CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Patch Tuesday, May 2020

May's Patch Tuesday includes patches for 111 unique CVEs. Of those CVEs 17 are rated "Critical" and 94 rated as "Important". Aside from the common vulnerabilities in Microsoft's scripting engine, Sharepoint is the hardest hit on the "Critical" list with four separate Remote Code Execution (RCE) vulnerabilities and an Information Disclosure vulnerability patched for that server package. That "Critical" list also patches an RCE vulnerability in Visual Studio, specifically for an extension to provide Python support.

Included in the list of "Important" vulnerabilities are multiple RCE vulnerabilities for the JET Database engine used as a backend for multiple Microsoft products from the legacy Access Database to the more modern SQL Server Express. In addition, a dozen Elevation of Privilege vulnerabilities are patched in Windows Runtime that could allow an attacker to develop a malicious application that could run additional arbitrary code in an elevated context like Administrator or System. An additional dozen Elevation of Privilege vulnerabilities are patched in the Windows State Repository Service which tracks Microsoft web browsing activity in the Edge browser.

Luckily none of these vulnerabilities have been exposed or exploited in the wild yet, so now's the time to get patching before exploits are written.

Stay safe out there!


Critical

Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2020-1037
Remote Code Execution

Internet Explorer Memory Corruption Vulnerability
CVE-2020-1062
Remote Code Execution

Media Foundation Memory Corruption Vulnerability
CVE-2020-1028, CVE-2020-1126, CVE-2020-1136
Remote Code Execution

Microsoft Color Management Remote Code Execution Vulnerability
CVE-2020-1117
Remote Code Execution

Microsoft Edge Elevation of Privilege Vulnerability
CVE-2020-1056
Elevation of Privilege

Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-1153
Remote Code Execution

Microsoft SharePoint Information Disclosure Vulnerability
CVE-2020-1103
Information Disclosure

Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-1023, CVE-2020-1024, CVE-2020-1102, CVE-2020-1069
Remote Code Execution

MSHTML Engine Remote Code Execution Vulnerability
CVE-2020-1064
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2020-1065
Remote Code Execution

VBScript Remote Code Execution Vulnerability
CVE-2020-1093
Remote Code Execution

Visual Studio Code Python Extension Remote Code Execution Vulnerability
CVE-2020-1192
Remote Code Execution


Important

.NET Core Denial of Service Vulnerability
CVE-2020-1108
Denial of Service

.NET Framework Elevation of Privilege Vulnerability
CVE-2020-1066
Elevation of Privilege

ASP.NET Core Denial of Service Vulnerability
CVE-2020-1161
Denial of Service

Connected User Experiences and Telemetry Service Denial of Service Vulnerability
CVE-2020-1084, CVE-2020-1123
Denial of Service

DirectX Elevation of Privilege Vulnerability
CVE-2020-1140
Elevation of Privilege Vulnerability

Internet Explorer Memory Corruption Vulnerability
CVE-2020-1092
Remote Code Execution

Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1051, CVE-2020-1174, CVE-2020-1175, CVE-2020-1176
Remote Code Execution

Media Foundation Memory Corruption Vulnerability
CVE-2020-1150
Remote Code Execution

Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability
CVE-2020-1055
Spoofing

Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2020-1063
Spoofing

Microsoft Edge PDF Remote Code Execution Vulnerability
CVE-2020-1096
Remote Code Execution

Microsoft Edge Spoofing Vulnerability
CVE-2020-1059
Spoofing

Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-0901
Remote Code Execution

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-1099, CVE-2020-1100, CVE-2020-1101, CVE-2020-1106
Spoofing

Microsoft Power BI Report Server Spoofing Vulnerability
CVE-2020-1173
Spoofing

Microsoft Script Runtime Remote Code Execution Vulnerability
CVE-2020-1061
Remote Code Execution

Microsoft SharePoint Spoofing Vulnerability
CVE-2020-1104, CVE-2020-1105, CVE-2020-1107
Spoofing

Microsoft Windows Elevation of Privilege Vulnerability
CVE-2020-1010, CVE-2020-1068, CVE-2020-1079
Elevation of Privilege

Microsoft Windows Transport Layer Security Denial of Service Vulnerability
CVE-2020-1118
Denial of Service

VBScript Remote Code Execution Vulnerability
CVE-2020-1035, CVE-2020-1058, CVE-2020-1060
Remote Code Execution

Visual Studio Code Python Extension Remote Code Execution Vulnerability
CVE-2020-1171
Remote Code Execution

Win32k Elevation of Privilege Vulnerability
CVE-2020-1054, CVE-2020-1143
Elevation of Privilege

Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability
CVE-2020-1112
Elevation of Privilege

Windows Clipboard Service Elevation of Privilege Vulnerability
CVE-2020-1111, CVE-2020-1121, CVE-2020-1165, CVE-2020-1166
Elevation of Privilege

Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-1154
Elevation of Privilege

Windows CSRSS Information Disclosure Vulnerability
CVE-2020-1116
Information Disclosure

Windows Denial of Service Vulnerability
CVE-2020-1076
Denial of Service

Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-1021, CVE-2020-1082, CVE-2020-1088, CVE-2020-1132
Elevation of Privilege

Windows GDI Elevation of Privilege Vulnerability
CVE-2020-1142
Elevation of Privilege

Windows GDI Information Disclosure Vulnerability
CVE-2020-0963, CVE-2020-1141, CVE-2020-1145, CVE-2020-1179
Information Disclosure

Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-1135
Elevation of Privilege

Windows Hyper-V Denial of Service Vulnerability
CVE-2020-0909
Denial of Service

Windows Installer Elevation of Privilege Vulnerability
CVE-2020-1078
Elevation of Privilege

Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1087, CVE-2020-1114
Elevation of Privilege

Windows Kernel Information Disclosure Vulnerability
CVE-2020-1072
Information Disclosure

Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-1048, CVE-2020-1070
Elevation of Privilege

Windows Printer Service Elevation of Privilege Vulnerability
CVE-2020-1081
Elevation of Privilege

Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-1137
Elevation of Privilege

Windows Remote Access Common Dialog Elevation of Privilege Vulnerability
CVE-2020-1071
Elevation of Privilege

Windows Remote Code Execution Vulnerability
CVE-2020-1067
Remote Code Execution

Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158, CVE-2020-1164
Elevation of Privilege

Windows State Repository Service Elevation of Privilege Vulnerability
CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191
Elevation of Privilege

Windows Storage Service Elevation of Privilege Vulnerability
CVE-2020-1138
Elevation of Privilege

Windows Subsystem for Linux Information Disclosure Vulnerability
CVE-2020-1075
Information Disclosure

Windows Task Scheduler Security Feature Bypass Vulnerability
CVE-2020-1113
Elevation of Privilege

Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-1109, CVE-2020-1110
Elevation of Privilege

Latest SpiderLabs Blogs

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway

Overview A command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations...

Read More

CNAPP, CSPM, CIEM, CWPP – Oh My!

We all know the cybersecurity industry loves its acronyms, but just because this fact is widely known doesn’t mean everyone knows the story behind the alphabet soup groups of letters, we must deal...

Read More

Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region

Recently, we observed a phishing campaign targeting the Latin American region. The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious...

Read More