CVE-2020-6418
published 2020-02-27CVE-2020-6418: Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
PriorityP191high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
78.81%
99.5th percentile
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 80.0.3987.122-1 | 80.0.3987.122-1 |
| chromium | chromium | >= 0 < 80.0.3987.122-1 | 80.0.3987.122-1 |
| chromium | chromium | >= 0 < 80.0.3987.122-1 | 80.0.3987.122-1 |
| chromium | chromium | >= 0 < 80.0.3987.122-1 | 80.0.3987.122-1 |
| debian | chromium | < chromium 80.0.3987.122-1 (bookworm) | chromium 80.0.3987.122-1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| chrome | < 80.0.3987.122 | 80.0.3987.122 | |
| chrome | >= unspecified < 80.0.3987.122 | 80.0.3987.122 | |
| chrome_chrome | — | — | |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
0x0, 0x61, 0x73, 0x6d, 0x1, 0x0, 0x0, 0x0, 0x1, 0x8, 0x2, 0x60, 0x1, 0x7f, 0x0, 0x60, 0x0, 0x0, 0x2, 0x19, 0x1, 0x7, 0x69, 0x6d, 0x70, 0x6f, 0x72, 0x74, 0x73, 0xd, 0x69, 0x6d, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x66, 0x75, 0x6e, 0x63, 0x0, 0x0, 0x3, 0x2, 0x1, 0x1, 0x7, 0x11, 0x1, 0xd, 0x65, 0x78, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x66, 0x75, 0x6e, 0x63, 0x0, 0x1, 0xa, 0x8, 0x1, 0x6, 0x0, 0x41, 0x2a, 0x10, 0x0, 0xb
- →The exploit targets Google Chrome 80.0.3987.87 (64-bit) via a type confusion in V8's JSCreate side-effect path. Detection should focus on Chrome renderer processes spawned with --no-sandbox, as the exploit requires this flag for payload execution outside the sandbox. ↗
- →The exploit uses WebAssembly to allocate an RWX memory region and overwrites it with shellcode. Monitor for WebAssembly module instantiation (WebAssembly.Instance/WebAssembly.Module) immediately followed by shellcode writes to RWX pages in Chrome renderer processes. ↗
- →The exploit corrupts the length of a float array (float_rel) for out-of-bounds read/write, then uses a UInt64Array (uint64_aarw) for absolute memory access. V8 heap corruption involving typed array length manipulation is a key behavioral indicator. ↗
- →The exploit triggers the bug via Reflect.construct with a Proxy new.target inside an array push operation. Detecting JavaScript patterns combining Reflect.construct, Proxy objects, and array push in tight loops may indicate exploitation attempts. ↗
- →The exploit delivers a crafted HTML page with inline JavaScript. HTTP responses with Content-Type text/html and Cache-Control: no-cache, no-store, must-revalidate headers containing the exploit JS pattern should be flagged. ↗
- →Check Point IPS blade signature name for this CVE is 'Google Chrome Type Confusion (CVE-2020-6418)' — use this as a reference signature name when searching IPS/NIDS logs. ↗
- →The Chromium bug tracker ID for this vulnerability is 1053604. Use this ID to correlate patch notes, crash reports, and exploit references. ↗
- ·The Metasploit exploit module only targets Chrome 80.0.3987.87 (64-bit) on Windows 10 and macOS. It requires the browser to be launched with --no-sandbox; exploitation against sandboxed Chrome instances will not result in payload execution. ↗
- ·Detailed technical information about the vulnerability was restricted at time of initial disclosure to allow users time to patch. Full details may have become available later. ↗
- ·No public proof-of-concept was available at the time of Tenable's initial blog post, though in-the-wild exploitation was confirmed by Google. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Google Chromium V8 Type Confusion Vulnerability
cisa·2021-11-03·CVSS 8.8
CVE-2020-6418 [HIGH] CWE-843 Google Chromium V8 Type Confusion Vulnerability
Vulnerability: Google Chromium V8 Type Confusion Vulnerability
Affected: Google Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-6418
Remediation Due Date: 2022-05-03
Chrome
Stable Channel Update for Desktop: CVE-2020-6407
vendor_chrome·2020-02-24·CVSS 8.8
CVE-2020-6407 [HIGH] Stable Channel Update for Desktop: CVE-2020-6407
Stable Channel Update for Desktop
CVE-2020-6407: Out of bounds memory access in streams. Reported by Sergei Glazunov of Google Project Zero on 2020-01-27
This release also contains:
[N/A][ 1053604 ] High CVE-2020-6418: Type confusion in V8
Reported by Clement Lecigne of Google's Threat Analysis Group on 2020-02-18
Severity: high
Red Hat
chromium-browser: Type confusion in V8
vendor_redhat·2020-02-24·CVSS 8.8
CVE-2020-6418 [HIGH] CWE-843 chromium-browser: Type confusion in V8
chromium-browser: Type confusion in V8
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Debian
CVE-2020-6418: chromium - Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote at...
vendor_debian·2020·CVSS 8.8
CVE-2020-6418 [HIGH] CVE-2020-6418: chromium - Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote at...
