Summary
Digital Vaccine #9466 October 13, 2020
Details
| Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com. SMS customers can update the Digital Vaccine through the SMS client. From the top-line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update. |
| System Requirements |
| The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above, all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters. |
| Microsoft Security Bulletins This DV includes coverage for the Microsoft vulnerabilities released on or before October 13, 2020. The following table maps TippingPoint filters to the Microsoft CVEs. | ||
| CVE | Filter | Status |
| CVE-2020-1047 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-1080 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-1243 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16863 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16876 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16877 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16885 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16886 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16887 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16889 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16890 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16891 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16892 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16894 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16895 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16896 | 38253 | |
| CVE-2020-16897 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16898 | 38090 | |
| CVE-2020-16899 | 38092 | |
| CVE-2020-16900 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16901 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16902 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16904 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16905 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16907 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16908 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16909 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16910 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16911 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16912 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16913 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16914 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16915 | 38251 | |
| CVE-2020-16916 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16918 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16919 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16920 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16921 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16922 | 38247 | |
| CVE-2020-16923 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16924 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16927 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16928 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16929 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16930 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16931 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16932 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16933 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16934 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16935 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16936 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16937 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16938 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16939 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16940 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16941 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16942 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16943 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16944 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16945 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16946 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16947 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16948 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16949 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16950 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16951 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16952 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16953 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16954 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16955 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16956 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16957 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16967 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16968 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16969 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16972 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16973 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16974 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16975 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16976 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16977 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16978 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16980 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-16995 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| CVE-2020-17003 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| Filters marked with * shipped prior to this DV, providing zero-day protection. | ||
| The Digital Vaccine can be manually downloaded from the following URLs: https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9466.pkg https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9466.pkg |
Update Details
Table of Contents
--------------------------
Filters
New Filters - 15
Modified Filters (logic changes) - 38
Modified Filters (metadata changes only) - 3
Removed Filters - 0
Filters
----------------
New Filters:
38090: IPv6: Microsoft Windows Ipv6pUpdateRDNSS Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Microsoft Windows.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-16898
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: IPV6
- Platform: Windows Client Application
- Release Date: October 13, 2020
38092: IPv6: Microsoft Windows IPv6 Stack Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Windows.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-16899
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: IPV6
- Platform: Windows Client Application
- Release Date: October 13, 2020
38198: SIP: SIP INVITE Request
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a SIP INVITE request.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2008-5180
- Classification: Security Policy - Other
- Protocol: SIP (VOIP)
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38199: HTTP: Zoho ManageEngine Applications Manager UploadAction File Upload Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Zoho ManageEngine Applications Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-14008
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38202: HTTP: rConfig Network Device Configuration vendor.crud.php File Upload Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a file upload vulnerability in rConfig Network Device Configuration.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-12255
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38203: HTTP: NEC ExpressCluster ApplyConfig XML External Entity Injection Vulnerability (ZDI-20-1102)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an external entity injection vulnerability in NEC ExpressCluster.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-17408
- Zero Day Initiative: ZDI-20-1102
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38239: HTTP: Apache httpd HTTP2 Cache-Digest Header Parsing Memory Corruption Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a memory corruption vulnerability in Apache httpd.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-9490
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38241: HTTP: ZenTao Pro Command Execution Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command execution vulnerability in ZenTao Pro.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-7361
