Security News > 2020 > October > Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patch them ASAP, says NSA
The NSA has blown the lid off 25 computer security vulnerabilities Chinese government hackers are using to break into networks, steal data, and so on.
CVE-2019-0708: A remote code execution vulnerability exists within Microsoft Windows' Remote Desktop Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
CVE-2020-15505: A remote code execution vulnerability in the MobileIron mobile device management software that allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2020-1350: A remote code execution vulnerability exists in Microsoft Windows Domain Name System servers when they fail to properly handle requests.
CVE-2020-0688: A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/10/20/nsa_china_hacking/
Related news
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1350 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | 10.0 |
| 2020-07-07 | CVE-2020-15505 | Use of Incorrectly-Resolved Name or Reference vulnerability in Mobileiron products A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2020-02-11 | CVE-2020-0688 | Improper Authentication vulnerability in Microsoft Exchange Server A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. | 8.8 |
| 2019-05-16 | CVE-2019-0708 | Use After Free vulnerability in multiple products A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | 9.8 |