2020-AUG-19 FSL version 7.6.170 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 26871 - (MSPT-Aug2020) Microsoft Windows Media Foundation Remote Code Execution (CVE-2020-1492) Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1492 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Media Foundation component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26872 - (MSPT-Aug2020) Microsoft Windows Media Foundation Remote Code Execution (CVE-2020-1525) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1525 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Media Foundation component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26874 - (MSPT-Aug2020) Microsoft Windows Media Foundation Remote Code Execution (CVE-2020-1477) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1477 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Media Foundation component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26875 - (MSPT-Aug2020) Microsoft Windows Media Foundation Remote Code Execution (CVE-2020-1478) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1478 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Media Foundation component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26876 - (MSPT-Aug2020) Microsoft Windows Media Foundation Remote Code Execution (CVE-2020-1379) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1379 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Media Foundation component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26877 - (MSPT-Aug2020) Microsoft Remote Code Execution (CVE-2020-1554) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1554 Description A vulnerability in some versions of Microsoft NO could lead to remote code execution. Observation A vulnerability in some versions of Microsoft NO could lead to remote code execution. The flaw lies in the TITLE component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system. 26878 - (MSPT-Aug2020) Microsoft Windows Media Audio Codec Remote Code Execution (CVE-2020-1339) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1339 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Media Audio Codec component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26879 - (MSPT-Aug2020) Microsoft Windows Jet Database Engine Remote Code Execution (CVE-2020-1557) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1557 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Jet Database Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26880 - (MSPT-Aug2020) Microsoft Windows Jet Database Engine Remote Code Execution (CVE-2020-1473) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1473 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Jet Database Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26881 - (MSPT-Aug2020) Microsoft Windows Jet Database Engine Remote Code Execution (CVE-2020-1564) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1564 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Jet Database Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26882 - (MSPT-Aug2020) Microsoft Windows Jet Database Engine Remote Code Execution (CVE-2020-1558) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1558 Description A vulnerability in some versions of Microsoft Windows could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the Jet Database Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 26890 - (MSPT-Aug2020) Microsoft NO TITLE Remote Code Execution (CVE-2020-1556) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1556 Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. Observation A vulnerability in some versions of Microsoft WalletService could lead to privilege escalation. The flaw lies in the A vulnerability in some versions of Microsoft WalletService could lead to privilege escalation. component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the attacker to have valid credentials to the vulnerable system. 26895 - (MSPT-Aug2020) Microsoft Windows RD Gateway Denial of Service (CVE-2020-1466) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1466 Description A vulnerability in some versions of Microsoft Windows could lead to a denial of service. Observation A vulnerability in some versions of Microsoft Windows could lead to a denial of service. The flaw lies in the RD Gateway component. Successful exploitation by a remote attacker could result in a denial of service condition.The exploit requires the attacker to have valid credentials to the vulnerable system. 26903 - (MSPT-Aug2020) Microsoft Windows Backup Service Privilege Escalation (CVE-2020-1534) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1534 Description A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. Observation A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Backup Service component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. 26904 - (MSPT-Aug2020) Microsoft Remote Code Execution (CVE-2020-1552) Category: Windows Host Assessment -> Patches and Hotfixes (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2020-1552 Description