Rewterz Threat Advisory – CVE-2020-12414 – Mozilla Firefox for iOS weak security

Rewterz Threat Alert – APT C-35 Targeting Pakistani Organizations

June 26, 2020

Rewterz Threat Advisory – CVE-2020-11996 – Apache Tomcat denial of service Vulnerability

June 29, 2020

Rewterz Threat Advisory – CVE-2020-12414 – Mozilla Firefox for iOS weak security

Severity

Medium

Analysis Summary

Mozilla Firefox for iOS could provide weaker than expected security. The IndexedDB is not cleared when leaving private browsing mode, caused by the failure to use the API for WKWebViewConfiguration and the requirement of the private instance of this object be deleted when leaving private mode. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to launch further attacks on the system.

Impact

Bypass Security

Affected Vendors

Mozilla

Affected Products

Mozilla Firefox for iOS 26

Remediation

Update to latest version of IOS for Firefox 27.

Rewterz Threat Alert – APT C-35 Targeting Pakistani Organizations

Rewterz Threat Advisory – CVE-2020-11996 – Apache Tomcat denial of service Vulnerability

Rewterz Threat Advisory – CVE-2020-12414 – Mozilla Firefox for iOS weak security

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan