendor
[https://www.cambiumnetworks.com/industry/].
These issue
2 min
Public Policy
Welcome transparency on US government's process for disclosing vulnerabilities
The White House recently released details on the US government's process for disclosing - or retaining - zero-day vulnerabilities. The new VEP charter provides answers to several key questions, but it remains to be seen how it will operate in practice.