A typical organization’s environment consists of a myriad of applications and services, each with its own unique set of ongoing vulnerabilities and flaws that could ultimately lead to a data breach. This can make IT security and operations’ job difficult, as different departments and groups within a company may utilize specific software offerings to accomplish their job functions. Fortunately, a consolidated database of vendor-specific software vulnerabilities exists—the Common Vulnerabilities and Exposures (CVE) repository: a public information security resource developed and maintained by Mitre Corporation.
The CVE repository streamlines the process of identifying and remediating vulnerabilities on an ongoing basis, especially when dealing with infrastructures running highly disparate software applications and systems across departments and groups.
We’ve selected the top 10 critical CVE records across all vendor offerings that impact *nix and Windows-based environments—this list can serve as a helpful starting point for hardening your infrastructure’s security posture.
Top 10 Critical CVE Records
10. Access of Resource Using Incompatible Type (CVE-2015-5562)
Adobe Flash, AIR, and AIR SDK
This vulnerability allows an attacker to execute arbitrary code by leveraging an unspecified "type confusion." The following Adobe products are effected:
- Adobe Flash Player before 18.0.0.232
- Adobe AIR before 18.0.0.199
- Adobe AIR SDK & Compiler before 18.0.0.199
9. Use-After-Free Vulnerability (CVE-2015-5563)
Adobe Flash, AIR, and AIR SDK
This vulnerability allows attackers to execute arbitrary code via unspecified vectors by referencing memory after it has been freed. This can in turn cause programs to crash, the use of unexpected values, or the execution of malicious code.
The following software versions are effected:
- Adobe Flash Player before 18.0.0.232 on Windows and OS X
- Adobe Flash Player before 11.2.202.508 on Linux
- Adobe AIR before 18.0.0.199
- Adobe AIR SDK before 18.0.0.199
- Adobe AIR SDK & Compiler before 18.0.0.199
8. Autodesk Command Execution Vulnerability (CVE-2014-2967)
Autodesk VRED Professional
VRED is Autodesk's popular 3D visualization and virtual prototyping software. Like many of the vendor's solutions, it uses Python scripts extensively for customization— which of course opens up several attack vectors for exploitation. This particular vulnerability allows remote attackers to execute arbitrary code via Python OS library calls in Python API commands to the integrated web server.
The following software versions are effected:
- Autodesk VRED Professional 2014 before SR1 SP8.
7. Overflow on Windows Systems (CVE-2008-4250)
Microsoft Windows
Buffer overflowing is a common technique used by hackers to bring down mission-critical systems. In essence, this occurs when the execution of a programs overwrites its allowed memory space. In this particular vulnerability, remote attackers are able to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization.
The following software versions are effected:
- Microsoft Windows 2000 SP4
- Microsoft Windows XP SP2 and SP3
- Microsoft Windows Server 2003 SP1 and SP2
- Microsoft Windows Vista Gold and SP1
- Microsoft Windows Server 2008
- Microsoft Windows 7 Pre-Beta
6. Remote Code Execution on RCA Systems (CVE-2015-1497)
Persistent Systems Radia Client Automation
Radia Client Automation—now known as HP's Accelerite Endpoint Management—allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465. Specifically, the radexecd.exe in the following versions of RCA are effected:
- 7.9
- 8.1
- 9.0
- 9.1
5. CBN Wireless Gateway Vulnerability (CVE-2014-8656 )
Versions 1.1.x before 1.1.4 and 1.2.x before 1.2.5
Compal Broadband Networks (CBN) is a prominent manufacturer of wifi gateways. In this case, some of their devices have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it trivial for remote attackers to obtain access to certain sensitive information via unspecified vectors.
The following versions of RCA are effected:
- CH6640E
- CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH
{{cta('756fdc7f-5e6a-456f-924b-6c01dd686ec1')}}
4. Mozilla Firefox Heap Overflow Vulnerability (CVE-2015-4485)
Mozilla Firefox
This vulnerability in the popular web browser Mozilla Firefox allows remote attackers to execute arbitrary code via malformed WebM video data. WebM is an open video format that allows for playing video files directly in the browser using HTML5.
The following versions of Mozilla Firefox are affected:
- Mozilla Firefox before 40.0
- Mozilla Firefox ESR 38.x before 38.2
3. RDP Remote Code Execution (CVE-2015-2373)
Microsoft Windows
The Remote Desktop Protocol (RDP) facilitates the remote connection to systems running recent versions of Windows. By exploiting RDP, remote attackers can execute arbitrary code via a series of crafted packets
- Microsoft Windows 7 SP1
- Windows 8
- Windows Server 2012
2. Heartbleed (CVE-2014-0160)
OpenSSL
By exploiting a built-in feature of OpenSSL called heartbeat, attackers are able to retrieve information in a web server's memory undetected. Affected versions include TLS and DTLS implementations in OpenSSL 1.0.1.
1. Shellshock (CVE-2014-6271)
*nix Bash Shell
This vulnerability allows attackers to gain unauthorized access to a *nix system by exploiting flaws in the Unix Bash Shell. In essence, the flaw allows for the processing of trailing strings after function definitions in the values of environment variables, which in turn could allow remote attackers to execute arbitrary code via a crafted environment. All versions of GNU Bash through 4.3 are vulnerable.
Remediation
As an initial step towards remediation, you'll need to check your environment for systems with these vulnerable packages. UpGuard provides a way for you to do this easily and automatically with a few mouse clicks. Our powerful policy engine can validate secure configurations for all environments, infrastructures, and application stacks. In this case, a simple security policy can be run to check for any of the above vulnerabilities—as well as new vulnerabilities not yet added to policy. Our vulnerability detection and monitoring suite powered by OVAL ensures that all the applications in your environment are free for vulnerabilities and security gaps.