VB 4-27 High Table (Sara)
Released
Apr 27, 2020
Document ID
SB20-118
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Vulnerability Severity:
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| google -- android | In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148159613 | 2020-04-17 | 10 | CVE-2020-0070 MISC |
| google -- android | In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147310721 | 2020-04-17 | 10 | CVE-2020-0071 MISC |
| google -- android | In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147310271 | 2020-04-17 | 10 | CVE-2020-0072 MISC |
| google -- android | In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147309942 | 2020-04-17 | 10 | CVE-2020-0073 MISC |
| google -- android | In onOpActiveChanged and related methods of AppOpsControllerImpl.java, there is a possible way to display an app overlaying other apps without the notification icon that it's overlaying. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144092031 | 2020-04-17 | 9.3 | CVE-2020-0080 MISC |
| autodesk -- fbx_software_development_kit | A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it. | 2020-04-17 | 9.3 | CVE-2020-7080 MISC |
| autodesk -- fbx_software_development_kit | A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it. | 2020-04-17 | 9.3 | CVE-2020-7081 MISC |
| autodesk -- fbx_software_development_kit | A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it. | 2020-04-17 | 9.3 | CVE-2020-7082 MISC |
| autodesk -- fbx_software_development_kit | A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it. | 2020-04-17 | 9.3 | CVE-2020-7085 MISC |
| evenroute -- iqrouter | In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. | 2020-04-21 | 9 | CVE-2020-11967 MISC MISC |
| netgear -- wac505_and_wac510_devices | Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | 2020-04-23 | 7.5 | CVE-2018-21132 CONFIRM |
| netgear -- d3600_and_d6000_devices | Certain NETGEAR devices are affected by a hardcoded password. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76. | 2020-04-23 | 7.5 | CVE-2018-21137 CONFIRM |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019). | 2020-04-17 | 7.5 | CVE-2019-20772 CONFIRM |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019). | 2020-04-17 | 7.5 | CVE-2019-20777 CONFIRM |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 (June 2019). | 2020-04-17 | 7.5 | CVE-2019-20778 CONFIRM |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019). | 2020-04-17 | 7.5 | CVE-2019-20780 CONFIRM |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019). | 2020-04-17 | 7.5 | CVE-2019-20782 CONFIRM |
| pion -- dtls | handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion. | 2020-04-19 | 7.5 | CVE-2019-20786 MISC MISC MISC MISC |
| apple -- ios_and_macos_and_mojave_and_tvos | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. | 2020-04-17 | 7.5 | CVE-2019-6203 MISC MISC MISC |
| mitel_networks -- mivoice_connect | A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain access to sensitive information. | 2020-04-17 | 7.5 | CVE-2020-10211 MISC CONFIRM |
| webkitgtk -- webkitgtk_and_wpe_webkit | A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). | 2020-04-17 | 7.5 | CVE-2020-11793 FEDORA FEDORA FEDORA CONFIRM CONFIRM |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020). | 2020-04-17 | 7.5 | CVE-2020-11873 CONFIRM |
| wordpress -- wordpress | In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin. | 2020-04-20 | 7.5 | CVE-2020-11928 MISC |
| evenroute -- iqrouter | IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. | 2020-04-21 | 7.5 | CVE-2020-11963 MISC MISC |
| evenroute -- iqrouter | In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. | 2020-04-21 | 7.5 | CVE-2020-11965 MISC MISC |
| evenroute -- iqrouter | In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. | 2020-04-21 | 7.5 | CVE-2020-11966 MISC MISC |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019). | 2020-04-17 | 7.2 | CVE-2019-20773 CONFIRM |
| google -- android | In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144028297 | 2020-04-17 | 7.2 | CVE-2020-0081 MISC |
| google -- android | In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to system_server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140417434 | 2020-04-17 | 7.2 | CVE-2020-0082 MISC |
| lg -- multiple_mobile_devices | An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020). | 2020-04-17 | 7.2 | CVE-2020-11875 CONFIRM |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.