Technical Details Note: this advisory uses the MITRE ATT&CK® for Enterprise framework, version 11. See MITRE ATT&CK for Enterprise for all referenced tactics and techniques. Zeppelin ransomware is a derivative of the Delphi-based Vega malware family and functions as a Ransomware as a Service (RaaS). From 2019 through at least June 2022, actors have used this malware to target a wide range of businesses and critical infrastructure...
Read More
An authentication bypass Zimbra security vulnerability is actively exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide.According to threat intelligence firm Volexity, attackers have been abusing a ZCS remote code execution flaw tracked as CVE-2022-27925 requiring authentication with the help of an auth bypass bug (tracked as CVE-2022-37042). Description: CVE-2022-27925: Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP...
Read More
Description:kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Impact: A local attacker may exploit this issue to gain elevated root privileges on the affected system. Mitigation: Updates...
Read More
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CVE-2022-30190, also known as “Follina” — the RCE vulnerability in the Microsoft Windows Support Diagnostic Tool that was disclosed in late May and exploited in the wild — has now received patches for affected Windows systems. While Microsoft had...
Read More
Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute maliciously PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. Workarounds: In Microsoft Defender’s Attack Surface Reduction (ASR) activating the rule “Block all Office applications from creating child processes” in Block mode will prevent this from being exploited.[https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-all-office-applications-from-creating-child-processes] Disable the MSDT URL Protocol....
Read More
The Cyber Threat Intelligence Unit at BGD e-GOV CIRT has identified a surge in cyber-attacks targeting organizations through the compromise of third-party service providers. Recently, multiple organizations in Bangladesh have encountered data breaches. Some individuals employed by third-party service providers, tasked with offering technical support to various client organizations, have been targeted by information-stealing malware. Investigations revealed that the information-stealing malware covertly extracted sensitive data,…
বাংলাদেশের সাইবার স্পেসের সুরক্ষা নিশ্চিত করার লক্ষ্যে বাংলাদেশ সরকারের কম্পিউটার ইনসিডেন্ট রেসপন্স টিম (BGD e-GOV CIRT) সক্রিয়ভাবে গুরুত্বপূর্ণ থ্রেট ইনটেলিজেন্স সংক্রান্ত তথ্যাদি প্রকাশ করে থাকে। এরই ধারাবাহিকতায় সার্ট সাম্প্রতিককালে তথ্য পরিকাঠামোর জন্য ঝুঁকিপূর্ণ কিছু দুর্বলতা (critical vulnerabilities) চিহ্নিত করেছে। এরূপ ঝুঁকিপূর্ণ দুর্বলতাসমূহ ডিজিটাল অবকাঠামো হতে দূরিকরণের মাধ্যমে সম্ভাব্য সাইবার আক্রমন প্রতিহত করা যেতে পারে। Click here to see full details in pdf
The Cyber Threat Intelligence Unit of BGD e-GOV CIRT warns about the ongoing exploitation of two zero-day vulnerabilities in Cisco’s IOS XE Software web UI feature. BGD e-GOV CIRT has recently identified successful exploitation attempts against organizations in Bangladesh. This advisory is directed towards IT teams configuring and managing routers and network switches within their organizations. Download the attachment here
The Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) carries out its primary mission of safeguarding the nation’s cyberspace through proactive management of computer security incidents and related activities. This mission involves close collaboration with international organizations and entities to effectively mitigate risks. Our goal is to maintain a continuous state of vigilance and preparedness, both in anticipation of potential incidents and in response…
August 8, 2023 This report serves as an update to the ‘SITUATIONAL ALERT ON CYBER THREATS’ issued on 4th August. It provides an Indicator of Compromise (IOC) list which organizations may use for their preventive security measures. For the full document click here
In the advent of EID holidays, Bangladesh Government’s Computer Incident Response Team (BGD e–Gov CIRT) would like to assure the security of the critical information infrastructures (CII), banks andfinancial institutions, health care and all sorts of government and private organizations by sharing alist of top threats to be vigilant for any suspicious activities in their infrastructure to prevent any sortof intrusion or disruption to their…
