<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Kari,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
This has been a real struggle/problem for me with my supervisors for the last 18 months. Support for the LCLS-II and CM refurbish (high energy reach) projects have been made a priority and all other work was put on hold. Last fall I finally got an ok to start
the transitions but the projects had to remain priority #1. When work on SNSPPU and L2HE started it just compounded the situation.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
The good news (about COVID-19) is that all those projects have been put on hold, except for what can be done online (traveler / procedure writing). I am currently working on the modifications that need to be made to make the new CF2018 server live. I am hoping
by the end of next week I can have the most pressing problems dealt with so we can convert. Afterwards we can then concentrate on the security holes in our system.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
I apologize that this is taking so long and I am working on it.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Thank You for your support.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Valerie</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Kari Heffner <heffner@jlab.org><br>
<b>Sent:</b> Tuesday, March 24, 2020 5:38 PM<br>
<b>To:</b> Valerie Bookwalter <bookwalt@jlab.org><br>
<b>Cc:</b> Bobby Lawrence <robertl@jlab.org><br>
<b>Subject:</b> FW: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</font>
<div> </div>
</div>
<style>
<!--
@font-face
{font-family:"Cambria Math"}
@font-face
{font-family:Calibri}
@font-face
{font-family:Consolas}
@font-face
{font-family:Georgia}
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
a:link, span.x_MsoHyperlink
{color:blue;
text-decoration:underline}
a:visited, span.x_MsoHyperlinkFollowed
{color:purple;
text-decoration:underline}
p
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
pre
{margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:Consolas}
p.x_MsoListParagraph, li.x_MsoListParagraph, div.x_MsoListParagraph
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
span.x_HTMLPreformattedChar
{font-family:Consolas}
p.x_msonormal0, li.x_msonormal0, div.x_msonormal0
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
span.x_CodeStyleChar
{font-family:"Georgia",serif}
p.x_CodeStyle, li.x_CodeStyle, div.x_CodeStyle
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Georgia",serif}
span.x_EmailStyle24
{font-family:"Calibri",sans-serif;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none}
span.x_EmailStyle25
{font-family:"Calibri",sans-serif;
color:#1F497D}
span.x_EmailStyle26
{font-family:"Calibri",sans-serif;
color:windowtext}
.x_MsoChpDefault
{font-size:10.0pt}
@page WordSection1
{margin:1.0in 1.0in 1.0in 1.0in}
div.x_WordSection1
{}
ol
{margin-bottom:0in}
ul
{margin-bottom:0in}
-->
</style>
<div lang="EN-US" link="blue" vlink="purple">
<div class="x_WordSection1">
<p class="x_MsoNormal">Valerie, see the below for important security updates for the pansophy ColdFusion server. There are no updates for CF10 and so you need to be on a supported version of CF. In order to get your servers updated, bobby needs to get you all
to the new server version he installed a while ago. When do you think that can happen?</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">Thanks!</p>
<p class="x_MsoNormal">Kari</p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt; padding:3.0pt 0in 0in 0in">
<p class="x_MsoNormal"><b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> Bobby Lawrence <robertl@jlab.org>
<br>
<b>Sent:</b> Tuesday, March 24, 2020 4:54 PM<br>
<b>To:</b> Kari Heffner <heffner@jlab.org>; Dana Cochran <cochran@jlab.org><br>
<b>Subject:</b> FW: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span></p>
</div>
</div>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif">Looks like we have CF updates to do. I just logged into miswebvm1 and there is an update available to apply</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt; padding:3.0pt 0in 0in 0in">
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> Greg Nowicki <<a href="mailto:gnowicki@jlab.org">gnowicki@jlab.org</a>>
<br>
<b>Sent:</b> Tuesday, March 24, 2020 4:50 PM<br>
<b>To:</b> Bobby Lawrence <<a href="mailto:robertl@jlab.org">robertl@jlab.org</a>><br>
<b>Cc:</b> David Sheppard <<a href="mailto:sheppard@jlab.org">sheppard@jlab.org</a>>;
<a href="mailto:secops@jlab.org">secops@jlab.org</a>; <a href="mailto:seclog@jlab.org">
seclog@jlab.org</a><br>
<b>Subject:</b> Fw: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span></p>
</div>
</div>
<p class="x_MsoNormal" style="margin-left:.5in"> </p>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black">FYI. Looks like we have some serious vulnerabilities in ColdFusion.</span></p>
</div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black">Greg</span></p>
</div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black"> </span></p>
</div>
<div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black"> </span></p>
</div>
<div style="margin-left:.5in">
<div class="x_MsoNormal" align="center" style="text-align:center">
<hr size="3" width="98%" align="center">
</div>
</div>
<div id="x_divRplyFwdMsg">
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:black">From:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:black"> MS-ISAC Advisory <<a href="mailto:MS-ISAC.Advisory@msisac.org">MS-ISAC.Advisory@msisac.org</a>><br>
<b>Sent:</b> Wednesday, March 18, 2020 21:49<br>
<b>To:</b> Thomas Duffy <<a href="mailto:Thomas.Duffy@cisecurity.org">Thomas.Duffy@cisecurity.org</a>><br>
<b>Subject:</b> [EXTERNAL] MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span>
</p>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"> </p>
</div>
</div>
<div>
<div>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">TLP: WHITE</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">MS-ISAC CYBERSECURITY ADVISORY</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">MS-ISAC ADVISORY NUMBER:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">2020-039</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">DATE(S) ISSUED:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">03/18/2020</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">SUBJECT:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">OVERVIEW:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple vulnerabilities have been discovered in Adobe Photoshop, ColdFusion, and Bridge that could allow for arbitrary code execution. Adobe Photoshop
