SBA Security Advisory – Mediatek Modem – Selection of less-secure algorithm during negotiation ‘algorithm downgrade’ (CVE-2024-20069)

July 31, 2024

Vulnerability Overview In the modem, the client can be forced into accepting a less secure key exchange algorithm during the VoWiFi IKE handshake due to a missing downgrade check on the proposed Diffie-Hellman (DH) group. This could lead to remote information disclosure with no additional execution privileges needed. User interaction… Read More

SBA Security Advisory – Mediatek Modem – Selection of less-secure algorithm during negotiation ‘algorithm downgrade’ (CVE-2024-20069)

SBA Security Advisory – ZTE ZXUN-ePDG – Use of non-unique cryptographic keys under default configuration (CVE-2024-22064)

July 31, 2024

Vulnerability Overview ZTE ZXUN-ePDG product, which serves as the network node of the VoWiFi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection (IKE) with the mobile devices connecting over the internet. If the set of keys are leaked or cracked, the… Read More

SBA Security Advisory – ZTE ZXUN-ePDG – Use of non-unique cryptographic keys under default configuration (CVE-2024-22064)

SBA Security Advisory – Craft CMS – TOTP Token Stays Valid After Use (CVE-2024-41800)

July 26, 2024

The Craft CMS from version 5.0.0-beta.1 through 5.2.2 allows reuse of TOTP tokens multiple times within the validity period. ... Read More

SBA Security Advisory – Craft CMS – TOTP Token Stays Valid After Use (CVE-2024-41800)

SBA Security Advisory – Paradox IP150 Internet Module – Cross-Site Request Forgery (CVE-2024-5676)

June 19, 2024

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery (CSRF) attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system. Read More

SBA Security Advisory – Paradox IP150 Internet Module – Cross-Site Request Forgery (CVE-2024-5676)

SBA Security Advisory – CraftCMS Plugin – Two-Factor Authentication – TOTP token Stays Valid After Use (CVE-2024-5658)

June 6, 2024

The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period. Read More

SBA Security Advisory – CraftCMS Plugin – Two-Factor Authentication – TOTP token Stays Valid After Use (CVE-2024-5658)

SBA Security Advisory – CraftCMS Plugin – Two-Factor Authentication – Password Hash Disclosure (CVE-2024-5657)

June 6, 2024

The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP. Read More

SBA Security Advisory – CraftCMS Plugin – Two-Factor Authentication – Password Hash Disclosure (CVE-2024-5657)

SBA Research has been authorized by the CVE® Program as a CVE Numbering Authority (CNA)!

June 5, 2024

We’re proud to share that SBA Research has been appointed as one of Austria’s few CVE Numbering Authorities (CNAs). This designation recognizes our commitment to cybersecurity excellence. With only three other authorities in Austria, being authorized as a CVE Numbering Authority underscores our expertise and dedication… Read More

SBA Research has been authorized by the CVE® Program as a CVE Numbering Authority (CNA)!

SBA Security Advisory – CloudLinux CageFS – Insufficiently Restricted Proxy Command (CVE-2020-36772)

January 26, 2024

CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment. We recommend to update CloudLinux CageFS to version 7.1.1-1 or later. For further details, see the full security advisory. Read More

SBA Security Advisory – CloudLinux CageFS – Insufficiently Restricted Proxy Command (CVE-2020-36772)

SBA Security Advisory – CloudLinux CageFS – Token Disclosure (CVE-2020-36771)

January 26, 2024

CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user. We recommend to update CloudLinux CageFS to version 7.1.2-2 or later. For further details, see the full security advisory. Read More

SBA Security Advisory – CloudLinux CageFS – Token Disclosure (CVE-2020-36771)

SBA Security Advisory – MOKOSmart MKGW1 Gateway – Improper Session Management (CVE-2023-51059)

December 21, 2023

MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device. Read More

Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Tag: Security Advisory