Password Policy best practices Create a strong, complex and long password. Use multi-factor authentication for login where possible. Avoid save password in browser. Generic best practices Do not install additional software or server roles on DCs Implement patch management. Use secure DNS services to block malicious domains Ensure business continuity plan (BCP). Use security baselines and benchmarks. Inform and educate users about cyber threats and…
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. The company discovered the attackers breached the account on October 14 when GitHub notified it of suspicious activity that started one day before the alert was sent. “To date, our investigation has found that the code…
Attack infoFirst seen 2022-09-24 • Last seen 2022-10-19On October 19, 2022, Socradar announced a vulnerability they discovered in several misconfiguredMicrosoft AWS servers. They also announced the launch of the BlueBleed service, which contains datadownloaded from several misconfigured Microsoft AWS servers.Link to the Socradar announcement – hxxps://socradar[.]io/sensitive-data-of-65000-entities-in-111-countries-leaked-due-to-a-single-misconfigured-data-bucket/ The exposed files in the misconfigured bucket include; POE documents,SOW documents,Invoices,Product orders,Product offers,Project details,Signed customer documents,POC (Proof of Concept)…
A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets. Ducktail phishing campaigns were first revealed by researchers from WithSecure in July 2022, who linked the attacks to Vietnamese hackers. Those campaigns relied on social engineering attacks through LinkedIn, pushing .NET Core malware masquerading as a PDF document supposedly containing details about a marketing…
A recent malicious campaign delivering Magniber ransomware has been targeting Windows home users with fake security updates. Threat actors created in September websites that promoted fake antivirus and security updates for Windows 10. The downloaded malicious files (ZIP archives) contained JavaScript that initiated an intricate infection with the file-encrypting malware. A report from HP’s threat intelligence team notes that Magniber ransomware operators demanded payment of up to $2,500…
Vulnerability DescriptionAn issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation…
licious cyber actors continue to exploit known vulnerabilities and use publicly available tools to target networks of interest. Remote code execution (RCE) attacks allow an attacker to remotely execute malicious code on a computer. The impact of an RCE vulnerability can range from malware execution to an attacker gaining full control over a compromised machine. RCE vulnerabilities are some of the most risky and high-impact…
A new cyber espionage threat group that has been previously unknown named Worok and has been observed using undocumented tools targeting private and local government entities mostly in Asia. Based on the report by ESET, the group has been active for at least 2020 and observed a significant break in operation from 2021-05 to 2022-01, but in 2022-02, their operation resumed, targeting an energy company, and a public…
An authentication bypass using an alternate path or channel vulnerability [CWE-288] in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. Exploitation Status: Fortinet recommends immediately validating systems against the following indicator of compromise in the device’s logs:user=”Local_Process_Access” Affected ProductsFortiOS version 7.2.0 through 7.2.1FortiOS version 7.0.0 through 7.0.6FortiProxy version 7.2.0FortiProxy version…
The tech giant has uncovered more than 400 malicious Android and iOS apps this year which steal usernames and passwords. 45 out of the 400 apps it found were on iOS, while the rest were on Android. They masquerade themselves as popular services like photo editors, games and VPNs to trick people into downloading them. How do these malicious apps work? Apart from displaying fun…
Microsoft has confirmed that two reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019. The first one, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, and the second one, identified as CVE-2022-41082, allows Remote Code Execution (RCE) when PowerShell is accessible to the attacker. From the note Microsoft added, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. It should…
Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising “numerous” organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday. ZINC—Microsoft’s name for a threat actor group also called Lazarus, which is best known for conducting the devastating 2014 compromise of Sony Pictures Entertainment—has been…
