Discovery of 2 new CVEs: CVE-2020-35542 & CVE-2020-22789
Last month, three of our colleagues discovered important CVEs in their work as renowned security specialists at Secura: CVE-2020-35542 and CVE-2020-22789. We are proud to share this news and we would like to congratulate Harikrishnan Padmanabha Pillai, Ricardo Sanchez & David van Gool for these great achievements!
During a security assessment, Secura’s Security Specialist Harikrishnan Padmanabha Pillai found a vulnerability in which an authenticated user could insert and execute malicious JavaScript content from the application. The vulnerability was caused due to the lack of input validation in the application. The impact of such a vulnerability is that it could compromise other users in the application and could also tamper with its internal database (CVE-2020-35542).
Subsequently, this vulnerability was reported to Unisys, and was remediated afterwards. For more information regarding this vulnerability and the technical details, please read further.
Alongside Harikrishnan, our colleagues Ricardo Sanchez and David van Gool
also made an interesting discovery. While doing their work, they found a
vulnerability in a FME Server of version 2019.2 and 2020.0 Beta of an
unauthenticated Stored XSS (CVE-2020-22789).
This second vulnerability allows a remote attacker to gain
administrator privileges by injecting arbitrary web scripts or HTML code
via the login page. The XSS is executed when an administrator accesses
the logs page. As part of Secura Responsible disclosure the
vulnerability was reported and fixed by the vendor in the
new version.
Read more what this vulnerability entails and how it was
discovered here.