What is a Vulnerability?

 What is a Vulnerability?

A vulnerability is a weak point or fault in the code of a system or device that, when exploited, may cause the confidentiality, availability, and integrity of data stored on the system or device through unauthorized disclosure, escalation of privileges, or denial of service (dos). An exploit is any programming or tool that takes advantage of a vulnerability.

The majority of revealed vulnerabilities are published on the National Vulnerability Database (NVD) and listed in the Common Vulnerabilities and Exposures (CVE) List to facilitate data sharing amongst different vulnerability programs.

A vulnerability is a loophole that hackers may exploit to obtain unauthorized access to a computer system. the cyber-attackers may execute malicious script, installing malware, or steal sensitive data after exploiting the vulnerability.

There are several mechanisms to find the vulnerabilities that the attackers used such as SQL injection, cross-site scripting (XSS), and open-source exploit kits, buffer overflows that explore for existing vulnerabilities and security deficiencies in web applications may be used to exploit vulnerabilities. The vulnerability can be resided in software, hardware, network or within the organizations. There are four main type of vulnerability categories.

1. Software Vulnerability - This may be unsubstantiated input, which might enable an intruder to overflow a buffer. This might result in the software executing arbitrary code. This is a typical buffer overflow exploit, of which various versions exist.
2. Hardware Vulnerability- Higher DRAM cell density induces electromagnetic interactions among adjacent memory cells. When we write to one memory row, the memory cells in adjacent rows may be affected. This allows an attacker to rewrite portions of memory to which he should not have access. This flaw, called as rowhammer, has been shown to exclusively impact DDR3 and DDR4 SDRAM components.
3. Network Vulnerabilities- Unsecure wireless access points would be a security risk for the network system. The lack of encryption or the use of WEP are instances.
4. Organizational Vulnerabilities- Employees' lack of security knowledge might make an organization vulnerable to assault. Emails containing malicious attachments are a common kind of attack. Additionally, it raises the likelihood that staff may install untrusted USB drives onto otherwise protected Desktops and laptops.

Vulnerable types and Technologies that Attackers have used

During the Covid19, the growth of remote work. There are Four of the most exploited vulnerabilities in 2020 included remote work, virtual private networks, or cloud-based technology. In 2020, several VPN gateway equipment remained unpatched, as the expansion of remote work choices affected the capacity of enterprises to execute strict patch maintenance. According to the [5] following vulnerabilities and their technologies have identified.

Some of the Vulnerabilities and their technologies as follows.

1. Citrix NetScaler Application Delivery Control (ADC)

• Details : It is susceptible to Remote Code Execution (RCE) and complete system exposure because of insufficient access constraints, which permit directory navigation.

• How it Happens : Inadequate access constraints let an attacker to scan system directories for susceptible code. Citrix ADC hosts an insecure Perl script because, when requested through HTTP POST that enables local operating system instructions to run. Using embedded instructions, attackers may utilize this feature to upload/execute command and control malware and obtain unwanted access to the operating system.

• Technologies that used : Citrix ADC and Gateway versions 10.5, 11.1, 12.0, 12.1, and 13.0

       2. Fortinet Secure Sockets Layer (SSL) VPN

• Details : It is susceptible to path traversal without authentication, that enables hackers to inject the sslvpn web session files. An intruder is therefore able to extract user credentials in plaintext.

• How it Happens : Inadequate access permissions restrictions and directory layout in web applications enable attackers to view registry entries without authentication. Hackers may execute an HTTP GET request. This causes the server to reply with unreadable symbols in addition to cleartext credentials

• Technologies that used : 6.0.0 to 6.0.4, 5.6.3 to 5.6.7, and 5.4.6 to 5.4.12 are versions of Fortinet FortiOS.

        3.Microsoft SharePoint Remote Code Execution

• Details-A weakness in a Microsoft SharePoint XML misconfigured component allows hackers to access arbitrary code on affected Microsoft servers.

• How it Happens-Typically, this bug was used to deploy webshell malware on susceptible machines.The webshell may be put wherever serviced by the linked Internet Information Services (IIS) remote server, and authentication was not required.

• Technologies that used-Microsoft SharePoint versions 2013 sp1, 2010 sp2, 2019, and 2016

       4.Atlassian Confluence Server Widget Connector

• Details : It's susceptible to server-side content injection attacks.

• How it Happens : An attacker with remote access may attack a server-side request forgery (SSRF) flaw in the WebDAV extension to make arbitrary HTTP and WebDAV queries from either a Confluence Server or Data Center. A remote attacker of this vulnerability enables server-side template injection, recognize, and remote code execution on susceptible computers.

• Technologies that used : Confluence Server and Confluence Data Center versions before 6.6.12.

If you want more details please click here

Don't you know how to check HardDisk Health? Click Here