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Scope: local
bookworm: resolved (fixed in 80.0.3987.122-1)
bullseye: resolved (fixed in 80.0.3987.122-1)
forky: resolved (fixed in 80.0.3987.122-1)
sid: resolved (fixed in 80.0.3987.122-1)
trixie: resolved (fixed in 80.0.3987.122-1)
GHSA
GHSA-495j-4jmx-mgrx: Type confusion in V8 in Google Chrome prior to 80
ghsa_unreviewed·2022-05-24
CVE-2020-6418 [MEDIUM] CWE-843 GHSA-495j-4jmx-mgrx: Type confusion in V8 in Google Chrome prior to 80
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Project0
In-the-Wild Series: Chrome Exploits - Project Zero
project_zero·2021-01-01·CVSS 8.8
CVE-2017-5070 [HIGH] In-the-Wild Series: Chrome Exploits - Project Zero
This is part 3 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post.
Posted by Sergei Glazunov, Project Zero
## Introduction
As we continue the series on the watering hole attack discovered in early 2020, in this post we’ll look at the rest of the exploits used by the actor against Chrome. A timeline chart depicting the extracted exploits and affected browser versions is provided below. Different color shades represent different exploit versions.
All vulnerabilities used by the attacker are in V8, Chrome’s JavaScript engine; and more specifically, they are JIT compiler bugs. While classic C++ memory safety issues are still exploited in real-world attacks against we
Project0
Introducing the In-the-Wild Series - Project Zero
project_zero·2021-01-01
CVE-2020-0938 Introducing the In-the-Wild Series - Project Zero
This is part 1 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, head to the bottom of this post.
At Project Zero we often refer to our goal simply as “make 0-day hard”. Members of the team approach this challenge mainly through the lens of offensive security research. And while we experiment a lot with new targets and methodologies in order to remain at the forefront of the field, it is important that the team doesn’t stray too far from the current state of the art. One of our efforts in this regard is the tracking of publicly known cases of zero-day vulnerabilities. We use this information to guide the research. Unfortunately, public 0-day reports rarely include captured exploits, which could
OSV
CVE-2020-6418: Type confusion in V8 in Google Chrome prior to 80
osv·2020-02-27·CVSS 8.8
CVE-2020-6418 [HIGH] CVE-2020-6418: Type confusion in V8 in Google Chrome prior to 80
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
VulnCheck
Google Chromium V8 Type Confusion Vulnerability
vulncheck·2020·CVSS 8.8
CVE-2020-6418 [HIGH] CWE-843 Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium V8
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html
Exploit PoC: https://vulncheck.com/xdb/09aef40e5781; https://vulncheck.com/xdb/68df06773b3
Project0
Project Zero RCA: CVE-2019-11707: IonMonkey Type Confusion in Array.Pop
project_zero·CVSS 8.8
CVE-2019-11707 [HIGH] Project Zero RCA: CVE-2019-11707: IonMonkey Type Confusion in Array.Pop
# CVE-2019-11707: IonMonkey Type Confusion in Array.Pop
*Samuel Groß, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2020-07-27)*
## The Basics
**Disclosure or Patch Date:** 18 June 2019
**Product:** Mozilla Firefox
**Advisory:** https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
**Affected Versions:** Firefox 67.0.2, likely earlier versions
**First Patched Version:** Firefox 67.0.3 and Firefox ESR 60.7.1
**Issue/Bug Report:**
* Project Zero issue: https://bugs.chromium.org/p/project-zero/issues/detail?id=1820
* Firefox issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1544386
**Patch CL:** https://hg.mozilla.org/releases/mozilla-beta/rev/109cefe117fbdd1764097e06796960082f4fee4e
**Bug-Introducing CL:** Unkno
Project0
Project Zero RCA: CVE-2020-6418: Chrome incorrect side-effect modelling issue in Turbofan leading to type confusions
project_zero·CVSS 8.8
CVE-2020-6418 [HIGH] Project Zero RCA: CVE-2020-6418: Chrome incorrect side-effect modelling issue in Turbofan leading to type confusions
# CVE-2020-6418: Chrome incorrect side-effect modelling issue in Turbofan leading to type confusions
*Samuel Groß and Sergei Glazunov, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2020-08-05)*
## The Basics
**Disclosure or Patch Date:** 24 February 2020
**Product:** Google Chrome
**Advisory:** https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
**Affected Versions:** Google Chrome 60 - 80
**First Patched Version:** 80.0.3987.122
**Issue/Bug Report:** https://bugs.chromium.org/p/chromium/issues/detail?id=1053604
**Patch CL:** https://chromium.googlesource.com/v8/v8.git/+/fb0a60e15695466621cf65932f9152935d859447
**Bug-Introducing CL:** https://chromium.googlesource.com/v8/v8.git/+/0f716a
Project0
Project Zero RCA: CVE-2020-1027: Windows buffer overflow in CSRSS
project_zero·CVSS 8.8
CVE-2020-1027 [HIGH] Project Zero RCA: CVE-2020-1027: Windows buffer overflow in CSRSS
