Defense

Disclaimer

If your can’t take an honest view on real challegnes we face you probably want to click the back button now!
The three laws of IT apply:

  • Software has bugs
  • Hardware breaks
  • Humans Make Mistakes

It doens’t mean however we shoulnd’t strive to do better! so now that’s out of the way here’s a fast blog on shit you should care about and patch (if you haven’t already!)

Also please note these are not ALL the vulnerabilities you should care about, just some choice ones that are enough to make you cry!

Introduction

“Don’t worry, we’ve got that behind a firewall or VPN!” is something I’ve heard a lot over the years, which to be honest is starting to look more and more worrying. Think that’s just me giving my opinion? Well think again, here we have collated SOME of the vulnerabilities in security products which if unpatched/mitigated really leave you. well quite insecure!

Join me today on a sarcastic, humour filled journey into some of the vulnerabilities that you really should care about, in the form of a quick fire blog filled with my jokey tones (if one does not laugh, one would simply be left with no choice but to cry!)

I’m not going to go into details you can pour over vendor responses, Github POC’s and blogs galore I’m sure, but I wanted to just highlight that the world of technology and security requires a lot more than a 9-5 les affair attitude that many organisations seem to have (and don’t start me on the MSP/MSSP industry, we can save that for another day! (don’t worry I know you aren’t all bad.. just most of you suck!))

Vendors and CVEs that you should really care about

(at time of writing! *give it a day or so I’m sure this isn’t the last of them!)

Fortinet FortiGate

  • CVE-2018-13379
  • CVE-2018-13382
  • CVE-2018-13383

F5 BIG-IP

https://support.f5.com/csp/article/K52145254

RCE (exploited in the wild!)

  • CVE-2020-5902

https://nvd.nist.gov/vuln/detail/CVE-2020-5902

Cool Videos showing just how easy these are to exploit!

Palo Alto PAN-OS

RCE

  • CVE-2019-1579
  • CVE-2020-2034

https://security.paloaltonetworks.com/CVE-2020-2034

Authentication Bypass

  • CVE-2020-2021

https://security.paloaltonetworks.com/CVE-2020-2021

Vendor Vulnerability List

https://security.paloaltonetworks.com/?severity=CRITICAL&sort=-date&limit=100

PULSE VPN (Exploited in the wild!)

  • CVE-2019-11510
  • CVE-2019-11539
  • CVE-2018-13379

https://nvd.nist.gov/vuln/detail/CVE-2019-11510

https://nvd.nist.gov/vuln/detail/CVE-2019-11539

https://nvd.nist.gov/vuln/detail/CVE-2018-13379

CITRIX NETSCALER (Exploited in the wild!)

RCE

  • CVE-2019-19781

https://support.ctrix.com/article/CTX267027

Sophos

RCE (Exploited in the wild!)

  • CVE-2020-12271

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12271

https://community.sophos.com/kb/en-us/134199

This is Fine

Don’t worry if it’s not people deploying RDP exposed, leaving weak AF AD configurations everywhere or never patching because… YOLO.. it’s ok because you are covered by your security vendors! Don’t worry about your AV bypasses and the fancy Skynet isn’t fucking real, you are safe in the knowledge that at some point in time, that iron gate you had on the network perimeter may have had a welcome sign and the key left in the lock for years!

Stay ALERT! Monitor systems, patch, harden and all in all just pay a bit of care about the little robots that you rely on to run your business! They matter!

(vendors this isn’t an ear bashing, some of the responses I’ve seen from your teams have been amazing, it’s an ecosystem, we all swim around this pond together, but we all must do better!)

[EDIT: added intel on exploited in the wild against CRITICAL CVEs]

https://www.cisa.gov/blog/2020/07/16/emergency-directive-ed-20-03-windows-dns-server-vulnerability?utm_content=buffer2d71e&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Leave a Reply