The cPanel Security Team has identified and resolved a major security issue in the cPanel software (cPanel TSR-2020-0003). The details of this vulnerability can be found here:
An update for cPanel has already been released to patch this security vulnerability.
What do you need to do if you are a managed DotBlock customer? Nothing. We will update your server or VPS and verify that the patched version is installed.
What do you need to do if you are an unmanaged DotBlock customer that uses cPanel? Most likely nothing. cPanel will update itself automatically by default unless you've turned this setting off or if you have an upgrade blocker. If you have disabled automatic updates you will need to install the update yourself.
If you haven't automatically updated to the latest cPanel version, then your server may be incapable of receiving updates due to an Upgrade Blocker, but it is important to address whatever issues are hindering your server from receiving critical updates. We strongly recommend making sure to keep all system software up to date for security reasons.
In any case, it is a good idea to check to make sure it has been updated if you are using cPanel.
DotBlock Security Team
Tuesday, May 19, 2020