# CVE-2020-1027: Windows buffer overflow in CSRSS
*Sergei Glazunov, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2021-01-12)*
## The Basics
**Disclosure or Patch Date:**
* 23 March 2020 – advisory without technical details
* 14 April 2020 – security bulletin and patch release
**Product:** Microsoft Windows
**Advisory:**
* Initial advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200006
* Security bulletin: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1020
**Affected Versions:** Windows 7 through 10, prior to the April 2020 patch
**First Patched Version:** Windows with April 2020 patch (e.g. for Windows 10 1909/1903, [KB4549951](https://support.microsoft.com/en-u
No detection rules found.
Exploit-DB
Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
exploitdb·2020-03-09
CVE-2020-6418 Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
---
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit',
'Description' => %q{
This module exploits an issue in Google Chrome 80.0.3987.87 (64 bit). The exploit
corrupts the length of a float array (float_rel), which can then be used for out
of bounds read and write on adjacent memory.
The relative read and write is then used to modify a UInt64Array (uint64_aarw)
which is used for read and writing from absolute memory.
The exploit then uses WebAssembly in order to allocate a region of RWX memory,
which is then replaced with the payload shellcode.
The p
Metasploit
Google Chrome 80 JSCreate side-effect type confusion exploit
metasploit
Google Chrome 80 JSCreate side-effect type confusion exploit
Google Chrome 80 JSCreate side-effect type confusion exploit
This module exploits an issue in Google Chrome 80.0.3987.87 (64 bit). The exploit corrupts the length of a float array (float_rel), which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array (uint64_aarw) which is used for read and writing from absolute memory. The exploit then uses WebAssembly in order to allocate a region of RWX memory, which is then replaced with the payload shellcode. The payload is executed within the sandboxed renderer process, so the browser must be run with the --no-sandbox option for the payload to work correctly.
Bugzilla
CVE-2020-6418 chromium: chromium-browser: type confusion in V8 [fedora-all]
bugzilla·2020-02-26·CVSS 8.8
CVE-2020-6418 [HIGH] CVE-2020-6418 chromium: chromium-browser: type confusion in V8 [fedora-all]
CVE-2020-6418 chromium: chromium-browser: type confusion in V8 [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions o
Bugzilla
CVE-2020-6418 chromium: chromium-browser: type confusion in V8 [epel-all]
bugzilla·2020-02-26·CVSS 8.8
CVE-2020-6418 [HIGH] CVE-2020-6418 chromium: chromium-browser: type confusion in V8 [epel-all]
CVE-2020-6418 chromium: chromium-browser: type confusion in V8 [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fe
Bugzilla
CVE-2020-6418 chromium-browser: Type confusion in V8
bugzilla·2020-02-26·CVSS 8.8
CVE-2020-6418 [HIGH] CVE-2020-6418 chromium-browser: Type confusion in V8
CVE-2020-6418 chromium-browser: Type confusion in V8
Type confusion in V8
Discussion:
External References:
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
---
Created chromium tracking bugs for this issue:
Affects: epel-all [bug 1807357]
Affects: fedora-all [bug 1807356]
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2020:0738 https://access.redhat.com/errata/RHSA-2020:0738
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2020-6418
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Ciberamenazas
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi Dec 05, 2024 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, primari
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyber Threats
# MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi
2024/12/05
Read time: ( words)
Save to Folio
#### Summary
- Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
- MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, prim
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyber Threats
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi 2024/12/05 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, primarily
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyberbedrohungen
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi Dec 05, 2024 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, prim
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyber Threats
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi Dec 05, 2024 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, primari
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
blogs_qualys·2022-02-23
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
#### Table of Contents
- Situation
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISA Vulnerabilities Using Qualys VMDR
- CISA Exploited RTI
- Detailed Operational Dashboard
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection & Response can be used by any organization to respond to this directive efficiently and effectively.
