Sunday, October 1, 2023
Latest:

Cyberwarzone

Your Cyber Knowledge Base

Dissecting Prominent CVEs: Insights from Tehtris Research
News

Dissecting Prominent CVEs: Insights from Tehtris Research

Reza Rafati

Tehtris, a cybersecurity firm, has recently conducted research shedding light on some of the crucial Common Vulnerabilities and Exposures (CVEs). Let’s delve into these vulnerabilities.

TOP CVE exploit attempts as recorded by Tehtris
TOP CVE exploit attempts as recorded by Tehtris

CVE-2017-9841: A Security Gap in PHP Unit

This CVE, boasting a high CVSS 3.1 score of 9.8, lies within PHP Unit, a widely-used testing framework. It permits remote attackers to execute arbitrary PHP code, constituting a serious threat due to the popularity of PHP. According to Tehtris research, this vulnerability accounts for a significant 28% of the threats they identified.

CVE-2019-9670 and CVE-2019-9621: The Dual Threat in Synacor Zimbra Collaboration Suite

Synacor Zimbra Collaboration Suite, a prevalent email and collaboration software, was found to harbor two notable vulnerabilities.

Firstly, CVE-2019-9670, an XML External Entity injection (XXE) vulnerability. With a CVSS 3.0 score of 9.8, this vulnerability allows an attacker to interact with any reachable back-end components or potentially open remote file shares that the software can access. This vulnerability represents 18% of the threats identified by Tehtris.

Secondly, CVE-2019-9621, another vulnerability in Synacor Zimbra Collaboration Suite, is not yet mentioned in CISA’s known vulnerabilities catalog. Despite having a lower CVSS 3.0 score of 7.5, this vulnerability is still of high concern. It too contributes to 18% of the threats observed in Tehtris’s study.

CVE-2021-41173: Crashing the Go Ethereum Protocol

A more recent vulnerability is CVE-2021-41173, found in the Go Ethereum protocol. Despite a lower CVSS 3.1 score of 5.7, it still presents a significant threat as it leads to crashes, potentially disrupting important blockchain operations. This vulnerability also constitutes 18% of the threats highlighted in the Tehtris research.

CVE-2018-10561: An Omitted Threat

Lastly, CVE-2018-10561 is a vulnerability not explicitly described in the Tehtris research but is worth noting. This security gap lies in DASAN H660RM devices with firmware 1.03-0022, which could allow remote attackers to execute arbitrary commands via a crafted HTTP request.

Done reading? Continue with “The How and Why of Attack Surface Management“.

Share

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of Cyberwarzone.com. An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

Rhysida Ransomware Targets Sapros and Kaiserslautern University of Applied Sciences, Following Attack on Chilean Army

Rhysida Ransomware Targets Sapros and Kaiserslautern University of Applied Sciences, Following Attack on Chilean Army

Reza Rafati
Blackcat Sonangol Picture via SOS Intelligence on Twitter

Gas Producer Sonangol Targeted: The Latest Victim of ALPHV Ransomware

Reza Rafati
ClearMedi Healthcare Targeted by 8base Ransomware Group

ClearMedi Healthcare Targeted by 8base Ransomware Group

Reza Rafati