Rewterz Threat Advisory – CVE-2020-8174 – Node.js buffer overflow Vulnerability

Rewterz Threat Advisory – Multiple Vulnerabilities in Mozilla Firefox and ESR

June 3, 2020

Rewterz Threat Alert – Large Scale Attack Campaign Targets WordPress Database Credentials

June 4, 2020

Rewterz Threat Advisory – CVE-2020-8174 – Node.js buffer overflow Vulnerability

Severity

High

Analysis Summary

Node.js is vulnerable to a buffer overflow, caused by multiple memory corruptions in the napi_get_value_string_latin1(), napi_get_value_string_utf8(), or napi_get_value_string_utf16() functions. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.

Impact

Denial of service

Affected Vendors

NodeJs

Affected Products

Node.js Node.js 10
Node.js Node.js 12
Node.js Node.js 14.0

Remediation

Upgrade to the latest version of Node.js (14.4.0 or later).

Rewterz Threat Advisory – Multiple Vulnerabilities in Mozilla Firefox and ESR

Rewterz Threat Alert – Large Scale Attack Campaign Targets WordPress Database Credentials

Rewterz Threat Advisory – CVE-2020-8174 – Node.js buffer overflow Vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan