Tripwire's July 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, F5 Networks, Cisco, and Oracle. Up first on the patch priority list this month are patches for F5 Networks and Cisco for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for F5 Networks' BIG-IP (CVE-2020-5902) and Cisco AnyConnect Secure Mobility Client for Windows (CVE-2020-3153). Patches should be applied to these systems as soon as possible. Up next on the priority list this month is a patch for Microsoft DNS server (CVE-2020-1350). Microsoft DNS servers are prone to a remote code execution vulnerability that is, in theory, wormable. System administrators should apply the patch for vulnerability as soon as possible. Note that Microsoft provides a workaround that involves a registry setting (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350). Up next on the patch priority list this month are patches for Microsoft Scripting Engine, Internet Explorer, and Microsoft Edge. These patches resolve 4 vulnerabilities, including remote code execution and information disclosure vulnerabilities. Next on the list are patches for Microsoft Office, Word, Outlook, and Project, which resolve 6 vulnerabilities including information disclosure and remote code execution vulnerabilities. Up next are patches for Oracle Java. These patches resolve 11 vulnerabilities related to Java 2D, Libraries, JAXP, ImageIO, JavaFX, Hotspot, and JSSE. Next this month are patches that affect components of the Windows operating systems. These patches resolve more than 80 vulnerabilities, including denial of service, elevation of privilege, information disclosure, remote code execution, and memory corruption vulnerabilities. These vulnerabilities affect Connected User Experiences and Telemetry Service, core Windows, Jet Database Engine, LNK, Sync Host Service, Storage Services, SharedStream Library, Runtime, iSCSI Target Service, Subsystem for Linus, WalletService, DirectWrite, Graphics, Imaging, ALPC, and Resource Policy. Up next is a patch for .NET Framework that resolves a remove code execution vulnerability. Finally, administrators should focus on server-side patches available for Microsoft SharePoint and Oracle Database. These resolve remote code execution, cross-site scripting, information disclosure, and spoofing vulnerabilities.
| BULLETIN | CVE |
| Metasploit - BIG-IP | CVE-2020-5902 |
| Metasploit - Cisco AnyConnect | CVE-2020-3153 |
| Microsoft DNS Server | CVE-2020-1350 |
| Internet Explorer | CVE-2020-1432 |
| Microsoft Scripting Engine | CVE-2020-1403 |
| Microsoft Edge | CVE-2020-1433, CVE-2020-1462 |
| Microsoft Office | CVE-2020-1445, CVE-2020-1349, CVE-2020-1449, CVE-2020-1448, CVE-2020-1446, CVE-2020-1447 |
| Oracle Java | CVE-2020-14581, CVE-2020-14583, CVE-2020-14621, CVE-2020-14556, CVE-2020-14562, CVE-2020-14664, CVE-2020-14573, CVE-2020-14577, CVE-2020-14579, CVE-2020-14578, CVE-2020-14593 |
| Microsoft Windows I | CVE-2020-1386, CVE-2020-1333, CVE-2020-1421, CVE-2020-1267, CVE-2020-1374, CVE-2020-1402, CVE-2020-1410, CVE-2020-1391, CVE-2020-1431, CVE-2020-1359, CVE-2020-1384, CVE-2020-1375, CVE-2020-1385, CVE-2020-1418, CVE-2020-1393, CVE-2020-1394, CVE-2020-1395, CVE-2020-1420, CVE-2020-1429, CVE-2020-1365, CVE-2020-1371, CVE-2020-1085, CVE-2020-1398, CVE-2020-1405, CVE-2020-1372, CVE-2020-1330, CVE-2020-1390, CVE-2020-1438, CVE-2020-1373, CVE-2020-1428, CVE-2020-1427, CVE-2020-1406, CVE-2020-1437, CVE-2020-1363, CVE-2020-1366, CVE-2020-1387, CVE-2020-1413, CVE-2020-1353, CVE-2020-1422, CVE-2020-1404, CVE-2020-1399, CVE-2020-1370, CVE-2020-1249, CVE-2020-1463, CVE-2020-1347, CVE-2020-1434, CVE-2020-1354, CVE-2020-1430 |
| Microsoft Windows II | CVE-2020-1352, CVE-2020-1356, CVE-2020-1392, CVE-2020-1346, CVE-2020-1424, CVE-2020-1025, CVE-2020-1423, CVE-2020-1407, CVE-2020-1400, CVE-2020-1401, CVE-2020-1364, CVE-2020-1344, CVE-2020-1362, CVE-2020-1369, CVE-2020-1361, CVE-2020-1409, CVE-2020-1435, CVE-2020-1351, CVE-2020-1412, CVE-2020-1408, CVE-2020-1355, CVE-2020-1436, CVE-2020-1468, CVE-2020-1382, CVE-2020-1381, CVE-2020-1397, CVE-2020-1396, CVE-2020-1388, CVE-2020-1411, CVE-2020-1336, CVE-2020-1419, CVE-2020-1389, CVE-2020-1367, CVE-2020-1426, CVE-2020-1358, CVE-2020-1357, CVE-2020-1368, CVE-2020-1360, CVE-2020-1415, CVE-2020-1414 |
| .NET Framework | CVE-2020-1147 |
| Microsoft Office SharePoint | CVE-2020-1342, CVE-2020-1456, CVE-2020-1451, CVE-2020-1450, CVE-2020-1454, CVE-2020-1444, CVE-2020-1443, CVE-2020-1442, CVE-2020-1439 |
| Oracle Database | CVE-2020-2978,CVE-2019-13990,CVE-2020-8112,CVE-2016-9843, CVE-2019-17569,CVE-2020-2968,CVE-2020-2969, CVE-2020-1935, CVE-2020-1938, CVE-20169840, CVE-2016-9841, CVE-2016-9842, CVE-2016-1923, CVE-2016-1924, CVE-2016-3183, CVE-2016-4796, CVE-2016-4797, CVE-2016-8332, CVE-2016-9112,CVE-2020-6851, CVE-2018-10237,CVE-2018-8013 |
To learn more about Tripwire’s Vulnerability and Exposure Research Team (VERT), including its Patch Priority Index, click here. Or for PPI and more, you can follow VERT on Twitter: @tripwirevert.
