This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Sigbjorn
Advisor
‎2020-02-18 05:58 AM

Oracle January 2020 CVEs (CVE-2020-2546)

We have a vendor that cannot patch a system for CVE-2020-2546, does anyone know if there will be a signature available soon?

While looking for this, I see there is a lot of new Oracle exploits being patched, so I assume people are hard at work to create virtual patching.

Ref; https://www.tenable.com/blog/oracle-january-2020-critical-patch-update-contains-255-cves

0 Kudos
Reply
5 Replies
_Val_
Admin
Admin
‎2020-02-20 08:40 AM

Hi @Sigbjorn 

 

This specific vulnerability does not have a proof of concept or a known exploit in the wild. That means, that for now there isn't enough information in order to develop a protection.

We are constantly monitoring these kind of vulnerabilities, and will provide relevant protections as soon as the required information is available.

0 Kudos
Reply
Sigbjorn
Advisor
‎2020-02-20 09:51 PM
In response to _Val_

Hi Val,

Thank you for the feedback.

Reply
LeonM
Explorer
‎2020-03-09 11:57 PM
In response to _Val_

Hello Val I just stumbled onto this thread, just wanted to check is there any updates in regards to the CVE in question? (CVE-2020-2546)

0 Kudos
Reply
_Val_
Admin
Admin
‎2020-03-10 01:14 AM
In response to LeonM

No. Without PoC or an exploit, there is no way to provide a signature based protection

Reply
LeonM
Explorer
‎2020-03-10 01:21 AM
In response to _Val_

Hey Val,
Alright, thank you for the quick reply
0 Kudos
Reply