Vulnerability Trends Summary
As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cyber security communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.
Subscribe to the monthly vulnerability digest report by clicking here.
Download the full vulnerability digest report by clicking here.
The following chart shows the trends.
In September 2020, we see different types of vulnerabilities are reported with less exploitability in those vulnerabilities. The Bluetooth Man-in-the-Middle vulnerability, CVE-2020-15802, gained almost 20% of overall September trends.
We mention, as a note, that NTLM ZoroLogon is already reported in August Vulnerability Digest.
The following table shows the details of the trends.
| CVE | Vulnerability | Publish Date | Exploited | Trends* |
| CVE-2020-15802 | Bluetooth Man-in-the-Middle | 09/09/2020 | No | 20% |
| CVE-2020-14386 | Privilege Escalation in Linux Kernel | 03/09/2020 | Yes | 17% |
| CVE-2020-16875 | RCE in Exchange Server | 11/09/2020 | Yes | 16% |
| CVE-2020-3569 | DoS in CISCO IOS XR | 01/09/2020 | Yes | 13% |
| CVE-2020-1968 | TLS Eavesdropping | 09/09/2020 | No | 11% |
| CVE-2020-13668 | XSS in Drupal | 16/09/2020 | No | 7% |
| CVE-2020-2037 | OS Command Injection in PAN-OS | 09/09/2020 | No | 5% |
| CVE-2020-24553 | XSS in GO | 02/09/2020 | Yes | 5% |
| CVE-2020-3495 | RCE in CISCO Jabber | 03/09/2020 | No | 4% |
| CVE-2020-1013 | Group Policy Update Elevation of Privilege | 08/09/2020 | Yes | 2% |
Subscribe to the monthly vulnerability digest report by clicking here.
Download the full vulnerability digest report by clicking here.
1.CVE-2020-15802
Devices supporting Bluetooth before from 4.0 to 5.0 may allow man-in-the-middle attacks, known as BLURtooth. That might give unauthenticated user access to app or service on Bluetooth-powered devices like iOS and Android
| CVSS Rate | 5.9 MEDIUM |
| Exploited | No |
| Links | https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/blurtooth/ |
2.CVE-2020-14386
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes.
| CVSS Rate | 7.8 HIGH |
| Exploited | Yes |
| Links | https://seclists.org/oss-sec/2020/q3/146 |
3.CVE-2020-16875
A remote code execution vulnerability exists in Microsoft Exchange server that allows remote authenticated attacker to run arbitrary code in the server.
4.CVE-2020-3569
Denial of Service in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash.
| CVSS Rate | 8.6 HIGH |
| Exploited | Yes |
| Links | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexhdSmpdvfz |
5.CVE-2020-1968
A flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection.
| CVSS Rate | 3.7 LOW |
| Exploited | No |
| Links | https://www.openssl.org/news/secadv/20200909.txt |
6.CVE-2020-13668
Drupal 8 and 9 have a reflected cross-site scripting (XSS) vulnerability under certain circumstances. An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability
| CVSS Rate | 8.8 HIGH |
| Exploited | No |
| Links | https://www.drupal.org/sa-core-2020-009 |
7.CVE-2020-2037
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.
| CVSS Rate | 7.2 HIGH |
| Exploited | No |
| Links | https://security.paloaltonetworks.com/CVE-2020-2037 |
8.CVE-2020-24553
The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. This may lead to cross site scripting vulnerabilities even if uploaded data has been validated during upload.
| CVSS Rate | 6.1 MEDIUM |
| Exploited | Yes |
| Links | https://github.com/golang/go/issues/40928 http://seclists.org/fulldisclosure/2020/Sep/5 |
9.CVE-2020-3495
A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of message contents.
| CVSS Rate | 8.8 HIGH |
| Exploited | No |
| Links | https://tools.cisco.com/security/center/content |
10.CVE-2020-1013
An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. A remote attacker on the local network can launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine and gain elevated privileges on the target system
