Discovery of 2 new CVEs: CVE-2020-35542 & CVE-2020-22789

Last month, three of our colleagues discovered important CVEs in their work as renowned security specialists at Secura: CVE-2020-35542 and CVE-2020-22789. We are proud to share this news and we would like to congratulate Harikrishnan Padmanabha Pillai, Ricardo Sanchez & David van Gool for these great achievements!

CVE pics ricardo hari and David

During a security assessment, Secura’s Security Specialist Harikrishnan Padmanabha Pillai found a vulnerability in which an authenticated user could insert and execute malicious JavaScript content from the application. The vulnerability was caused due to the lack of input validation in the application. The impact of such a vulnerability is that it could compromise other users in the application and could also tamper with its internal database (CVE-2020-35542).

Subsequently, this vulnerability was reported to Unisys, and was remediated afterwards. For more information regarding this vulnerability and the technical details, please read further.

Privacy 03

Alongside Harikrishnan, our colleagues Ricardo Sanchez and David van Gool also made an interesting discovery. While doing their work, they found a vulnerability in a FME Server of version 2019.2 and 2020.0 Beta of an unauthenticated Stored XSS (CVE-2020-22789). This second vulnerability allows a remote attacker to gain administrator privileges by injecting arbitrary web scripts or HTML code via the login page. The XSS is executed when an administrator accesses the logs page. As part of Secura Responsible disclosure the vulnerability was reported and fixed by the vendor in the new version.

Read more what this vulnerability entails and how it was discovered here.