5 days in: Are people actually patching? A Censys Update on exposed salt servers
Critical Saltstack CVEs Allow For Infrastructure Takeover - This week Saltstack announced two critical vulnerabilities, CVE-2020-11651 and CVE-2020-11652. These vulnerabilities allow an attacker to bypass both authentication and authorization controls to effectively take over anything Saltstack is managing; this includes cloud infrastructure, servers, databases, and in some cases even user endpoints like laptops.
There’s a good chance you’ve heard about COVID-19 and the global pandemic that’s been taking the world by storm. There’s also a good chance that you are, or know, an IT or Security professional that has had their world upended to support a 100% remote workforce that was otherwise non-existent a couple of weeks ago.