Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
May 26, 2023
Severity High Analysis Summary CVE-2023-32165 CVSS:9.8 D-Link D-View could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in TftpReceiveFileHandler […]May 26, 2023Severity Medium Analysis Summary Cobalt Strike first appeared in 2012 in response to alleged flaws in the Metasploit Framework, an existing red team (penetration testing) tool. […]May 26, 2023Severity Medium Analysis Summary CVE-2023-44520 CVSS:7.8 Adobe Acrobat Reader DC could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
May 26, 2023Severity High Analysis Summary CVE-2023-32165 CVSS:9.8 D-Link D-View could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in TftpReceiveFileHandler […]May 26, 2023Severity Medium Analysis Summary Cobalt Strike first appeared in 2012 in response to alleged flaws in the Metasploit Framework, an existing red team (penetration testing) tool. […]May 26, 2023Severity Medium Analysis Summary CVE-2023-44520 CVSS:7.8 Adobe Acrobat Reader DC could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – Flaws in ATM Dispenser Controllers Allowed Hackers to Steal Cash
August 14, 2018Rewterz Threat Advisory – CVE-2018-8374 Microsoft Exchange Server Tampering Vulnerability
August 15, 2018
Multiple vulnerabilities in Microsoft Windows Adobe Flash Player may cause information disclosure, privilege escalation or security mitigation bypass.
IMPACT: NORMAL
PUBLISH DATE: 14-08-2018
OVERVIEW
Multiple vulnerabilities have been found in various versions of Microsoft Windows Adobe Flash Player which may lead to out-of-bound reads causing disclosure of potentially sensitive information. One of these vulnerabilities may also cause bypassing of Security Mitigations. Moreover, an attacker using a component with a known vulnerability may also lead to privilege escalation.
ANALYSIS
The five vulnerabilities detected in Microsoft Windows Adobe Flash Player this week include Out-of-bound reads, security bypasses and usage of a component with known vulnerability. These can cause Information disclosure by providing sensitive information to unauthorized people, or may bypass restrictions meant for security mitigation. Usage of known vulnerabilities may also cause privilege escalation.
These vulnerabilities are resolved by updating products to latest versions. Currently, there are no reported exploits for these vulnerabilities. However, for best security measures, Adobe recommends installation of updates within a period of thirty days.
The table below lists the vulnerabilities under consideration in this advisory.
AFFECTED PRODUCTS
Mentioned versions of the products listed below have been found to be vulnerable.
UPDATES
Apply relevant updates to your system:
- Adobe Flash Player on Windows 10 for x64-based Systems (KB4343902)
- Adobe Flash Player on Windows Server 2016 (KB4343902)
- Adobe Flash Player on Windows 10 Version 1607
- Adobe Flash Player on Windows 10 Version 1703
- Adobe Flash Player on Windows 10 Version 1709
- Adobe Flash Player on Windows 10 Version 1803
- Adobe Flash Player on Windows 10 for 32-bit Systems (KB4343902)
- Adobe Flash Player on Windows 10 Version 1607
- Adobe Flash Player on Windows 10 Version 1703
- Adobe Flash Player on Windows 10 Version 1709
- Adobe Flash Player on Windows 10 Version 1803
- Adobe Flash Player on Windows RT 8.1 (KB4343902)
- Adobe Flash Player on Windows 8.1 for x64-based systems (KB4343902)
- Adobe Flash Player on Windows Server 2012 R2 (KB4343902)
- Adobe Flash Player on Windows 8.1 for 32-bit systems (KB4343902)
- Adobe Flash Player on Windows Server 2012 (KB4343902)
It is best to update the running versions of the affected products as per the advisory. Furthermore, if you think you are a victim of a cyber-security attack. Immediately send an email to info@rewterz.com for a rapid response.