Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

A Vulnerability in Polkit’s pkexec Component Could Allow For Local Privilege Escalation

DESCRIPTION:A vulnerability in Polkit’s pkexec component could allow for localprivilege escalation. Polkit (formerly PolicyKit) is a component forcontrolling system-wide privileges in Unix-like operating systems. Itprovides an organized way for non-privileged processes to communicatewith privileged ones. Polkit is installed by default on all major Linuxdistributions. Successful exploitation of this vulnerability couldresult...

Read more

0
27 Jan 2022
in Security Advisories & Alerts

CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability

CVE SummaryCVE Base Score: 9.8 CRITICAL (CVSS:3.1)CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS v3.1 Severity and MetricsBase Score: 9.8 CRITICALVector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HImpact Score: 5.9Exploitability Score: 3.9Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope(S): UnchangedConfidentiality(C): HighIntegrity (I): HighAvailability (A): High CVE Released: Jan 11, 2022, Last updated: Jan 12, 2022...

Read more

0
26 Jan 2022
in Security Advisories & Alerts

A Vulnerability in Citrix Workspace App for Linux Could Allow for Local Privilege Escalation

DESCRIPTION:A vulnerability has been discovered in Citrix Workspace App for Linux, avirtual desktop application. Successful exploitation of thisvulnerability could allow for local privilege escalation. A privilegeescalation enables the attacker to obtain root privileges within thesystem which will enable them to install programs; view, change, ordelete data; or create new accounts...

Read more

0
18 Jan 2022
in Security Advisories & Alerts

A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution

DESCRIPTION:A vulnerability has been discovered in HP FutureSmart that could allowfor arbitrary code execution. HP FutureSmart is a piece of systemfirmware that is used on all HP Enterprise devices. Successfulexploitation of this vulnerability could allow for arbitrary codeexecution within the context of the affected application. Depending onthe privileges associated with...

Read more

0
10 Jan 2022
in Security Advisories & Alerts

A Vulnerability in Multiple NETGEAR Products Could Allow for Arbitrary Code Execution

DESCRIPTION:A vulnerability has been discovered in multiple NETGEAR products, whichcould allow for arbitrary code execution. Successful exploitation ofthis vulnerability could allow for arbitrary code execution in thecontext of the root user. An attacker could then install programs; view,change, or delete data; or create new accounts with full user rights. IMPACT:  RIMM...

Read more

0
10 Jan 2022
in Security Advisories & Alerts

Google Android OS Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for...

Read more

0
05 Jan 2022
in Security Advisories & Alerts

Multiple Vulnerabilities in SonicWall SMA 100 Series Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities in SonicWall SMA 100 Series could allow forarbitrary code execution. Successful exploitation of thesevulnerabilities could allow for arbitrary code execution. The SonicWallSMA 100 Series is a unified secure access gateway that enablesorganizations to provide access to any application, anytime, fromanywhere and any devices, including managed and unmanaged. Depending...

Read more

0
04 Jan 2022
in Security Advisories & Alerts

Apache Log4j2 is vulnerable to RCE via JDBC Appender when an attacker controls configuration

CVE-2021-44832 (CVSS score: 6.6 MEDIUM) – Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE)attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data...

Read more

0
30 Dec 2021
Page 2 of 1112345...10...Last »