Rewterz Threat Advisory – CVE-2020-13931 – Apache TomEE security bypass

Rewterz Threat Alert – Active IOCs- FormBook Malware

December 17, 2020

Rewterz Threat Advisory – CVE-2020-35112 – Mozilla Firefox Download Code Execution

December 17, 2020

Rewterz Threat Advisory – CVE-2020-13931 – Apache TomEE security bypass

Severity

High

Analysis Summary

CVE-2020-13931

Apache TomEE could allow a remote attacker to bypass security restrictions, caused by a misconfiguring issue when configured with the embedded ActiveMQ broker. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to TCP port 1099 without authentication.

Impact

Security Bypass

Affected Vendors

Apache Tomcat

Affected Products

Apache TomEE 1.0.0
Apache TomEE 1.7.5
Apache TomEE 7.0.0-M1
Apache TomEE 7.1.0
Apache TomEE 8.0.0-M1
Apache TomEE 7.0.8
Apache TomEE 7.1.3
Apache TomEE 8.0.3

Remediation

Upgrade to the latest version of TomEE (7.0.9, 7.1.4, 8.0.4 or later).

Rewterz Threat Alert – Active IOCs- FormBook Malware

Rewterz Threat Advisory – CVE-2020-35112 – Mozilla Firefox Download Code Execution

Rewterz Threat Advisory – CVE-2020-13931 – Apache TomEE security bypass

Severity

Analysis Summary

CVE-2020-13931

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan