SAP has released security updates to address vulnerabilities affecting multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.
Users and administrators are encouraged to review SAP Security Notes and apply necessary update.
Advisory No: TZCERT/SA/2020/11/11
Date of First Release: 11th November 2020
Source: MICROSOFT
Software Affected: Windows Operating System
Overview:
Google has disclosed zero-day vulnerability in Microsoft Windows Kernel that is being exploited alongside with Google Chrome flaw (CVE-2020-15999).
Description:
This vulnerability is caused by the buffer overflow in the Windows Kernel Cryptography Driver (cng.sys) whereby the flaw exists in the cng!CfgAdtpFormatPropertyBlock function as a result of a 16-bit integer truncation.
Both Chrome vulnerability (CVE-2020-15999) and Window Kernel (CVE-2020-17087) could allow an attacker to break out Google Chrome’s sandbox successfully for privilege escalation.
Impact:
Successful exploitation of the vulnerability could allow an adversary to execute codes on the affected system.
Solution:
Microsoft has not yet released any patch for this issue; however, exploitation of the flaw has only been spotted in conjuction with Chrome vulnerability. Users and administrators are recommended to upgrade Chrome to available stable version of Windows.
| CVE | Fixed Version |
| CVE-2020-15999 | 86.0.4240.111 |
References:
Advisory No: TZCERT/SA/2020/11/11
Date of First Release: 11th November 2020
Source: CISCO
Software Affected: AnyConnect Secure Mobility Client for Linux, Windows and macOS
Overview:
This vulnerability exists in the interprocess communication (IPC) channel of the Cisco AnyConnect Secure Mobility Client Software that could allow an authenticated user to execute code through AnyConnect user.
Description:
The vulnerability is caused by a lack of authentication to AnyConnect client IP listener, that could allow an attacker with specially crafted IPC messages to execute malicious scripts. The exploitation of this vulnerability requires an attacker to have valid credentials on the system running AnyConnect client.
This vulnerability affects all versions of the software that have a configuration Bypass Downloader set to its default value of false. If Bypass Downloader is set to true, the Bypass downloader will be enabled, and the device will not be affected by this vulnerability.
Impact:
Successful exploitation of the vulnerability could allow an adversary to execute codes on the affected system.
Solution:
Cisco has not issued any workarounds or patches that address this vulnerability. However, users and administrators are advised to verify the Bypass Downloader configuration on a VPN client system and change the value to true.
To change Bypass Downloader configuration, perform the following:
References:
Huawei has released security updates to address a vulnerability to its multiple products. Exploitation of this vulnerability may allow an attacker to cause a denial of service condition.
Users and administrators are encouraged to review Huawei Security Advisory and apply necessary update.
Apple has released security updates to address vulnerabilities in watchOS, tvOS, iOS and MacOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.
Users and administrators are encouraged to review Apple Security Advisories and apply necessary updates.
Tanzania Computer Emergency Response Team