Lucene search

K
nessus
This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.ICLOUD_10_9_2.NASL
HistoryJul 02, 2020 - 12:00 a.m.

Apple iCloud 10.x < 10.9.2 Multiple Vulnerabilities

2020-07-0200:00:00
This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
67

According to its version, the iCloud application installed on the remote Windows host is 10.x prior to 10.9.2. It is, therefore, affected by multiple vulnerabilities:

  • An arbitrary code execution vulnerability exist with in the WebKit due to multiple memory corruption issues. An unauthenticated, remote attacker can exploit this by processing maliciously crafted web content that may lead to arbitrary code execution. (CVE-2020-3825, CVE-2020-3865, CVE-2020-3868)

  • An arbitrary code execution vulnerability exist with in the WebKit due to out-of-bounds read issues. An unauthenticated, remote attacker can exploit this by processing a maliciously crafted image that may lead to arbitrary code execution. (CVE-2020-3826)

  • An arbitrary code execution vulnerability exist with in the WebKit due to buffer overflow issues. An unauthenticated, remote attacker can exploit this by processing maliciously crafted XML file that may lead to an unexpected application termination or arbitrary code execution. (CVE-2020-3846)

  • An arbitrary code execution vulnerability exist with in the WebKit due to denial of service issues. A malicious website may be able to cause a denial of service. (CVE-2020-3862)

  • An arbitrary code execution vulnerability exist with in the WebKit due to logic issues. An unauthenticated, remote attacker can exploit this by processing maliciously crafted web content that may lead to universal cross site scripting(css). (CVE-2020-3867)

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(138076);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/08/14");

  script_cve_id(
    "CVE-2019-8827",
    "CVE-2020-3825",
    "CVE-2020-3826",
    "CVE-2020-3846",
    "CVE-2020-3862",
    "CVE-2020-3865",
    "CVE-2020-3867",
    "CVE-2020-3868"
  );

  script_name(english:"Apple iCloud 10.x < 10.9.2 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"An iCloud software installed on the remote Windows host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its version, the iCloud application installed on the remote Windows host is 10.x prior to 10.9.2. 
It is, therefore, affected by multiple vulnerabilities:

  - An arbitrary code execution vulnerability exist with in the WebKit due to multiple memory 
    corruption issues. An unauthenticated, remote attacker can exploit this by processing maliciously crafted
    web content that may lead to arbitrary code execution. (CVE-2020-3825, CVE-2020-3865, CVE-2020-3868)
    
  - An arbitrary code execution vulnerability exist with in the WebKit due to out-of-bounds read 
    issues. An unauthenticated, remote attacker can exploit this by processing a maliciously crafted image 
    that may lead to arbitrary code execution. (CVE-2020-3826)

  - An arbitrary code execution vulnerability exist with in the WebKit due to buffer overflow 
    issues. An unauthenticated, remote attacker can exploit this by processing maliciously crafted XML file
    that may lead to an unexpected application termination or arbitrary code execution. (CVE-2020-3846)

  - An arbitrary code execution vulnerability exist with in the WebKit due to denial of service 
    issues. A malicious website may be able to cause a denial of service. (CVE-2020-3862)

  - An arbitrary code execution vulnerability exist with in the WebKit due to logic issues. 
    An unauthenticated, remote attacker can exploit this by processing maliciously crafted web content that 
    may lead to universal cross site scripting(css). (CVE-2020-3867)");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT210947");
  script_set_attribute(attribute:"solution", value:
"Upgrade to iCloud version 10.9.2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3868");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/01/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:icloud_for_windows");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("icloud_installed.nasl");
  script_require_keys("installed_sw/iCloud");

  exit(0);
}

include('vcf.inc');

app = 'iCloud';

app_info = vcf::get_app_info(app:app, win_local:TRUE);

constraints = [
  {'min_version' : '10.0',  'fixed_version' : '10.9.2'},
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersion
appleicloud_for_windows
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner
Related for ICLOUD_10_9_2.NASL