Vulnerabilities in Cisco IOS XE software, WordPress plug-ins, FoxRider software etc. were detected. Cisco Systems has fixed several vulnerabilities ( CVE-2020-3141 and CVE-2020-3425 ) in its IOS XE software. Their exploitation allowed the remote attacker to increase privileges on the system.
The Libass portable subtitle rendering tool for ASS/SSA (Advanced Substation Alpha / Substation Alpha) contains a dangerous vulnerability with which a remote attacker can execute arbitrary code on the target system. The problem affects libass version 0.14.0 and there is currently no patch for it.
Fortinet, a developer of security software, solutions and services, has released an update that fixes two vulnerabilities in the FortiOS operating system. One of them ( CVE-2020-12819 ) can be used to execute a denial-of-service attack, and the other ( CVE-2020-12820 ) allows remote code execution.
The two popular industrial remote access systems SiteManager and GateManager from B& R Automation ( CVE-2020-11641, CVE-2020-11642, CVE-2020-11643, CVE-2020-11644, CVE-2020-11645 and CVE-2020-11646 ), and mbCONNECT24 from MB Connect Line ( CVE-2020-24569, CVE-2020-24568 and CVE-2020-24570 ) contain dangerous vulnerabilities. They can be used to prevent access to industrial production facilities, hacking into corporate networks, and theft of sensitive data.
Two dangerous vulnerabilities ( CVE-2020-17413 and CVE-2020-17412 ) were detected in the beta version of the Foxit 3D Plugin module, which could allow a remote attacker to execute arbitrary code or compromise a vulnerable system. Another vulnerability, less dangerous ( CVE-2020-17411 ), can be used to gain access to sensitive information.
The Foxit Reader and PhantomPDF solutions have many issues, the most serious of which may allow a remote attacker to compromise a vulnerable system.
A vulnerability has been detected in a number of WordPress plug-ins, allowing a remote attacker to gain unauthorized access to other limited functions. Vulnerable software includes Transcend, Regina Lite, MedZone Lite and Brilliance themes for WordPress.