Font Parsing Remote Code Execution Vulnerabilities Exploited in the Wild

March 26, 2020

On March 23, Microsoft released an advisory for two vulnerabilities in Adobe Type Manager (ATM) Library, an integrated PostScript font library found in all versions of Windows. Although the name of the ATM library came from an Adobe developed tool, ATM Light, Microsoft included native support for the ATM fonts with the release of Windows Vista in 2007. These vulnerabilities, therefore, exist within Windows’ native integration for support of PostScript fonts.

Exploitation of these vulnerabilities could lead an attacker to gain code execution on a vulnerable machine after a user on that machine opens a specially crafted document or viewed that document in the Windows Preview pane.

Microsoft’s advisory reports that due to active exploitation of un-patched vulnerabilities in the Adobe Type Manager Library, Windows users are urged to apply Microsoft’s suggested workarounds to reduce risk until a proper fix can be made available in April’s Patch Tuesday.

Tenable provides a full analysis here.


Zoho ManageEngine Desktop Central 10 Deserialization Vulnerability Could Lead to Remote Code Execution

March 9, 2020

Zoho releases a patch for a critical remote code execution flaw in ManageEngine one day after the vulnerability was publicly disclosed.

The Tenable Security Response Team (SRT) launched a Security Advisory for a recently disclosed and patched flaw in Zoho ManageEngine Desktop Central 10. It was discovered by Steven Seeley of Source Incite, who tweeted an advisory [advisory link] for the vulnerability on March 5 including a proof-of-concept (PoC). At the time, there was no CVE identifier associated with the flaw, nor was a patch available. Since disclosing it on Twitter, it was identified as CVE-2020-10189 and Zoho released a patch for the vulnerability in build 10.0.479 on March 6.

According to Seeley, the flaw “exists within the FileStorage class” which does not properly validate user-supplied data, resulting in the deserialization of untrusted data. An unauthenticated, remote attacker could use this vulnerability to “execute code under the context of SYSTEM.”

CVE-2020-10189 is an untrusted deserialization vulnerability in Zoho ManageEngine Desktop Central. The vulnerability stems from an improper input validation in the FileStorage class. According to Seeley, an unauthenticated, remote attacker can abuse the lack of validation in the FileStorage class to upload a malicious file containing a serialized payload onto the vulnerable Desktop Central host. To trigger the untrusted deserialization, an attacker would then need to make a subsequent request for the file uploaded onto the vulnerable host. This would then grant the attacker arbitrary code execution with SYSTEM/root privileges. For more detail, please refer to the proof-of-concept section, which contains Seeley’s detailed breakdown of the vulnerability.

Here’s Tenable’s blog for this advisory.


CVE-2020-0688: Microsoft Exchange Server Static Key Flaw Could Lead to Remote Code Execution

March 5, 2020

Attackers are probing for vulnerable Microsoft Exchange Servers, as details surrounding a severe flaw were recently made public. 

On February 11, Microsoft released a patch for a severe vulnerability in Microsoft Exchange Server as part of its monthly Patch Tuesday updates. Initially, Microsoft labeled this a memory corruption vulnerability in Microsoft Exchange. However, Microsoft has since updated the title and description for the flaw.

Vulnerability analysis: CVE-2020-0688 is a static key vulnerability in Microsoft Exchange Control Panel (ECP), a component of the Microsoft Exchange Server. The use of static keys could allow an authenticated attacker with any privilege level to send a specially crafted request to a vulnerable ECP and gain SYSTEM level arbitrary code execution. Microsoft rates this flaw as important but notes that exploitation is more likely, according to its exploitability index.

Researchers have warned that attackers are probing for Microsoft Exchange Servers vulnerable to CVE-2020-0688 and found that many organizations are behind in patching Exchange Servers, leaving them open to attack. Full details of the vulnerability are in the blog post.


Tenable Appoints Mark Thurmond as Chief Operating Officer

February 5, 2020

Global Cybersecurity leader deepens executive bench with technology industry veteran

Columbia, MD/ MUMBAI, India- February 5, 2020 – Tenable®, Inc., the Cyber Exposure company, today announced it has appointed Mark Thurmond as Chief Operating Officer (COO). In this role, Thurmond will lead Tenable’s global field operations, including sales, professional services and technical support. Thurmond’s appointment adds another layer of depth to Tenable’s executive bench as the company continues to deliver on its Cyber Exposure vision to help business executives and security teams understand and reduce cybersecurity risk.

