Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856PUBLISHED: 2021-04-20A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793PUBLISHED: 2021-04-20vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...
User Rank: Apprentice
5/28/2017 | 10:45:04 PM
As I see this, the area where it is useful is in realizing that if they used some kind of safe switch so it couldnt attack it's creators in the lab, then perhaps the same could be used in our environments to help the defense as well. It would be a trivial matter for any organization to make the noted DNS entry properly resolve to a sinkhole in house, which would be enough to trigger the safey on this malware, and protect the organization, regardless of what happenes with the real DNS entry out in the world (which has been attacked by some jerks that want to bring it down).
Maybe it's useful in these attacks to look for signs and indicators of built in lab safety that may have been in the code and left in, so we can replicate the safeties at the same time we fight the malicious code.