Advisory No: TZCERT/SA/2020/08/27

Date of First Release: 27^th August 2020

Source: MICROSOFT

Software Affected: Microsoft Access Products

Overview:

Current Microsoft Access Products are missing security updates that can cause a remote code execution vulnerability (RCE). The vulnerability may allow an unauthenticated user to run arbitrary code in the context of current user.

Description:

This vulnerability occurs when Microsoft Access Software fails to properly handles objects in memory. And if, the current user is logged on with administrative privileges, an attacker could take control of the affected system. When an attacker takes control, could install programs or create new accounts with administrative user rights.

There several scenarios for exploiting of this vulnerability, but all requires a user to open specially crafted file with an affected version of Microsoft Access. A common one is using email as attack vector, whereas the attacker sends a specially crafted file to the target users and convince him/her to open it to be able to execute arbitrary code on the affected systems.

Impact:

Successful exploitation of the vulnerability could allow an adversary to run arbitrary code on the affected systems.

Solution:

Microsoft have not yet identified any mitigation factors or workarounds for this vulnerability; however, users of the affected systems are advised to install the following latest security updates from Microsoft.

• KB4484366
• KB4484340
• KB4484385

References:

1. https://www.tenable.com/plugins/nessus/139495
2. https://nvd.nist.gov/vuln/detail/CVE-2020-1582#vulnCurrentDescriptionTitle
3. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1582

Citrix has released security updates to address vulnerabilities in Citrix Hypervisor and XenServer. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Citrix Security Bulletin and apply necessary updates.

Mozilla has released security updates to address vulnerabilities in Firefox prior to version 80 and Firefox ESR prior to version 68.12 and version 78.2. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Mozilla Security Advisories and apply necessary updates.

IBM has released security updates to address vulnerabilities in IBM Security Guardium Insights. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review IMB security bulletins for CVE-2020-4598 and CVE-2020-4165 and apply necessary updates.

Cisco has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerability may allow an attacker to take control of affected system.

Users and administrators are encouraged to review released Cisco Security Advisory and apply necessarily updates.