Microsoft confirmed it is investigating two zero days affecting its Exchange Server software late Thursday following a report from Vietnamese cybersecurity firm GTSC that the vulnerabilities are being exploited in the wild. GTSC said it discovered the issues in August while doing security incident monitoring and response, then reported the issue to Microsoft’s Zero Day Initiative, which confirmed the bugs. The attacks GTSC reported chain together the two vulnerabilities. …
Sophos warned today that a critical code injection security vulnerability in the company’s Firewall product is being exploited in the wild. “Sophos has observed this vulnerability being used to target a small set of specific organizations, primarily in the South Asia region,” the security software and hardware vendor warned. “We have informed each of these organizations directly. Sophos will provide further details as we continue…
Executive Summary SentinelLabs researchers uncovered a never-before-seen advanced threat actor we’ve dubbed ‘Metador’. Metador primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures in the presence of security solutions. Metador’s attack chains are designed to bypass native security…
A number of firmware security flaws uncovered in HP’s business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure. Binarly, which first revealed details of the issues at the Black Hat USA conference in mid-August 2022, said the vulnerabilities “can’t be detected by firmware integrity monitoring systems due to limitations of the Trusted Platform Module (TPM) measurement.” Firmware flaws can have serious implications…
Cybercrime Activities At A Glance Introduction The Aviation industry is a critical, strategic, and economically important sector for any nation. The pandemic-struck industry has started showing signs of gradual recovery after two years of volatility, however, attaining the pre-COVID global travel figures seems still farfetched until mid-2023. Amidst epidemic chaos, the Aviation industry steered itself towards embracing technology to reduce human dependence and make a…
Global Critical Infrastructure Potentially Vulnerable To Reflected Amplification-Based Denial-Of-Service (RDoS) Attacks Introduction Over the past few weeks, Cyble Research & Intelligence Labs has observed the active exploitation of a recently discovered vulnerability found in the Palo Alto Networks’ PAN-OS operating system that runs the firewalls and could allows a remote Threat Actor (TA) to conduct reflected and amplified TCP denial-of-service (RDoS) attacks against the their…
Cyble Research and Intelligence Labs (CRIL) has been tracking the activities of various Android Banking Trojans such as Hydra, Ermac, and Amextroll, amongst several others. During a routine threat-hunting exercise, we came across a Twitter post where a researcher mentioned a malware sample. After an in-depth analysis, the malware was identified as a new Android Banking Trojan variant targeting over 40 applications from Peru. The Threat Actor (TA) uses the…
Technical Details Note: this advisory uses the MITRE ATT&CK® for Enterprise framework, version 11. See MITRE ATT&CK for Enterprise for all referenced tactics and techniques. Zeppelin ransomware is a derivative of the Delphi-based Vega malware family and functions as a Ransomware as a Service (RaaS). From 2019 through at least June 2022, actors have used this malware to target a wide range of businesses and critical infrastructure…
An authentication bypass Zimbra security vulnerability is actively exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide.According to threat intelligence firm Volexity, attackers have been abusing a ZCS remote code execution flaw tracked as CVE-2022-27925 requiring authentication with the help of an auth bypass bug (tracked as CVE-2022-37042). Description: CVE-2022-27925: Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP…
Description:kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Impact: A local attacker may exploit this issue to gain elevated root privileges on the affected system. Mitigation: Updates…
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CVE-2022-30190, also known as “Follina” — the RCE vulnerability in the Microsoft Windows Support Diagnostic Tool that was disclosed in late May and exploited in the wild — has now received patches for affected Windows systems. While Microsoft had…
Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute maliciously PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. Workarounds: In Microsoft Defender’s Attack Surface Reduction (ASR) activating the rule “Block all Office applications from creating child processes” in Block mode will prevent this from being exploited.[https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-all-office-applications-from-creating-child-processes] Disable the MSDT URL Protocol….
