<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">Kari / Bobby,</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">The Pansophy Team has been working on getting our software updated. We are close to being ready to convert. We should be ready by Friday.</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">So, what steps do I need to take to prepare for the server conversion?</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">We are working on pansophydev-2018.jlab.org CF2018.</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">We are utilizing github so we will have to clone the new repository.</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">I would like to upgrade our development server first to make sure we understand all the steps that need to be taken (pansophydev.jlab.org). Test and then upgrade the production server (pansophy.jlab.org).</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">We had to create a new virtual server for this version of CF. There were several people involved to put all the pieces in place. </span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">Will you let me know how I should proceed to request this upgrade and an estimate of time-frame to complete so that I can inform my supervisors and we can prepare our users for the upgrade?</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">Thank You.</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;"><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<span style="font-size: 12pt;">Valerie (Pansophy Team)</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16pt; color: rgb(0, 0, 0);">
<br>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Kari Heffner <heffner@jlab.org><br>
<b>Sent:</b> Tuesday, March 24, 2020 5:38 PM<br>
<b>To:</b> Valerie Bookwalter <bookwalt@jlab.org><br>
<b>Cc:</b> Bobby Lawrence <robertl@jlab.org><br>
<b>Subject:</b> FW: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</font>
<div> </div>
</div>
<style>
<!--
@font-face
{font-family:"Cambria Math"}
@font-face
{font-family:Calibri}
@font-face
{font-family:Consolas}
@font-face
{font-family:Georgia}
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
a:link, span.x_MsoHyperlink
{color:blue;
text-decoration:underline}
a:visited, span.x_MsoHyperlinkFollowed
{color:purple;
text-decoration:underline}
p
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
pre
{margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:Consolas}
p.x_MsoListParagraph, li.x_MsoListParagraph, div.x_MsoListParagraph
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
span.x_HTMLPreformattedChar
{font-family:Consolas}
p.x_msonormal0, li.x_msonormal0, div.x_msonormal0
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
span.x_CodeStyleChar
{font-family:"Georgia",serif}
p.x_CodeStyle, li.x_CodeStyle, div.x_CodeStyle
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Georgia",serif}
span.x_EmailStyle24
{font-family:"Calibri",sans-serif;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none}
span.x_EmailStyle25
{font-family:"Calibri",sans-serif;
color:#1F497D}
span.x_EmailStyle26
{font-family:"Calibri",sans-serif;
color:windowtext}
.x_MsoChpDefault
{font-size:10.0pt}
@page WordSection1
{margin:1.0in 1.0in 1.0in 1.0in}
div.x_WordSection1
{}
ol
{margin-bottom:0in}
ul
{margin-bottom:0in}
-->
</style>
<div lang="EN-US" link="blue" vlink="purple">
<div class="x_WordSection1">
<p class="x_MsoNormal">Valerie, see the below for important security updates for the pansophy ColdFusion server. There are no updates for CF10 and so you need to be on a supported version of CF. In order to get your servers updated, bobby needs to get you all
to the new server version he installed a while ago. When do you think that can happen?</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">Thanks!</p>
<p class="x_MsoNormal">Kari</p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt; padding:3.0pt 0in 0in 0in">
<p class="x_MsoNormal"><b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> Bobby Lawrence <robertl@jlab.org>
<br>
<b>Sent:</b> Tuesday, March 24, 2020 4:54 PM<br>
<b>To:</b> Kari Heffner <heffner@jlab.org>; Dana Cochran <cochran@jlab.org><br>
<b>Subject:</b> FW: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span></p>
</div>
</div>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif">Looks like we have CF updates to do. I just logged into miswebvm1 and there is an update available to apply</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt; padding:3.0pt 0in 0in 0in">
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> Greg Nowicki <<a href="mailto:gnowicki@jlab.org">gnowicki@jlab.org</a>>
<br>
<b>Sent:</b> Tuesday, March 24, 2020 4:50 PM<br>
<b>To:</b> Bobby Lawrence <<a href="mailto:robertl@jlab.org">robertl@jlab.org</a>><br>
<b>Cc:</b> David Sheppard <<a href="mailto:sheppard@jlab.org">sheppard@jlab.org</a>>;
<a href="mailto:secops@jlab.org">secops@jlab.org</a>; <a href="mailto:seclog@jlab.org">
seclog@jlab.org</a><br>
<b>Subject:</b> Fw: MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span></p>
</div>
</div>
<p class="x_MsoNormal" style="margin-left:.5in"> </p>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black">FYI. Looks like we have some serious vulnerabilities in ColdFusion.</span></p>
</div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black">Greg</span></p>
</div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black"> </span></p>
</div>
