by CIRT Team
Critical Patches Issued for Microsoft Products, December 14, 2021
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...
Read More
by CIRT Team
Multiple Vulnerabilities in iCloud for Windows Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in iCloud for WindowsCould Allow for Arbitrary Code Execution. iCloud for Windows is a cloudstorage and cloud computing service. Successful exploitation of thesevulnerabilities could result in arbitrary code execution within thecontext of the application, an attacker gaining the same privileges asthe logged-on user, or the bypassing of security restrictions. Dependingon the permission associated with the application running the exploit,an attacker...
Read More
by CIRT Team
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including theiPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* macOS Monterey is the 18th and current major release of macOS.* macOS Big Sur is the 17th...
Read More
by CIRT Team
Apache Releases Security Update for HTTP Server
DESCRIPTION:The Apache Software Foundation has released Apache HTTP Server 2.4.52.Reference:https://downloads.apache.org/httpd/Announcement2.4.html CVE-2021-44790 (CVSS score: 9.8- CRITICAL) -A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).The Apache httpd team is not aware of an exploit for the vulnerability though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. CVE-2021-44224...
Read More
by CIRT Team
A Vulnerability in Fortinet FortiWeb Could Allow for Arbitrary Code Execution
DESCRIPTION:A vulnerability has been discovered in Fortinet FortiWeb that couldallow for arbitrary code execution. Fortinet FortiWeb is a firewall forweb applications, which provides threat protection for medium and largeenterprises. Successful exploitation of this vulnerability could allowfor arbitrary code execution within the context of the affectedapplication. Depending on the privileges associated with thisapplication, an attacker could then install programs; view, change, ordelete data; or create new...
Read More
by CIRT Team
A Vulnerability in Mozilla NSS (Network Security Services) Could Allow for Arbitrary Code Execution
DESCRIPTION:A vulnerability has been discovered in Mozilla’s Network SecurityServices (NSS), a set of cryptography libraries used to handlesignatures and certification validation. Successful exploitation of thisthe vulnerability could allow for arbitrary code execution within thecontext of the affected application, which could be either a client likeThunderbird or server like Apache webserver. Depending on the privilegesassociated with this application, an attacker could then installprograms; view, change, or...
Read More
by CIRT Team
Log4j update – Apache releases the third patch to address a new Log4j Vulnerability
Log4j is an open-source logging framework developed by the Apache Foundation which is incorporated into many Java-based applications on both servers and end-user systems.A series of vulnerabilities in the popular Java-based logging library Log4j is under active exploitation by multiple threat actors. The current list of vulnerabilities and recommended fixes are listed here: CVE-2021-44228 (CVSS score: 10.0- CRITICAL) – Apache Log4j2 JNDI features do not...
Read More
by CIRT Team
Multiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been identified in Mozilla Thunderbird,the most severe of which could allow for arbitrary code execution.Mozilla Thunderbird is an email client. Successful exploitation of themost severe of these vulnerabilities could allow for arbitrary codeexecution. Depending on the privileges associated with the user, anattacker could then install programs; view, change, or delete data; orcreate new accounts with full user rights. Users whose accounts areconfigured...
Read More
by CIRT Team
A Vulnerability in SonicWall SMA 100 Series Could Allow for Arbitrary File Deletion
DESCRIPTION:A vulnerability has been discovered in SonicWall SMA100 Series thatcould allow for arbitrary file deletion. The SonicWall SMA 100 Series isa unified secure access gateway that enables organizations to provideaccess to any application, anytime, from anywhere, and any devices,including managed and unmanaged. Successful exploitation of thisvulnerability could result in arbitrary file deletion which enables anattacker to reboot the device to factory default settings. Afterward,this could...
Read More
by CIRT Team
CVE-2021-44228: Critical Apache Log4j vulnerability
Description: Apache Log4j2 <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. In previous releases (>2.10)...
Read More