CVE-2022-1388: On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Impact: This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands,…
DESCRIPTION: Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution. SYSTEM AFFECTED: * Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite, version 3.6 * Application Performance Management, versions 13.4.1.0, 13.5.1.0 * Big Data Spatial and Graph, versions prior to 23.1 * Enterprise Manager Base Platform, versions 13.4.0.0, 13.5.0.0 * Enterprise Manager Ops Center, version 12.4.0.0 * Fujitsu…
DESCRIPTION: Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR), and Thunderbird, the most severe of which could allow for arbitrary code execution. * Mozilla Firefox is a web browser used to access the Internet. * Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. * Mozilla Thunderbird is an email client. Successful…
DESCRIPTION: Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for escalation of privilege. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for escalation of privilege. Depending on the privileges associated with…
DESCRIPTION: Multiple vulnerabilities have been discovered in Cisco Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to execute code on the affected systems. Depending on the privileges associated with the targeted user, an attacker could then install programs; view, change, or delete data; or create new…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe products, themost severe of which could allow for Arbitrary Code Execution. * Premiere Rush is a video editor.* Illustrator is a vector graphics editor and design program.* Photoshop is a graphics editor.* Adobe After Effects is a digital visual effects, motion graphics, andcompositing application.* Creative Cloud is a cloud service provided by Adobe where its softwarecan be accessed…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:A vulnerability has been discovered in Samba which could allow forarbitrary code execution. Samba is the standard Windows interoperabilitysuite of programs for Linux and Unix. Successful exploitation of thisvulnerability could result in arbitrary code execution as root onaffected Samba installations that use the VFS module vfs_fruit.Depending on the permission associated with the application running theexploit, an attacker could then install programs; view, change, ordelete data….
DESCRIPTION:A backdoor has been discovered in WordPress AccessPress plugins andthemes, which could allow an attacker access to a targeted website.AccessPress plugins and themes are used to provide website functionalityand design options to website administrators. Successful exploitation ofthis backdoor could allow an attacker to redirect users to malicioussites as well as access to the vulnerable website. SYSTEM AFFECTED:* accesspress-anonymous-post 2.8.0* accesspress-custom-css 2.0.1* ** accesspress-custom-post-type 1.0.8* accesspress-facebook-auto-post…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Products, themost severe of which could allow for arbitrary code execution.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to execute code on theaffected systems. Depending on the privileges associated with thetargeted user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Usersconfigured to…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system for iPads.* macOS Monterey is the 18th and current major release of macOS.* macOS Big Sur…
DESCRIPTION:Multiple vulnerabilities in SonicWall SMA 100 Series could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution. The SonicWall SMA 100 Series is a unified secure access gateway that enables organizations to provide access to any application, anytime, from anywhere, and any devices, including managed and unmanaged. Depending on the privileges associated with the application, an attacker could…
DESCRIPTION:A vulnerability in Polkit’s pkexec component could allow for localprivilege escalation. Polkit (formerly PolicyKit) is a component forcontrolling system-wide privileges in Unix-like operating systems. Itprovides an organized way for non-privileged processes to communicatewith privileged ones. Polkit is installed by default on all major Linuxdistributions. Successful exploitation of this vulnerability couldresult in privilege escalation to root privileges. IMPACT:A vulnerability in Polkit ‘s pkexec component could allow…
DESCRIPTION:A vulnerability has been discovered in F5Networks BIG-IP, which couldresult in a denial-of-service (DoS). BIG-IP is a family of productscovering software and hardware designed around application availability,access control, and security solutions. Successful exploitation of thisvulnerability could allow an attacker to cause a denial of service toall servers sitting behind the BIG-IP system. IMPACT:A vulnerability has been discovered in F5Networks BIG-IP, which couldresult in a denial-of-service…
CVE SummaryCVE Base Score: 9.8 CRITICAL (CVSS:3.1)CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS v3.1 Severity and MetricsBase Score: 9.8 CRITICALVector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HImpact Score: 5.9Exploitability Score: 3.9Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope(S): UnchangedConfidentiality(C): HighIntegrity (I): HighAvailability (A): High CVE Released: Jan 11, 2022, Last updated: Jan 12, 2022 Description:This vulnerability concerns the HTTP stack (http.sys) used in listening to process HTTP requests on…
