Rewterz

Rewterz Threat Advisory – CVE-2020-17083 – Microsoft Exchange Server code execution

November 11, 2020
Rewterz

Rewterz Threat Advisory – CVE-2020-8269 – Citrix Virtual Apps and Desktops privilege escalation

November 11, 2020

Rewterz Threat Advisory – CVE-2020-16994 – Microsoft Azure Sphere code execution

Severity

High

Analysis Summary

Microsoft Azure Sphere could allow a local attacker to execute arbitrary code on the system. The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Impact

System compromise

Affected Vendors

Microsoft

Affected Products

Microsoft Azure Sphere

Remediation

Refer to Microsoft advisory for the complete list of affected products and their respective patches.

https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2020-16994

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.