Critical vBulletin vulnerability affects 100,000 websites and top Fortune 500 companies

Cloud computing security specialists recommend that online discussion forum administrators based on the popular vBulletin software verify that their deployment is updated to the latest version, as it contains a patch that fixes a critical vulnerability. The vulnerability was tracked as CVE-2020-12720 although no further technical details were revealed.

This is a widely popular PHP programming language software; employed on more than 100,000 sites (including some forums of the world’s leading companies), vBulletin has become one of the main targets of threat actors looking to exploit flaws in this software to compromise websites, servers and databases of administrators.

Although the details of this flaw have not been revealed, cloud computing security experts have already reverse engineered the security patch, so they managed to understand what the flaw is. In addition, the National Vulnerability Database (NVD) analyzed the fault, discovering that it originated due to an improper access control issue present in versions 5.5.6pl1, 5.6.0pl1, and 5.6.1.

According to the developer report, users of vBulletin 5 Connect versions earlier than 5.5.2 should update as soon as possible. While there are no reports of proof of concept or attempts at active exploitation in real-world scenarios, experts anticipate the emergence of an exploit shortly.

On the other hand, it was leaked that cloud computing security expert Charles Fol confirmed the discovery of this vulnerability, and was also in charge of reporting it to the developers of vBulletin; a full report of the flaw could be presented during a cybersecurity conference to be held next month.  

Security patches to address these vulnerabilities are now available on official developer platforms; vBulletin powered forums administrators are encouraged to download and install the respective patches for the following versions of their forum software as soon as possible:

  • 5.6.1 Patch Level 1
  • 5.6.0 Patch Level 1
  • 5.5.6 Patch Level 1

This is a flaw similar to those found in plugins for popular content management systems, and their presence could affect hundreds of thousands of websites. For further reports on vulnerabilities, exploits, malware variants and computer security risks you can access the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.