## Situation
Last November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directiv
Qualys
Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR | Qualys
blogs_qualys·2021-02-10·CVSS 7.8
[HIGH] Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR | Qualys
As mobile devices have become ubiquitous in almost every business process, whether in bank branches, manufacturing sites or retail stores, they are now hosting business applications and data that is subject to regulatory compliance and security. With access to critical corporate resources inside the corporate network, these mobile devices have become critical assets for the organization.
### Mobile Attack Surface Challenges
Alongside this trend, there has been a drastic rise in Android, iOS, and iPadOS vulnerabilities and an increased number of vulnerable apps distributed from authorized app stores. Through these vectors, mobile devices have become preferred targets for attackers to gain an entry point into corporate networks. Last year, for example, 900 million Apple iOS users were affe
Qualys
Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR
blogs_qualys·2021-02-10·CVSS 7.8
[HIGH] Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR
As mobile devices have become ubiquitous in almost every business process, whether in bank branches, manufacturing sites or retail stores, they are now hosting business applications and data that is subject to regulatory compliance and security. With access to critical corporate resources inside the corporate network, these mobile devices have become critical assets for the organization.
## Mobile Attack Surface Challenges
Alongside this trend, there has been a drastic rise in Android, iOS, and iPadOS vulnerabilities and an increased number of vulnerable apps distributed from authorized app stores. Through these vectors, mobile devices have become preferred targets for attackers to gain an entry point into corporate networks. Last year, for example, 900 million Apple iOS users were affec
Tenable
CVE-2021-21148: Google Chrome Heap Buffer Overflow Vulnerability Exploited in the Wild
blogs_tenable·2021-02-05·CVSS 8.8
[HIGH] CVE-2021-21148: Google Chrome Heap Buffer Overflow Vulnerability Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
How COVID-19 Response Is Expanding the Cyberattack Surface
blogs_tenable·2020-03-30
How COVID-19 Response Is Expanding the Cyberattack Surface
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Checkpoint
March 2nd – Threat Intelligence Bulletin
blogs_checkpoint·2020-03-02·CVSS 9.8
CVE-2019-19781 [CRITICAL] March 2nd – Threat Intelligence Bulletin
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
AI Research 2
Android Malware 23
Artificial Intelligence 4
ChatGPT 3
Check Point Research Publications 455
Cloud Security 1
CPRadio 44
Crypto 2
Data & Threat Intelligence 2
Data Analysis 0
Demos 22
Global Cyber Attack Reports 408
How To Guides 13
Ransomware 5
Russo-Ukrainian War 1
Security Report 1
Threat and data analysis 0
Threat Research 174
Web 3.0 Security 11
Wipers 0
## March 2nd – Threat Intelligence Bulletin
For the latest discoveries in cyber research for the week of March 2nd 2020, please download our Threat Intelligence Bulletin
TOP ATTACKS AND BREA
Tenable
CVE-2020-6418: Google Chrome Type Confusion Vulnerability Exploited in the Wild
blogs_tenable·2020-02-24·CVSS 8.8
[HIGH] CVE-2020-6418: Google Chrome Type Confusion Vulnerability Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://packetstormsecurity.com/files/156632/Google-Chrome-80-JSCreate-Side-Effect-Type-Confusion.htmlhttps://access.redhat.com/errata/RHSA-2020:0738https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.htmlhttps://crbug.com/1053604https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/https://security.gentoo.org/glsa/202003-08https://www.debian.org/security/2020/dsa-4638http://packetstormsecurity.com/files/156632/Google-Chrome-80-JSCreate-Side-Effect-Type-Confusion.htmlhttps://access.redhat.com/errata/RHSA-2020:0738https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.htmlhttps://crbug.com/1053604https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/https://security.gentoo.org/glsa/202003-08https://www.debian.org/security/2020/dsa-4638https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-6418
2020-02-27
Published
2021-11-03
Added to CISA KEV
Exploited in the wild