FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2020-5741 (Plex Media Server remote code execution vulnerability) and CVE-2021-39144 (XStream Remote Code Execution Vulnerability) to their Known Exploited Vulnerabilities (KEV) catalog on March 10, 2023. The catalog lists vulnerabilities that are being actively exploited in the wild and require federal agencies to apply patches by the due date.Why is this Significant?This is significant because CVE-2020-5741 (Plex Media Server Remote Code Execution Vulnerability) and CVE-2021-39144 (XStream Remote Code Execution Vulnerability) on the CISA’s Known Exploited Vulnerabilities Catalog were observed to be actively exploited in the wild. As such, patches should be applied to both vulnerabilities as soon as possible.What is CVE-2020-5741?CVE-2020-5741 is a Remote Code Execution (RCE) vulnerability that affects Plex Media Server version 1.19.2 and prior. Successful exploitation allows a remote attacker to execute arbitrary Python code within the context of the application.What is CVE-2021-39144?CVE-2021-39144 is an Insecure Deserialization vulnerability that affects VMware library XStream version 1.4.17 and prior. The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker could exploit this to execute arbitrary code within the context of the application, via uploading a crafted XML file.Have the Vendors Released a Patch for CVE-2020-5741 and CVE-2021-39144?Yes. Patches for CVE-2020-5741 and CVE-2021-39144 are available.What is the Status of Protection?FortiGuard Labs has the following IPS protection in place for CVE-2020-5741 and CVE-2021-39144:Plex.Media.Server.Dict.File.Remote.Code.Execution (CVE-2020-5741)VMWare.NSX.Manager.XStream.CVE-2021-39144.Deserialization (CVE-2021-39144)
More Stories
xen-4.17.5-2.fc39
FEDORA-2024-020dbf247c Packages in this update: xen-4.17.5-2.fc39 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] update to xen-4.17.5 Read More
xen-4.18.3-2.fc40
FEDORA-2024-051cf1553e Packages in this update: xen-4.18.3-2.fc40 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] Read More
xen-4.19.0-4.fc41
FEDORA-2024-60809cb44e Packages in this update: xen-4.19.0-4.fc41 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] Read More
USN-7031-2: Puma vulnerability
USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu...
USN-7031-1: Puma vulnerability
It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite...
USN-7030-1: py7zr vulnerability
It was discovered that py7zr was vulnerable to path traversal attacks. If a user or automated system were tricked into...