Security News > 2020 > October > Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patch them ASAP, says NSA
The NSA has blown the lid off 25 computer security vulnerabilities Chinese government hackers are using to break into networks, steal data, and so on.
CVE-2019-0708: A remote code execution vulnerability exists within Microsoft Windows' Remote Desktop Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
CVE-2020-15505: A remote code execution vulnerability in the MobileIron mobile device management software that allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2020-1350: A remote code execution vulnerability exists in Microsoft Windows Domain Name System servers when they fail to properly handle requests.
CVE-2020-0688: A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/10/20/nsa_china_hacking/
Related news
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Sophos reveals 5-year battle with Chinese hackers attacking network devices (source)
- Sophos Versus the Chinese Hackers (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- Chinese hackers breached T-Mobile's routers to scope out network (source)
- Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-14 | CVE-2020-1350 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | 10.0 |
2020-07-07 | CVE-2020-15505 | Use of Incorrectly-Resolved Name or Reference vulnerability in Mobileiron products A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
2020-02-11 | CVE-2020-0688 | Improper Authentication vulnerability in Microsoft Exchange Server A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. | 8.8 |
2019-05-16 | CVE-2019-0708 | Use After Free vulnerability in multiple products A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | 9.8 |