Vulnerability Trends Summary

As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cyber security communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.

Subscribe to the monthly vulnerability digest report by clicking here.

Download the full vulnerability digest report by clicking here.

 

The following chart shows the trends.

October 2020 Vulnerability Trends

In October 2020, we see cyber security community responded more to Microsoft vulnerabilities. Especially. the Bad Neighbor or Ping of Death Redux where it gained 40% of overall October trends.

Other important vulnerabilities have been reported as trends. That includes Oracle Web Logic RCE and Heap overflow in Google Chrome.

The following table shows the details of the trends.

 

CVEVulnerabilityPublish DateExploitedTrends*
CVE-2020-16898Bad Neighbour / Ping of Death Redux09/09/2020No20%
CVE-2020-16938Privilege Escalation in Windows03/09/2020Yes17%
CVE-2020-14882RCE in Oracle Web Logic11/09/2020Yes16%
CVE-2020-5135DoS in SonicWall01/09/2020Yes13%
CVE-2020-16952RCE in Microsoft Sharepoint09/09/2020No11%
CVE-2020-15999Heap Overflow in Chrome Freetype16/09/2020No7%
CVE-2020-16947RCE in Microsoft Outlook Client09/09/2020No5%
CVE-2020-12928Privilege Escalation in AMD Ryzen Master02/09/2020Yes5%
CVE-2020-0416Privilege Escalation in Android03/09/2020No4%
CVE-2020-15157Credential Leakage in Containerd08/09/2020Yes2%

Subscribe to the monthly vulnerability digest report by clicking here.

Download the full vulnerability digest report by clicking here.

 

 

1.CVE-2020-16898

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. This vulnerability known as “Bad Neighbor” / “Ping of Death Redux”

CVSS Rate8.8 HIGH
ExploitedYes

Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898
https://blog.quarkslab.com/beware-the-bad-neighbor-analysis-and-poc-of-the-windows-ipv6-routeradvertisement-vulnerability-cve-2020-16898.html

2.CVE-2020-16938

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. This vulnerability that allows you to get unrestricted file read capabilities on the entire disk as unprivileged user.

CVSS Rate5.5 MEDIUM
ExploitedYes

Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16938
https://github.com/ioncodes/CVE-2020-16938

3.CVE-2020-14882

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.

CVSS Rate9.8 CRITICAL
ExploitedYes

Links

https://www.oracle.com/security-alerts/cpuoct2020.html
https://packetstormsecurity.com/files/159769/Oracle-WebLogic-Server-Remote-Code-Execution.html

4.CVE-2020-5135

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.

CVSS Rate9.8 CRITICAL
ExploitedNo

Links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010

5.CVE-2020-16952

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.

CVSS Rate7.8 HIGH
ExploitedYes

Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952
https://packetstormsecurity.com/files/159612/Microsoft-SharePoint-SSI-ViewState-Remote-CodeExecution.html

6.CVE-2020-15999

Heap buffer overflow in Free type implementation in Google Chrome

CVSS Rate5.5 MEDIUM
ExploitedYes

Links

https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html
https://bugs.chromium.org/p/chromium/issues/detail?id=1139963

7.CVE-2020-16947

A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory.

CVSS Rate8.8 HIGH
ExploitedYes

Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16947
https://github.com/0neb1n/CVE-2020-1694

8.CVE-2020-12928

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

CVSS Rate7.8 HIGH
ExploitedYes

Links

https://www.amd.com/en/corporate/product-security
https://h0mbre.github.io/RyzenMaster_CVE/?fbclid=IwAR0ddvDtjXgR5UIzAk00y8i90YZ39BrayUKNPPBR

9.CVE-2020-0416

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed.

CVSS Rate8.8 HIGH
ExploitedNo

Links

https://source.android.com/security/bulletin/2020-10-01

10.CVE-2020-15157

Containerd can be coerced into leaking credentials during image pull.

CVSS Rate6.1 MEDIUM
ExploitedNo

Links

https://github.com/containerd/containerd/security/advisories/GHSA-742w-89gc-8m9c