Introduction
This week it's all about bugs 🐛.
TikTok fixes bugs allowing account takeover with one click
The bugs were discovered by fuzzing by German bug bounty hunter Muhammed Taskiran and it affected accounts which had used third-party apps to sign-up for TikTok
Excerpt from the article:
German bug bounty hunter Muhammed Taskiran discovered a reflected cross-site scripting (XSS) security bug — also known as a non-persistent XSS — in a TikTok URL parameter reflecting its value without proper sanitization.
Taskiran found the reflected XSS that could have also lead to data exfiltration while fuzz testing the company's
www.tiktok.com
andm.tiktok.com
domains.
VMware discloses critical zero-day vulnerability in Workspace One
The title says it all.
Excerpt from the article:
The vulnerability tracked as CVE-2020-4006 is a command injection bug — with a 9.1/10 CVSSv3 severity rating — found in the administrative configurator of some releases of VMware Workspace ONE Access, Access Connector, Identity Manager, and Identity Manager Connector.
"A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system," according to VMware's advisory.
Tesla Model X key fobs could be hacked to steal cars, fix released
Your fancy Tesla Model X could be stolen in minutes.
Excerpt from the article:
The security bugs allowed taking full control of the key fob and of the car by remotely updating the Tesla Model X's BLE chip with specially crafted firmware.
Once the key fob was compromised, the researchers were able to capture valid unlock messages which allowed them to unlock the car at any time.
TikTok Awards Nearly $4,000 for Account Takeover Vulnerabilities
The one-click attack discussed earlier in this article.
Excerpt from the article:
TikTok classified the issue as “high severity” and awarded the researcher $3,860 for his findings. The company has partially disclosed the vulnerability report — very few technical details have been shared.
2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software
2-Factor authentication adds an extra layer of protection to a user account turns out it can be bypassed in cPanel and Web Host Manager.
Excerpt from the article:
The issue stemmed from a lack of rate-limiting during 2FA during logins, thus making it possible for a malicious party to repeatedly submit 2FA codes using a brute-force approach and circumvent the authentication check.
Drupal issues emergency fix for critical bug with known exploits
Drupal is a Content Management System written in PHP.
Excerpt from the article:
Drupal has released emergency security updates to address a critical vulnerability with known exploits that could allow for arbitrary PHP code execution on some CMS versions.
Unofficial Patch Released for Windows 7 Zero-Day Vulnerability
The title says it all.
Excerpt from the article:
An unofficial patch is now available through ACROS Security’s 0patch service for a zero-day vulnerability identified earlier this month in Windows 7 and Windows Server 2008 R2.
The privilege escalation flaw, detailed by security researcher Clément Labro on November 12, exists because all users have write permissions for
HKLM\SYSTEM\CurrentControlSet\Services\Dnscache
andHKLM\SYSTEM\CurrentControlSet\Services\RpcEptMapper
, two keys that could be used for code execution.
Credits
Cover photo by Jazmin Quaynor on Unsplash.
That's it for this week, I'll see you next Friday *.
Update December 4, 2020: Grammar fix and added *.