Lucene search

K
nessusThis script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.MACOS_ADOBE_BRIDGE_APSB20-19.NASL
HistoryMar 10, 2021 - 12:00 a.m.

Adobe Bridge 10.x < 10.0.4 Multiple Vulnerabilities (APSB20-19)

2021-03-1000:00:00
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.01 Low

EPSS

Percentile

83.8%

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 10.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-19 advisory.

  • Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-9553, CVE-2020-9557, CVE-2020-9558)

  • Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2020-9554, CVE-2020-9556, CVE-2020-9559, CVE-2020-9560, CVE-2020-9561, CVE-2020-9564, CVE-2020-9565, CVE-2020-9569)

  • Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability.
    Successful exploitation could lead to arbitrary code execution. (CVE-2020-9555)

  • Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9562, CVE-2020-9563)

  • Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2020-9566, CVE-2020-9567)

  • Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2020-9568)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
##

include('compat.inc');

if (description)
{
  script_id(147417);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/03/11");

  script_cve_id(
    "CVE-2020-9553",
    "CVE-2020-9554",
    "CVE-2020-9555",
    "CVE-2020-9556",
    "CVE-2020-9557",
    "CVE-2020-9558",
    "CVE-2020-9559",
    "CVE-2020-9560",
    "CVE-2020-9561",
    "CVE-2020-9562",
    "CVE-2020-9563",
    "CVE-2020-9564",
    "CVE-2020-9565",
    "CVE-2020-9566",
    "CVE-2020-9567",
    "CVE-2020-9568",
    "CVE-2020-9569"
  );

  script_name(english:"Adobe Bridge 10.x < 10.0.4 Multiple Vulnerabilities (APSB20-19)");

  script_set_attribute(attribute:"synopsis", value:
"Adobe Bridge installed on remote macOS or Mac OS X host is affected by a multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 10.0.4. It is, therefore,
affected by multiple vulnerabilities as referenced in the apsb20-19 advisory.

  - Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful
    exploitation could lead to information disclosure. (CVE-2020-9553, CVE-2020-9557, CVE-2020-9558)

  - Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful
    exploitation could lead to arbitrary code execution . (CVE-2020-9554, CVE-2020-9556, CVE-2020-9559,
    CVE-2020-9560, CVE-2020-9561, CVE-2020-9564, CVE-2020-9565, CVE-2020-9569)

  - Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability.
    Successful exploitation could lead to arbitrary code execution. (CVE-2020-9555)

  - Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful
    exploitation could lead to arbitrary code execution. (CVE-2020-9562, CVE-2020-9563)

  - Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful
    exploitation could lead to arbitrary code execution . (CVE-2020-9566, CVE-2020-9567)

  - Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful
    exploitation could lead to arbitrary code execution . (CVE-2020-9568)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/bridge/apsb20-19.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Bridge version 10.0.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-9569");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/04/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:bridge");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_adobe_bridge_installed.nbin");
  script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "installed_sw/Adobe Bridge");

  exit(0);
}

include('vcf.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

get_kb_item_or_exit('Host/MacOSX/Version');

app_info = vcf::get_app_info(app:'Adobe Bridge');

constraints = [
  { 'min_version' : '10.0.0', 'max_version' : '10.0.1', 'fixed_version' : '10.0.4' }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
adobebridgecpe:/a:adobe:bridge

References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.01 Low

EPSS

Percentile

83.8%

Related for MACOS_ADOBE_BRIDGE_APSB20-19.NASL