Zerologon Vulnerability Used in APT Attacks

Subscribe to Newsletters

Interop Digital, Oct. 5-8; Learn the skills necessary for managing a IT Org

More Informa Tech Live Events

White Papers

The High Cost of Poor Web Performance

Vulnerability Management for Financial Companies

The 2020 Outbound Email Security Report

More White Papers

Video

All Videos

Cartoon

Latest Comment: Sorry, I cannot brush my teeth tonight. The toothbrush locked me out after three tries.

Cartoon Archive

Current Issue

Special Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Back Issues | Must Reads

Flash Poll

All Polls

How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-26603
PUBLISHED: 2020-10-06

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 (October 2020).

CVE-2020-26604
PUBLISHED: 2020-10-06

An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020).

CVE-2020-26605
PUBLISHED: 2020-10-06

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020).

CVE-2020-26606
PUBLISHED: 2020-10-06

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020).

CVE-2020-26607
PUBLISHED: 2020-10-06

An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 (October 2020).

The post Zerologon Vulnerability Used in APT Attacks appeared first on Malware Devil.

https://malwaredevil.com/2020/10/06/zerologon-vulnerability-used-in-apt-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=zerologon-vulnerability-used-in-apt-attacks