is a graphics editor program. Adobe Bridge is a file management application that manages files across multiple Adobe programs. Adobe ColdFusion is a rapid web-application development platform used to create and maintain web applications. Successful exploitation
of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create
new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">THREAT INTELLIGENCE:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">There are no reports of these vulnerabilities being exploited in the wild.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">SYSTEMS AFFECTED:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe Bridge version 10.0 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe ColdFusion 2016 Update 13 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe ColdFusion 2018 Update 7 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe Photoshop CC 2019 version 20.0.8 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe Photoshop 2020 version 21.1 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">RISK:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Government:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Large and medium government entities:
<b>High</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Small government entities:
<b>Medium</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Businesses:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Large and medium business entities:
<b>High</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Small business entities:
<b>Medium</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Home users: Low</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">TECHNICAL SUMMARY:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple vulnerabilities have been discovered in Adobe Photoshop, ColdFusion, and Bridge that could allow for arbitrary code execution. The vulnerabilities
are as follows:</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Out-of-bounds write vulnerability could allow for Arbitrary Code Execution. (CVE-2020-9551)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Heap-based buffer overflow vulnerability could allow for Arbitrary Code Execution. (CVE-2020-9552)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Remote file read vulnerability could allow for Arbitrary File Read from the ColdFusion install directory. (CVE-2020-3761)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">File inclusion vulnerability could allow for Arbitrary Code Execution of files located in the webroot or its subdirectory (CVE-2020-3794)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Heap corruption vulnerability that could allow for Arbitrary Code Execution. (CVE-2020-3783)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Memory corruption vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788, CVE-2020-3789,
CVE-2020-3790)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Out-of-bounds read vulnerabilities that could allow for Information Disclosure. (CVE-2020-3771, CVE-2020-3777, CVE-2020-3778, CVE-2020-3781, CVE-2020-3782, CVE-2020-3791)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Out-of-bounds write vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3773, CVE-2020-3779)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Buffer errors vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3770, CVE-2020-3772, CVE-2020-3774, CVE-2020-3775, CVE-2020-3776, CVE-2020-3780)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user.
Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be
less impacted than those who operate with administrative user rights.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">RECOMMENDATIONS:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">We recommend the following actions be taken:</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Install updates provided by Adobe and related Coldfusion JDK/JRE versions immediately after appropriate testing.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Remind users not to visit websites or follow links provided by unknown or untrusted sources.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Apply the Principle of Least Privilege to all systems and services.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">REFERENCES:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">ADOBE:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8L4VaFdWBML2rV7ll5Prvn-Ln1YNGftY5mc3JZGy1AQ&e=">https://helpx.adobe.com/security.html</a>
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_bridge_apsb20-2D17.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=gz5y_UMZu6dh-mpYEHeqyJCYMojsx6CUqESdq3ICobk&e=">https://helpx.adobe.com/security/products/bridge/apsb20-17.html</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_coldfusion_apsb20-2D16.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=QVHvwCuB-h-oFtN0a9Qj0y8-osjlOOjC1D9AX_RFt8o&e=">https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_photoshop_apsb20-2D14.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=SGbb-4HsGR6HZYhh6ia9QlvUHVFUqqiITCNWAURdDxU&e=">https://helpx.adobe.com/security/products/photoshop/apsb20-14.html</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">CVE:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3761&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=GFNcPCmgiVNGfLU2ZRQqyZNRQhfRy7ZfzbXMflN6U-0&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3761</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3770&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=KwWSmgI0CB1PcuGE2f0l08FTg1TKzrIkZ6OEZWPXDYk&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3770</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3771&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=P1bfT5UbNLbqB8HExhu0oQZm7eRk6ELRP3kkDhgp4kY&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3771</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3772&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8Fjuv3Y4FCHe2CiLCsbe-IE0H6MStlQoknbv6L_7Y7Q&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3772</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3773&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=LLxmvx25QJxvD0DY-1VFFQvP-Mfe2W2hFhHfoxWZ78Q&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3773</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3774&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=5meBk8mvpV3zSXN49pAv3Cg8rVmJBjabay4uLZUuOfU&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3774</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3775&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=wK9ELuhpGKU-GzpmwkyzYapd2iE2qwPGZ85gvVid4zQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3775</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3776&