Another Avalanche of Zero-day Threats has Arrived

Recent zero-day attacks

• Cybercriminals were seen exploiting a zero-day vulnerability in a WordPress plugin. The vulnerability was actively used by attackers to reset admin account passwords.
• A critical escalation-of-privileges zero-day vulnerability (CVE-2020-4006) was found affecting six VMware products including its Workspace One, and others. Within a few days, this vulnerability was found to be abused by attackers.
• The cybersecurity agency Homeland Security urged users to update their Google Chrome, after detecting that attackers were using some zero-day vulnerabilities for attacks in the wild.

Other major discoveries

• Several critical zero-day vulnerabilities (CVE-2020-25757, CVE-2020-25759, CVE-2020-25758) were disclosed in D-Link routers that could allow root access to the firmware.
• Six zero-day vulnerabilities were discovered in Schneider Electric StruxureWare, a management application that could be used by attackers to carry out particular attacks.
• In early-December, a now-patched critical iOS bug was discovered that could have allowed complete control to any device.
• Several zero-day vulnerabilities were discovered in healthcare records application OpenClinic, which could be exploited to expose patients’ test results.
• The cPanel & WebHost Manager (WHM) web hosting platform was found to have a zero-day two-factor authentication bypass flaw, that could affect over 70 Million domains.
• A zero-day vulnerability was accidentally discovered in the Windows 7 and Windows Server 2008 R2 operating systems by a French security researcher.

Conclusion