Rewterz Threat Alert – The EKING Variant of Phobos Ransomware
October 14, 2020Rewterz Threat Advisory – A New RAT Exploiting an Old Oracle WebLogic Server Vulnerability
October 14, 2020Rewterz Threat Alert – The EKING Variant of Phobos Ransomware
October 14, 2020Rewterz Threat Advisory – A New RAT Exploiting an Old Oracle WebLogic Server Vulnerability
October 14, 2020Severity
High
Analysis Summary
CVE-2020-9746
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to an exploitable crash, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of CVE-2020-9746 requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.
Impact
- Arbitrary Code Execution
- Privilege Abuse
Affected Vendors
Adobe
Affected Products
- Adobe Flash Player Desktop Runtime 32.0.0.433 and earlier for Windows macOS and Linux
- Adobe Flash Player for Google Chrome 32.0.0.433 and earlier for Windows macOS Linux and Chrome OS
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.387 and earlier for Windows 10 and 8.1
Remediation
Update Adobe Flash Player to version 32.0.0.445 for all platforms.
https://helpx.adobe.com/security/products/flash-player/apsb20-58.html