Mark is one of the technology industry’s most highly respected go-to-market executives, with a proven track record of driving revenue growth and operational excellence for notable cloud and cybersecurity companies,” said Amit Yoran, Chairman and CEO, Tenable. “Mark shares our passion and vision to help customers understand their Cyber Exposure and risk as we enter our next phase of growth. We’re thrilled to have him on board.”

Thurmond is an accomplished executive leading global sales, services, and operations organizations in high growth technology companies. He joins Tenable from Turbonomic where he served as COO and was responsible for aligning the company’s global operations to help customers on their journey to hybrid cloud. Prior to Turbonomic, he was Executive Vice President at Qlik Technologies where he led Worldwide Sales and Services. Thurmond also held multiple global sales and operations leadership positions for divisions of Dell EMC, including Senior Vice President of Worldwide Sales at VCE and RSA.

Cybersecurity is fundamental to digital business and Tenable is transforming the industry with innovative solutions to help customers manage measure and reduce their risk in enterprise environments,” said Thurmond. “I’m excited to join this exceptional team and eager to get to work, furthering our Cyber Exposure vision and expanding our footprint around the world.”

# # #

About Tenable

Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.


Tenable Selected as Partner of Choice as BeyondTrust Exits Vulnerability Management Market

January 16, 2020

Tenable named as the preferred vulnerability management platform for BeyondTrust customers in exclusive partnership

MUMBAI, India – January 16, 2020 – Tenable®, Inc., the Cyber Exposure company, today announced it has entered into an exclusive partnership with BeyondTrust, a worldwide leader in Privileged Access Management (PAM), that names Tenable as the preferred vulnerability management partner for BeyondTrust Enterprise Vulnerability Management customers. BeyondTrust has made a decision to exit the Vulnerability Management market and has selected Tenable as its exclusive partner. Tenable was chosen for its market leadership in Vulnerability Management and Cyber Exposure to help organisations understand and manage their cyber risk.

Today’s announcement follows Tenable’s recognition as a Leader in “The Forrester Wave™: Vulnerability Risk Management, Q4 2019” report where Tenable is top-ranked among 13 vendors in both the Strategy and Current Offering categories. Tenable.io® was also named the number one platform in the market for vulnerability and security configuration coverage, according to an analysis and report by Principled Technologies. In addition, Tenable.io was recognised as the Best Vulnerability Management Solution at the 2019 SC Awards.

The market has spoken again – and has selected Tenable as the market leader in vulnerability management. In addition to the recognition from Forrester, we are number one in coverage, number one in accuracy, number one in zero-day research and the only vulnerability management vendor to surpass 100 zero-day discoveries in a single year. We’re laser-focused on ongoing innovation – from delivering Tenable Lumin to the industry’s first unified risk-based view of IT and OT security – to transform how cybersecurity is managed and measured,” said Renaud Deraison, chief technology officer and co-founder, Tenable. “We are honored to be the vulnerability management platform of choice for BeyondTrust. BeyondTrust vulnerability management customers should be very confident that they will be in the best possible hands with Tenable to solve their vulnerability management challenges.”

When we decided to exit the vulnerability management market, it was critical that BeyondTrust referred its customers to a trusted company with a proven track record of product innovation and customer loyalty,” said Dan DeRosa, Chief Product Officer, BeyondTrust. “Tenable was the logical choice, having earned the trust and respect of tens of thousands of organisations globally. We are confident in our decision and know that our customers will be very well taken care of.”

BeyondTrust will end-of-life its vulnerability management suite of solutions effective December 31, 2020. BeyondTrust customers can learn more about the Tenable platform by joining the webinar on Tuesday, January 28 at 2 PM ET or requesting a demo at www.tenable.com/beyondtrust.

# # #

About Tenable

Tenable®, Inc. is the Cyber Exposure Company. Over 27,000 organisations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com


%d bloggers like this: