Top Vendor Vulnerabilities - August and September 2021

Vendor Vulnerabilities are one of the most common cyber security challenges organisations face when introducing third party products to their network.

Unless your organisation has the ability to develop your own networks, systems, websites and applications in-house, relying on third-party vendors is a necessity in day-to-day working life. 

Relying on a third-party vendor not only means that you are depending on the systems they have built. It also means that you are trusting that they have the built in cyber security features needed to keep cyber criminals from exploiting any weaknesses. This is crucial when considering a vendor, as vulnerable vendors that have access to your IT Assets means your organisation can become vulnerable to an attack.  

To help you in your journey, we take a look at some of the main third-party vendor vulnerabilities announced between August and September of this year. We will also take a look at Microsoft vulnerabilities that will not be fixed by the company. 

 

Third Party Vendor Vulnerabilities

Over the last two months, there have been over 130 vulnerabilities, out of which 10 have been classified as critical and 93 classified as important.

  This list includes patches for products including:

  • Azure Open Management Infrastructure
  • ASP .NET
  • Microsoft Edge (Chromium-based)
  • Microsoft Office
  • Microsoft Windows Codecs Library
  • Microsoft Windows DNS
  • Microsoft Dynamics
  • Microsoft Office
  • Microsoft Scripting Engine
  • Microsoft Windows Codecs Library
  • .NET Core & Visual Studio
  • Remote Desktop Client
  • Windows BitLocker
  • Windows Kernel
  • Windows MSHTML Platform
  • Windows Print Spooler Components
  • Windows Scripting
  • Windows Win32K
  • Windows WLAN Auto Config Service
  • Windows Defender
  • Windows Media
  • Windows MSHTML Platform
  • Windows Print Spooler Components
  • Visual Studio

 

Microsoft Vulnerabilities

Microsoft has a number of vulnerabilities and design flaws that they did not intend to fix. Surprisingly, in recent weeks, this number has reduced with some vulnerabilities being officially patched by Microsoft and another unofficial patch completed by a third party.

The two vulnerabilities which have been patched by Microsoft are SeriousSAM and Print Nightmare

Some of the vulnerabilities that are still active include:

  SpoolSample abuses the Print System Remote Protocol (MS-RPRN) to force any machine running the Spooler service to connect to a secondary machine that allows unconstrained delegation. This allows applications to request end-user access credentials and allows access to resources on behalf of the original machine running the spooler service.

The Spooler Sample vulnerability can also be used to escalate local privileges. 

  PetitPotam is similar to the SpoolSample vulnerability but uses a NAT LAN Manager (NTLM) relay attack to abuse an Encrypting File System Protocol (MS-EFSRPC). 

Organisations are potentially vulnerable to the attack if they are using Active Directory Certificate Services (ADCS) with Certificate Authority Web Enrollment or Certificate Enrollment Web Service.

This vulnerability has now been unofficially patched by a third party.

  ADCS - ESC8 allows Active Directory Certificate Services (ADCS) starting with its web interface. This in turn allows NAT LAN Manager (NTLM) authentication and does not enforce relay mitigations by default.

The sequence currently allows an attacker to relay the authentication of the web interface and requests a certificate in the name of the relayed account.

How can we help?

Identifying vulnerabilities within your network can be a difficult task to complete without an expert's eye. At Secora Consulting, we offer Configuration Reviews, Vulnerability Assessments and IT Health Checks that can identify vulnerabilities within your organisations IT assets to help protect you from unauthorised access and breaches. 

If you have any questions or want to learn more about how we can assist you in creating a robust cyber security stance, get in touch. Our team will be more than happy to create a bespoke solution that works for your organisation.

  Further reading:

watermark secora outline

Our services

All of Secora Consulting's assessments are tailored to our client's needs.
Using our experience, we can help you determine which services are right for you.
We have arranged our services into four groups based on the objective of the tests.

Concerned about your security?.

Speak to our team today to find out more about how our services can help you improve your cybersecurity posture.