<div>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-family:"Calibri",sans-serif; color:black"> </span></p>
</div>
<div style="margin-left:.5in">
<div class="x_MsoNormal" align="center" style="text-align:center">
<hr size="3" width="98%" align="center">
</div>
</div>
<div id="x_divRplyFwdMsg">
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:black">From:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif; color:black"> MS-ISAC Advisory <<a href="mailto:MS-ISAC.Advisory@msisac.org">MS-ISAC.Advisory@msisac.org</a>><br>
<b>Sent:</b> Wednesday, March 18, 2020 21:49<br>
<b>To:</b> Thomas Duffy <<a href="mailto:Thomas.Duffy@cisecurity.org">Thomas.Duffy@cisecurity.org</a>><br>
<b>Subject:</b> [EXTERNAL] MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17) - PATCH: NOW - TLP: WHITE</span>
</p>
<div>
<p class="x_MsoNormal" style="margin-left:.5in"> </p>
</div>
</div>
<div>
<div>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">TLP: WHITE</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">MS-ISAC CYBERSECURITY ADVISORY</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">MS-ISAC ADVISORY NUMBER:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">2020-039</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">DATE(S) ISSUED:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">03/18/2020</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">SUBJECT:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution (APSB20-14, 16, 17)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">OVERVIEW:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple vulnerabilities have been discovered in Adobe Photoshop, ColdFusion, and Bridge that could allow for arbitrary code execution. Adobe Photoshop
is a graphics editor program. Adobe Bridge is a file management application that manages files across multiple Adobe programs. Adobe ColdFusion is a rapid web-application development platform used to create and maintain web applications. Successful exploitation
of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create
new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">THREAT INTELLIGENCE:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">There are no reports of these vulnerabilities being exploited in the wild.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">SYSTEMS AFFECTED:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe Bridge version 10.0 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe ColdFusion 2016 Update 13 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe ColdFusion 2018 Update 7 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe Photoshop CC 2019 version 20.0.8 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Adobe Photoshop 2020 version 21.1 and earlier versions</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">RISK:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Government:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Large and medium government entities:
<b>High</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Small government entities:
<b>Medium</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Businesses:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Large and medium business entities:
<b>High</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Small business entities:
<b>Medium</b></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Home users: Low</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">TECHNICAL SUMMARY:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple vulnerabilities have been discovered in Adobe Photoshop, ColdFusion, and Bridge that could allow for arbitrary code execution. The vulnerabilities
are as follows:</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoListParagraph" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:11.0pt; font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Out-of-bounds write vulnerability could allow for Arbitrary Code Execution. (CVE-2020-9551)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Heap-based buffer overflow vulnerability could allow for Arbitrary Code Execution. (CVE-2020-9552)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Remote file read vulnerability could allow for Arbitrary File Read from the ColdFusion install directory. (CVE-2020-3761)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">File inclusion vulnerability could allow for Arbitrary Code Execution of files located in the webroot or its subdirectory (CVE-2020-3794)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Heap corruption vulnerability that could allow for Arbitrary Code Execution. (CVE-2020-3783)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Memory corruption vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3784, CVE-2020-3785, CVE-2020-3786, CVE-2020-3787, CVE-2020-3788, CVE-2020-3789,
CVE-2020-3790)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Out-of-bounds read vulnerabilities that could allow for Information Disclosure. (CVE-2020-3771, CVE-2020-3777, CVE-2020-3778, CVE-2020-3781, CVE-2020-3782, CVE-2020-3791)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Out-of-bounds write vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3773, CVE-2020-3779)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Multiple Buffer errors vulnerabilities that could allow for Arbitrary Code Execution. (CVE-2020-3770, CVE-2020-3772, CVE-2020-3774, CVE-2020-3775, CVE-2020-3776, CVE-2020-3780)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user.
Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be
less impacted than those who operate with administrative user rights.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">RECOMMENDATIONS:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif">We recommend the following actions be taken:</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Install updates provided by Adobe and related Coldfusion JDK/JRE versions immediately after appropriate testing.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Remind users not to visit websites or follow links provided by unknown or untrusted sources.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:1.0in; text-indent:-.25in"><span style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span style="font-size:11.0pt; font-family:"Arial",sans-serif">Apply the Principle of Least Privilege to all systems and services.</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">REFERENCES:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">ADOBE:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8L4VaFdWBML2rV7ll5Prvn-Ln1YNGftY5mc3JZGy1AQ&e=">https://helpx.adobe.com/security.html</a>
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_bridge_apsb20-2D17.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=gz5y_UMZu6dh-mpYEHeqyJCYMojsx6CUqESdq3ICobk&e=">https://helpx.adobe.com/security/products/bridge/apsb20-17.html</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_coldfusion_apsb20-2D16.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=QVHvwCuB-h-oFtN0a9Qj0y8-osjlOOjC1D9AX_RFt8o&e=">https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__helpx.adobe.com_security_products_photoshop_apsb20-2D14.html&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=SGbb-4HsGR6HZYhh6ia9QlvUHVFUqqiITCNWAURdDxU&e=">https://helpx.adobe.com/security/products/photoshop/apsb20-14.html</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><b><span style="font-size:11.0pt; font-family:"Arial",sans-serif">CVE:</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3761&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=GFNcPCmgiVNGfLU2ZRQqyZNRQhfRy7ZfzbXMflN6U-0&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3761</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3770&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=KwWSmgI0CB1PcuGE2f0l08FTg1TKzrIkZ6OEZWPXDYk&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3770</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3771&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=P1bfT5UbNLbqB8HExhu0oQZm7eRk6ELRP3kkDhgp4kY&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3771</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3772&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8Fjuv3Y4FCHe2CiLCsbe-IE0H6MStlQoknbv6L_7Y7Q&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3772</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3773&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=LLxmvx25QJxvD0DY-1VFFQvP-Mfe2W2hFhHfoxWZ78Q&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3773</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3774&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=5meBk8mvpV3zSXN49pAv3Cg8rVmJBjabay4uLZUuOfU&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3774</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3775&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=wK9ELuhpGKU-GzpmwkyzYapd2iE2qwPGZ85gvVid4zQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3775</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3776&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=OG66tOQI0EX6_fm6R8Y1uhwRzCaxx3N9E55heCf1tbo&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3776</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3777&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=bDtEI37fzBqOVt3_eOVCm6eem83aXQVe1NF0hDAQWE0&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3777</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3778&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=n6Z0WNu9nRpiFySoKGoarswPH7ggZJvXiYDjtHXPMmw&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3778</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3779&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=G3SS3YmyofAwxkC7tP6NFhdZEcgOzOv02cpA46cqy7k&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3779</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3780&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=m-eSXj2o1_vLJnNegnN-F3UozUJhm75vdGz1X1a8eKo&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3780</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3781&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=-4XHeIsMOrxgQZx1bOgzfVv7UY434eHn-vNx4E7rw2g&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3781</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3782&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=qlh6vHVWrDV4Gwo2_HH0dl5OPWfTSxhPhudJ1KTT2Eo&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3782</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3783&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=_AE2zZN6UtUdQiSr493rGA0bj9z-aiKegD8HiPlh9po&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3783</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3784&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=L7ZfjWVAi-VqxJEMDPOfJFEEwgOgYLk0FppXyhhOcpM&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3784</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