DESCRIPTION:A vulnerability has been discovered in Citrix Workspace App for Linux, avirtual desktop application. Successful exploitation of thisvulnerability could allow for local privilege escalation. A privilegeescalation enables the attacker to obtain root privileges within thesystem which will enable them to install programs; view, change, ordelete data; or create new accounts with full user rights. IMPACT:A vulnerability has been discovered in Citrix Workspace App for Linux,…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe products, themost severe of which could allow for Arbitrary Code Execution. * Acrobat and Reader is a family of application software and Webservices mainly used to create, view, and edit PDF documents.* Illustrator is a vector graphics editor and design program.* Bridge is a digital asset management application.* Adobe InCopy is a professional word processor.* InDesign is an…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in Distributed DataSystems WebHMI, the most severe of which could allow for arbitrary codeexecution. Distributed Data Systems WebHMI is a SCADA system with abuilt-in web server that allows you to monitor and control anyautomation system on the local network and via the Internet from yourcomputer and mobile devices. Successful exploitation of the most severeof these vulnerabilities could allow an administrator…
DESCRIPTION:A vulnerability has been discovered in HP FutureSmart that could allowfor arbitrary code execution. HP FutureSmart is a piece of systemfirmware that is used on all HP Enterprise devices. Successfulexploitation of this vulnerability could allow for arbitrary codeexecution within the context of the affected application. Depending onthe privileges associated with this application, an attacker could theninstall programs; view, change, or delete data; or create new…
DESCRIPTION:A vulnerability has been discovered in multiple NETGEAR products, whichcould allow for arbitrary code execution. Successful exploitation ofthis vulnerability could allow for arbitrary code execution in thecontext of the root user. An attacker could then install programs; view,change, or delete data; or create new accounts with full user rights. IMPACT: RIMM researchers are reported to have an exploit capable ofcompromising fully patched devices that are running…
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR), and Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in largeorganizations. Mozilla Thunderbird is an email client. Successful exploitation of the most severe…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including theiPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* macOS Monterey is the 18th and current major release of macOS.* macOS Big Sur is the 17th…
DESCRIPTION:Multiple vulnerabilities in SonicWall SMA 100 Series could allow forarbitrary code execution. Successful exploitation of thesevulnerabilities could allow for arbitrary code execution. The SonicWallSMA 100 Series is a unified secure access gateway that enablesorganizations to provide access to any application, anytime, fromanywhere and any devices, including managed and unmanaged. Depending onthe privileges associated with the application, an attacker could theninstall programs; view, change, or delete…
CVE-2021-44832 (CVSS score: 6.6 MEDIUM) – Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE)attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URIwhich can execute remote code. This issue is fixed by limiting…
DESCRIPTION:Multiple vulnerabilities have been discovered in SiemensSolid Edge, themost severe of which could allow an attacker to cause an arbitrary codeexecution. Siemens Edge is a portfolio of software tools that addressesvarious product development processes: 3D design, simulation,manufacturing and design management. Successful exploitation of the mostsevere of these vulnerabilities could allow for arbitrary codeexecution. Depending on the privileges associated with the user, anattacker could then view…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in iCloud for WindowsCould Allow for Arbitrary Code Execution. iCloud for Windows is a cloudstorage and cloud computing service. Successful exploitation of thesevulnerabilities could result in arbitrary code execution within thecontext of the application, an attacker gaining the same privileges asthe logged-on user, or the bypassing of security restrictions. Dependingon the permission associated with the application running the exploit,an attacker…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including theiPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* macOS Monterey is the 18th and current major release of macOS.* macOS Big Sur is the 17th…
DESCRIPTION:The Apache Software Foundation has released Apache HTTP Server 2.4.52.Reference:https://downloads.apache.org/httpd/Announcement2.4.html CVE-2021-44790 (CVSS score: 9.8- CRITICAL) -A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).The Apache httpd team is not aware of an exploit for the vulnerability though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. CVE-2021-44224…
