CVE-2020-8289

moderate-risk
Published 2020-12-27

Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality.

Do I need to act?

!
20.5% chance of exploitation in next 30 days
EPSS score — higher than 79% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (2)

Affected Vendors

Backblaze

References (12)

Mailing List http://seclists.org/fulldisclosure/2020/Dec/57
Mailing List http://seclists.org/fulldisclosure/2020/Dec/58
Exploit https://github.com/geffner/CVE-2020-8289/blob/master/README.md
Permissions Required https://hackerone.com/reports/818853
Third Party Advisory https://www.backblaze.com/blog/backblaze-cloud-backup-release-7-0-1/
Exploit https://youtu.be/W0THXbcX5V8
Mailing List http://seclists.org/fulldisclosure/2020/Dec/57
Mailing List http://seclists.org/fulldisclosure/2020/Dec/58
Exploit https://github.com/geffner/CVE-2020-8289/blob/master/README.md
Permissions Required https://hackerone.com/reports/818853
Third Party Advisory https://www.backblaze.com/blog/backblaze-cloud-backup-release-7-0-1/
Exploit https://youtu.be/W0THXbcX5V8
45
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 14/34 · Moderate
Exposure 7/34 · Low