3785&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=bXrSK6Jz-XXFod04wR8fPcr9el9qlDVM51smbs31cAI&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3785</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3786&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=jsqumk0Es9iAnTO6wSyO0IyMOcxRnnwa-TkzbfDER3w&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3786</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3787&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=W90p9yO0EPzMP08p9GR93BEGUkdNRWHWbmTQS7C5BcQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3787</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3788&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=UdUAlpjJ0-eQxF76yxa-UdPC2SFXulrjEbCtabhsodY&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3788</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3789&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=u2paLgtvtlJRRAA6gXJaAaCZtN6ILoBcr7HYCleP4d8&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3789</a>
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3790&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=LUPJ3GTw1Yw6BglFEK3nPNXXvMTi4mG8AAq6z5ghKsQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3790</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3791&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=jyj-SUl2JHz1lSyZI3etRro716Ur23Vg7L9hSS2FURI&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3791</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D3794&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=RHpI2Rfl7cU3Fp23TYQuRqhRUgjXz5fIL8Qonu1kvXQ&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3794</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D9551&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=F7QCfETGEHTi3ZIqg1OwwZF6CZlOdj457mvm0gYHndc&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9551</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2020-2D9552&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=8EgkLfA8VKgFO1UHRo5-DFNHoJAKyKScp7nC9ULtDTA&e=">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9552</a></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">24×7 Security Operations Center</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">Multi-State Information Sharing and Analysis Center (MS-ISAC)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">31 Tech Valley Drive</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">East Greenbush, NY 12061</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black"><a href="mailto:SOC@cisecurity.org"><span style="color:#954F72">SOC@cisecurity.org</span></a> - 1-866-787-4722
</span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"><img border="0" width="313" height="53" id="x_Picture_x0020_11" alt="cid:image001.jpg@01D40C67.01A3BDE0" style="width:3.2638in; height:.5555in" data-outlook-trace="F:1|T:1" src="cid:image001.jpg@01D5FD6D.61EC8210"></span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_CenterforIntSec_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=E_x3D_2BAVbE2Rf8feq2NgaceAjBx01bX9YZJLovbc4&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_10" alt="cid:image002.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image002.png@01D5FD6D.61EC8210"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_CISecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=lFdse_-DieTBN9Jwgw7eZVSq7MxI0eFI4MkWOItW2vI&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_9" alt="cid:image003.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image003.png@01D5FD6D.61EC8210"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.youtube.com_user_TheCISecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=3PL2tQmINgFo33iwlKosj2RhzRCFJnZwUMYX4Jbuo-A&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_8" alt="cid:image004.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image004.png@01D5FD6D.61EC8210"></span></a><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.linkedin.com_company_the-2Dcenter-2Dfor-2Dinternet-2Dsecurity_&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=Th5-sV6QIeEgwl8550_6E0o_luiEaQAJBsBseT5EMaw&m=rBe7oCEj6Pahv47YeitTNPqJw_L2oX01sINjSIB6nJQ&s=KrO7lzwBzM3k4BhinlHzCilRM2mC-n1G5aMKKO68JJM&e="><span style="font-family:"Arial",sans-serif; color:windowtext; text-decoration:none"><img border="0" width="23" height="24" id="x_Picture_x0020_7" alt="cid:image005.png@01D291DE.F838E090" style="width:.243in; height:.25in" data-outlook-trace="F:1|T:1" src="cid:image005.png@01D5FD6D.61EC8210"></span></a></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">TLP: WHITE</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" align="center" style="margin-left:.5in; text-align:center">
<b><span style="font-size:11.0pt; font-family:"Arial",sans-serif; color:black">Disclosure is not limited. Subject to standard copyright rules, TLP: WHITE information may be distributed without restriction.</span></b><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Arial",sans-serif"> </span><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"></span></p>
<p class="x_MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt; font-family:"Calibri",sans-serif"> </span></p>
</div>
<p class="x_MsoNormal" style="margin-left:.5in">This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments
is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
<br>
<br>
. . . . . </p>
</div>
</div>
</div>
</div>
</body>
</html>