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38243: HTTP: Telmat AccessLog Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in Telmat AccessLog.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-16147
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38244: HTTP: Jenkins CVS Plugin Cross-Site Request Forgery Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a cross-site request forgery vulnerability in Jenkins CVS Plugin.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-2184
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38247: HTTP: Microsoft Windows File Validation Spoofing Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit a spoofing vulnerability in Microsoft Windows.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-16922
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: October 13, 2020
38248: HTTP: MaraCMS PHP File Upload
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects an attempt to upload a file to MaraCMS.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2020-25042
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38250: HTTP: WordPress SupportCandy Plugin Arbitrary File Upload Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in WordPress SupportCandy Plugin.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2019-11223
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 13, 2020
38251: HTTP: Microsoft Windows Media Foundation H265 Stream Parsing Memory Corruption Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a memory corruption vulnerability in Microsoft Windows Media Foundation.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-16915 CVSS 3.1
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: October 13, 2020
38253: RDP: Microsoft Remote Desktop Integer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an integer overflow in Microsoft Remote Desktop.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2020-16896
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: TCP (Generic)
- Platform: Windows Client Application
- Release Date: October 13, 2020
Modified Filters (logic changes):
* = Enabled in Default deployments
26399: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1198)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "26399: ZDI-CAN-10929: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
26888: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1199)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "26888: ZDI-CAN-10983: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
26889: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1200)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "26889: ZDI-CAN-10984: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
27057: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1201)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "27057: ZDI-CAN-10985: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
27302: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1202)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "27302: ZDI-CAN-10986: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
27422: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1203)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "27422: ZDI-CAN-10987: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
27530: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 File Buffer Overflow Vulnerability (ZDI-20-1204)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "27530: ZDI-CAN-11010: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2020
- Last Modified Date: October 13, 2020
* 30147: HTTP: Oracle WebLogic Command Injection Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: January 02, 2018
- Last Modified Date: October 13, 2020
36745: HTTP: Advantech WebAccess/NMS download.jsp Directory Traversal Vulnerability (ZDI-20-384)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 03, 2019
- Last Modified Date: October 13, 2020
36905: HTTP: IBM Spectrum Protect Plus uploadHttpsCertificate Command Injection Vulnerability (ZDI-20-348)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 21, 2020
- Last Modified Date: October 13, 2020
37247: HTTP: Microsoft Windows Media Player AVI Parsing Out-Of-Bounds Write Vulnerability (ZDI-20-285)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37247: ZDI-CAN-10525: Zero Day Initiative Vulnerability (Microsoft Windows Media Player)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 03, 2020
- Last Modified Date: October 13, 2020
37289: HTTP: Advantech WebAccess/HMI Designer PM3 File Parsing Buffer Overflow Vulnerability (ZDI-20-959)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37289: ZDI-CAN-10122: Zero Day Initiative Vulnerability (Advantech WebAccess/HMI Designer)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 10, 2020
- Last Modified Date: October 13, 2020
37299: HTTP: Microsoft Internet Explorer JScript Use-After-Free Vulnerability (ZDI-20-645)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37299: ZDI-CAN-10397: Zero Day Initiative Vulnerability (Microsoft Internet Explorer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 10, 2020
- Last Modified Date: October 13, 2020
37327: HTTP: Advantech WebAccess/HMI Designer PM3 File Parsing Buffer Overflow Vulnerability (ZDI-20-955)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37327: ZDI-CAN-10136: Zero Day Initiative Vulnerability (Advantech WebAccess/HMI Designer)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37336: HTTP: Microsoft Windows hevcdecoder_store File Parsing Out-Of-Bounds Write Vulnerability(ZDI-20-818)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37336: ZDI-CAN-10692: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37338: HTTP: Microsoft Windows hevcdecoder_store File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-804)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37338: ZDI-CAN-10690: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37342: HTTP: Microsoft Windows hevcdecoder_store File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-906)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37342: ZDI-CAN-10686: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37343: HTTP: Microsoft Windows hevcdecoder_store File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-817)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37343: ZDI-CAN-10685: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37344: HTTP: Microsoft Windows hevcdecoder_store File Parsing Out-Of-Bounds Write Vulnerability(ZDI-20-816)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37344: ZDI-CAN-10684: Zero Day Initiative Vulnerability (Microsoft Windows)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37370: HTTP: Delta Industrial Automation DOPSoft File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-788)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37370: ZDI-CAN-10572: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 17, 2020
- Last Modified Date: October 13, 2020
37376: HTTP: Delta Industrial Automation DOPSoft File Parsing Buffer Overflow Vulnerability (ZDI-20-789)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37376: ZDI-CAN-10571: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37379: HTTP: Delta Industrial Automation DOPSoft File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-790)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37379: ZDI-CAN-10509: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37382: HTTP: Advantech WebAccess/SCADA SyntecUA Buffer Overflow Vulnerability (ZDI-20-625)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37382: ZDI-CAN-10339: Zero Day Initiative Vulnerability (Advantech WebAccess/SCADA)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37398: HTTP: Apple Safari HasIndexedProperty Type Confusion Vulnerability (ZDI-20-682)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37398: ZDI-CAN-10504,10773: Zero Day Initiative Vulnerability (Apple Safari)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37399: HTTP: Delta Industrial Automation DOPSoft Out-Of-Bounds Read Vulnerability (ZDI-20-792)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37399: ZDI-CAN-10494: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37400: HTTP: Horde Groupware Webmail Edition edit Page Directory Traversal Vulnerability (ZDI-20-276)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37400: ZDI-CAN-10469: Zero Day Initiative Vulnerability (Horde Groupware Webmail Edition)".
