Developers at Cisco have recently patched vulnerabilities in Cisco IP phones that, if exploited, would allow threat actors to gain root privileges and perform code execution on unauthorised systems. The vulnerabilities registered as "CVE-2020-3161" and "CVE-2016-1421" were discovered by Tenable engineer Jacob Baines in the affected systems. Tenable had previously made reports on "CVE-2016-1421" back when it was initially discovered it didn't note the potential of a Denial of Service (DoS) attack or threat actors gaining root privileges. The vulnerabilities are due to poor validation of user input for HTTP requests. Threat actors can leverage this by creating unique HTTP requests to cause buffer overflow of the stack in memory. Exploitation of these vulnerabilities could result in Denial of Service (DoS) attacks and allowing unauthenticated users root privileges.Recommendation: The security update should be applied as soon as possible because of the high criticality rating of this vulnerability and the potential for an actor to take control of an affected system. Additionally, your company should have policies in place to review and apply security updates for firmware of systems to prevent compromises of known vulnerabilities that threat actors may exploit.MITRE ATT&CK: [MITRE ATT&CK] Exploit Public-Facing Application - T1190Tags: Cisco IP Phones, CVE-2020-3161, CVE-2016-1421, Patch Management

This Week in Security News: February 2020 Patch Tuesday Update and Misconfigured AWS S3 Bucket Leaks

The breach was discovered by vpnMentor who claim data including credit reports, bank statements, tax returns and social security information could be accessed without authentication. The database was linked to MCA Wizard, an application developed by Advantage and Argus Capital Funding. The database was stored in an unencrypted S3 bucket on Amazon Web Service. The vulnerability was patched by AWS on January 9, 2020. 2ff7e9595c