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=OG66tOQI0EX6_fm6R8Y1uhwRzCaxx3N9E55heCf1tbo&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3776</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3777&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=bDtEI37fzBqOVt3_eOVCm6eem83aXQVe1NF0hDAQWE0&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3777</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3778&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=n6Z0WNu9nRpiFySoKGoarswPH7ggZJvXiYDjtHXPMmw&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3778</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3779&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=G3SS3YmyofAwxkC7tP6NFhdZEcgOzOv02cpA46cqy7k&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3779</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3780&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=m-eSXj2o1_vLJnNegnN-F3UozUJhm75vdGz1X1a8eKo&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3780</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3781&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=-4XHeIsMOrxgQZx1bOgzfVv7UY434eHn-vNx4E7rw2g&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3781</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3782&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=qlh6vHVWrDV4Gwo2_HH0dl5OPWfTSxhPhudJ1KTT2Eo&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3782</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3783&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=_AE2zZN6UtUdQiSr493rGA0bj9z-aiKegD8HiPlh9po&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3783</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3784&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=L7ZfjWVAi-VqxJEMDPOfJFEEwgOgYLk0FppXyhhOcpM&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3784</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3785&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=bXrSK6Jz-XXFod04wR8fPcr9el9qlDVM51smbs31cAI&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3785</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3786&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=jsqumk0Es9iAnTO6wSyO0IyMOcxRnnwa-TkzbfDER3w&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3786</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3787&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=W90p9yO0EPzMP08p9GR93BEGUkdNRWHWbmTQS7C5BcQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3787</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3788&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=UdUAlpjJ0-eQxF76yxa-UdPC2SFXulrjEbCtabhsodY&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3788</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3789&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=u2paLgtvtlJRRAA6gXJaAaCZtN6ILoBcr7HYCleP4d8&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3789</a>
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3790&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=LUPJ3GTw1Yw6BglFEK3nPNXXvMTi4mG8AAq6z5ghKsQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3790</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3791&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=jyj-SUl2JHz1lSyZI3etRro716Ur23Vg7L9hSS2FURI&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3791</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3794&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=RHpI2Rfl7cU3Fp23TYQuRqhRUgjXz5fIL8Qonu1kvXQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3794</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D9551&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=F7QCfETGEHTi3ZIqg1OwwZF6CZlOdj457mvm0gYHndc&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9551</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D9552&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8EgkLfA8VKgFO1UHRo5-DFNHoJAKyKScp7nC9ULtDTA&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9552</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">24×7 Security Operations Center</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">Multi-State Information Sharing and Analysis Center (MS-ISAC)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">31 Tech Valley Drive</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">East Greenbush, NY 12061</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black"><a href="mailto:SOC@cisecurity.org"><span style="color:#954F72">SOC@cisecurity.org</span></a> - 1-866-787-4722
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><img border="0" width="313" height="53" id="x_Picture_x0020_11" alt="cid:image001.jpg@01D40C67.01A3BDE0" style="width:3.2638in; height:.5555in" data-outlook-trace="F:1|T:1" src="cid:image001.jpg@01D5FD6D.61EC8210"></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_CenterforIntSec_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=E_x3D_2BAVbE2Rf8feq2NgaceAjBx01bX9YZJLovbc4&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_10" alt="cid:image002.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image002.png@01D5FD6D.61EC8210"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_CISecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=lFdse_-DieTBN9Jwgw7eZVSq7MxI0eFI4MkWOItW2vI&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_9" alt="cid:image003.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image003.png@01D5FD6D.61EC8210"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.youtube.com_user_TheCISecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=3PL2tQmINgFo33iwlKosj2RhzRCFJnZwUMYX4Jbuo-A&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_8" alt="cid:image004.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image004.png@01D5FD6D.61EC8210"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.linkedin.com_company_the-2Dcenter-2Dfor-2Dinternet-2Dsecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=KrO7lzwBzM3k4BhinlHzCilRM2mC-n1G5aMKKO68JJM&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_7" alt="cid:image005.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image005.png@01D5FD6D.61EC8210"></span></a></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">TLP: WHITE</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">Disclosure is not limited. Subject to standard copyright rules, TLP: WHITE information may be distributed without restriction.</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> </span></p>
</div>
<p class="x_MsoNormal" style="margin-left:.5in">This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments
is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
<br>
<br>
. . . . . </p>
</div>
</div>
</div>
</div>
</body>
</html>