- Category changed from "Exploits" to "Vulnerabilities".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37406: HTTP: Micro Focus Secure Messaging Gateway SaveData Command Injection Vulnerability (ZDI-20-977)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37406: ZDI-CAN-10333: Zero Day Initiative Vulnerability (Micro Focus Secure Messaging Gateway)".
- Category changed from "Exploits" to "Vulnerabilities".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 24, 2020
- Last Modified Date: October 13, 2020
37581: HTTP: Fuji Electric Tellus Lite V-Simulator 6 V9 Out-Of-Bounds Write Vulnerability (ZDI-20-1186)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37581: ZDI-CAN-10611: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 14, 2020
- Last Modified Date: October 13, 2020
37585: HTTP: Fuji Electric Tellus Lite V-Simulator 6 V9 Buffer Overflow Vulnerability (ZDI-20-1103)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37585: ZDI-CAN-10675: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 6)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 14, 2020
- Last Modified Date: October 13, 2020
37741: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Out-Of-Bounds Write Vulnerability (ZDI-20-1197)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37741: ZDI-CAN-10961: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 12, 2020
- Last Modified Date: October 13, 2020
37742: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-20-1196)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37742: ZDI-CAN-10960: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 12, 2020
- Last Modified Date: October 13, 2020
37743: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-20-1195)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37743: ZDI-CAN-10959: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 12, 2020
- Last Modified Date: October 13, 2020
37745: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Out-Of-Bounds Read Vulnerability (ZDI-20-1192)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37745: ZDI-CAN-10956: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 12, 2020
- Last Modified Date: October 13, 2020
37746: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-20-1193)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37746: ZDI-CAN-10957: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 12, 2020
- Last Modified Date: October 13, 2020
37747: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Out-Of-Bounds Read Vulnerability (ZDI-20-1194)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37747: ZDI-CAN-10958: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 12, 2020
- Last Modified Date: October 13, 2020
* 37841: HTTP: F5 BIG-IP TMUI Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 07, 2020
- Last Modified Date: October 13, 2020
38068: HTTP: Foxit Reader AcroForm Annotation Use-After-Free Vulnerability (ZDI-20-1234)
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38068: ZDI-CAN-11657: Zero Day Initiative Vulnerability (Foxit Reader)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 01, 2020
- Last Modified Date: October 13, 2020
38142: HTTP: Studio-42 elFinder Command Injection Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: September 22, 2020
- Last Modified Date: October 13, 2020
Modified Filters (metadata changes only):
* = Enabled in Default deployments
24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 05, 2016
- Last Modified Date: October 13, 2020
38100: HTTP: WordPress File Manager File Upload Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: September 03, 2020
- Last Modified Date: October 13, 2020
38167: HTTP: FasterXML jackson-databind Remote Code Execution Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: September 22, 2020
- Last Modified Date: October 13, 2020
Removed Filters: None
Top of the Page
