by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * Multiple vulnerabilities in Framework that could allow for Escalation of Privileges (CVE-2021-0303, CVE-2021-0306, CVE-2021-0307, CVE-2021-0310, CVE-2021-0315, CVE-2021-0317, CVE-2021-0318, CVE-2021-0319)* A vulnerability in Framework that could allow for Remote Code Execution...
Read More
by CIRT Team
Multiple Vulnerabilities in Fortinet FortiWeb Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Fortinet FortiWeb, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted...
Read More
by CIRT Team
CVE-2020-29583-Zyxel security advisory for hardcoded credential vulnerability
DESCRIPTION Zyxel has released a patch for the hardcoded credential vulnerability of firewalls and AP controllers recently reported by researchers from Eye Control Netherlands. Users are advised to install the applicable firmware updates for optimal protection. A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected...
Read More
by CIRT Team
Multiple Vulnerabilities in ArubaNetworks ArubaOS and SD-WAN Could Allow for Arbitrary Code Execution
SUBJECTMultiple Vulnerabilities in ArubaNetworks ArubaOS and SD-WAN Could Allow for Arbitrary Code Execution DESCRIPTIONMultiple vulnerabilities have been discovered in ArubaNetwork’s ArubaOS and SD-WAN, which could result in arbitrary code execution. Aruba (a Hewlett Packard Enterprise company) is the worldwide second-largest enterprise WLAN vendor after Cisco. ArubaOS is its WLAN controller system for automating WLAN management, and SD-WAN (software defined WAN) is its cloud-oriented WAN orchestration...
Read More
by CIRT Team
TroubleGrabber Malware
TroubleGrabber, a new credential stealer discovered by Netskope securityresearchers, spreads via Discord attachments and uses Discord webhooksto deliver stolen information to its operators.Several threat actors usethe new info stealer to target gamers on Discord servers and to stealtheir passwords and other sensitive information. This malware, which primarily arrives via drive-by download, steals theweb browser tokens, Discord webhook tokens, web browser passwords, andsystem information. This information...
Read More
by CIRT Team
SolarWinds Orion Vulnerabilities
The Department of Homeland Security Cybersecurity and InfrastructureSecurity Agency (CISA) issued an Emergency Directive on December 13,2020 in response to the compromise of the SolarWinds Orion product forall federal civilian agencies. The directive calls for all organizationsto assess their exposure to the compromise and secure their networksagainst exploitation. The following SolarWinds Orion versions are affected: Orion Platform 2019.4 HF5, version 2019.4.5200.9083Orion Platform 2020.2 RC1, version 2020.2.100.12219Orion Platform 2020.2...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....
Read More
by CIRT Team
A Vulnerability in Apache Struts Could Allow for Remote Code Execution
DESCRIPTIONA vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open source framework used for building Java web applications. Successful exploitation of this vulnerability could allow for remote code execution. Depending on the privileges associated with the user, an attacker could then install programs; view; change, or delete data; or create new accounts with full user...
Read More
by CIRT Team
Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
DESCRIPTIONA vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit...
Read More