DESCRIPTION:A vulnerability has been discovered in Fortinet FortiWeb that couldallow for arbitrary code execution. Fortinet FortiWeb is a firewall forweb applications, which provides threat protection for medium and largeenterprises. Successful exploitation of this vulnerability could allowfor arbitrary code execution within the context of the affectedapplication. Depending on the privileges associated with thisapplication, an attacker could then install programs; view, change, ordelete data; or create new…
DESCRIPTION:A vulnerability has been discovered in Mozilla’s Network SecurityServices (NSS), a set of cryptography libraries used to handlesignatures and certification validation. Successful exploitation of thisthe vulnerability could allow for arbitrary code execution within thecontext of the affected application, which could be either a client likeThunderbird or server like Apache webserver. Depending on the privilegesassociated with this application, an attacker could then installprograms; view, change, or…
Log4j is an open-source logging framework developed by the Apache Foundation which is incorporated into many Java-based applications on both servers and end-user systems.A series of vulnerabilities in the popular Java-based logging library Log4j is under active exploitation by multiple threat actors. The current list of vulnerabilities and recommended fixes are listed here: CVE-2021-44228 (CVSS score: 10.0- CRITICAL) – Apache Log4j2 JNDI features do not…
DESCRIPTION:Multiple vulnerabilities have been identified in Mozilla Thunderbird,the most severe of which could allow for arbitrary code execution.Mozilla Thunderbird is an email client. Successful exploitation of themost severe of these vulnerabilities could allow for arbitrary codeexecution. Depending on the privileges associated with the user, anattacker could then install programs; view, change, or delete data; orcreate new accounts with full user rights. Users whose accounts areconfigured…
DESCRIPTION:A vulnerability has been discovered in SonicWall SMA100 Series thatcould allow for arbitrary file deletion. The SonicWall SMA 100 Series isa unified secure access gateway that enables organizations to provideaccess to any application, anytime, from anywhere, and any devices,including managed and unmanaged. Successful exploitation of thisvulnerability could result in arbitrary file deletion which enables anattacker to reboot the device to factory default settings. Afterward,this could…
Description: Apache Log4j2 <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. In previous releases (>2.10)…
CYBER THREAT ALERT Cyber Threat Intelligence unit of BGD e-GOV CIRT recently observed a series of malicious and suspicious activities, organized by an unknown APT group named APT-C-61, which was being observed starting in mid-2021. In primary observation, till now the target was important organizations such as national institutions, military industry, and scientific research institutions of Pakistan and Bangladesh to steal classified information. Details are…
Description: A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. The CVE-2020-0951 vulnerability affects both PowerShell 7 and PowerShell 7.1 versions.To check the PowerShell version you are running and determine if you are vulnerable to attacks…
Description: An Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection may send credentials in plain text on non-Windows Operating systems. CVE-2021-41355 impacts users of PowerShell 7.1.To check the PowerShell version you are running and determine if you are vulnerable to attacks exploiting these two bugs, you can execute the pwsh -v command from a Command Prompt. Mitigations: Admins are advised to install the updated PowerShell…
DESCRIPTION:A vulnerability has been discovered in Microsoft MSHTML, which couldallow for remote code execution. MSHTML (also known as Trident) is theengine used for Internet Explorer. It is also used by Microsoft Officeapplications for rendering web based content. Successful exploitation ofthis vulnerability could result in remote code execution in the contextof the affected user. Depending on the privileges associated with theuser, an attacker could view, change,…
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox,Firefox Extended Support Release (ESR), and Thunderbird, the most severeof which could allow for arbitrary code execution. Mozilla Firefox is aweb browser used to access the Internet. Mozilla Firefox ESR is aversion of the web browser intended to be deployed in largeorganizations. Successful exploitation of these vulnerabilities couldallow for arbitrary code execution. Depending on the privilegesassociated with the…
DESCRIPTION:A vulnerability has been discovered in Confluence Server and DataCenter, which could allow for arbitrary code execution. Confluence is awiki tool used to help teams collaborate and share knowledgeefficiently. Successful exploitation of this vulnerability could allowan unauthenticated user to execute arbitrary code on a Confluence Serveror Data Center instance. Depending on the privileges associated with theinstance, an attacker could view, change, or delete data. IMPACT:US…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis…
Apple has released security updates to address vulnerabilities—CVE-2021-30858 and CVE-2021-30860—in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA is aware of public reporting that these vulnerabilities may have been exploited in the wild. CISA encourages users and administrators to review the security update pages for the following products and apply the necessary updates. macOS Big Sur 11.6…
DESCRIPTION:A vulnerability has been discovered in Confluence Server and DataCenter, which could allow for arbitrary code execution. Confluence is awiki tool used to help teams collaborate and share knowledgeefficiently. Successful exploitation of this vulnerability could allowan unauthenticated user to execute arbitrary code on a Confluence Serveror Data Center instance. Depending on the privileges associated with theinstance, an attacker could view, change, or delete data. IMPACT:A…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Media Encoder,Adobe Bridge, Adobe Photoshop, Adobe XMP Toolkit SDK, and AdobeCaptivate, the most severe of which could allow for arbitrary codeexecution. * Adobe Media Encoder is software that provides media content over theinternet* Adobe Bridge is a digital asset management application* Adobe Photoshop is a graphics editor* Adobe XMP Toolkit SDK is a development kit for Adobe’s ExtensibleMetadata…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis…
DESCRIPTION:Multiple vulnerabilities have been discovered in Rockwell AutomationISaGRAF5 Runtime, the most severe of which could allow for remote codeexecution. These affected Industrial Control System (ICS) products areused across several sectors, including chemical, critical manufacturing,food and agriculture, water and wastewater systems and others.Successful exploitation of the most severe of these vulnerabilitiescould allow an attacker to perform remote code execution on the affecteddevice. IMPACT:Multiple vulnerabilities have been…
DESCRIPTION:A vulnerability has been discovered in macOS Big Sur, iOS and iPadOS,which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including theiPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* macOS Big Sur is the 17th and current major release of macOS. Successful exploitation of this vulnerability…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Oracle products, whichcould allow for remote code execution. SYSTEM AFFECTED:* Oracle Database Server, versions 12.1.0.2, 19c* Big Data Spatial and Graph, versions prior to 2.0, prior to 23.1* Essbase, version 21.2* Essbase Analytic Provider Services, versions 11.1.2.4, 21.2* Hyperion Essbase Administration Services, versions 11.1.2.4, 21.2* Oracle Commerce Guided Search / Oracle Commerce Experience Manager,version 11.3.1.5* Oracle Communications Billing and…
DESCRIPTION:A vulnerability has been discovered HP, Xerox, and Samsung printerdrivers, which could result in local privilege escalation. A printerdriver is a piece of system software that allows your computer tointeract with your printer. This vulnerability specifically deals withan old printer driver from 2005 called SSPORT.SYS which affects hundredsof millions of devices and millions of users worldwide. Successfullyexploitation of this vulnerability might allow attackers to potentiallyinstall…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:A vulnerability has been discovered in Schneider Electric Modicon PLCs,which could result in remote code execution. A Programmable LogicController, or PLC, is a ruggedized computer used for industrialautomation. These controllers can automate a specific process, machinefunction, or even an entire production line. Successful exploitation ofthis vulnerability could allow for remote code execution within thecontext of a privileged process. Depending on the privileges associatedwith this application,…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Dimension is a 3D rendering and design software.* Illustrator is a vector graphics editor and design program.* Adobe Framemaker is a document processing software used to write andedit large or complex documents.* Acrobat and Reader is a family of application software and Webservices mainly used to…
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox andFirefox Extended Support Release (ESR), the most severe of which couldallow for arbitrary code execution. Mozilla Firefox is a web browserused to access the Internet. Mozilla Firefox ESR is a version of the webbrowser intended to be deployed in large organizations. Successfulexploitation of these vulnerabilities could allow for arbitrary codeexecution. Depending on the privileges associated with the…
Description:A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain.Many organizations utilize Microsoft Active Directory Certificate Services, which is a public key infrastructure (PKI) server that can be used to authenticate users, services, and machines on a Windows domain.PetitPotam’ that performs an NTLM relay attack that does not rely…
Description:fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. Impact: Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Mitigation: Updates are available. Please see the references or vendor advisory for…
An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database.An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have the ability to execute…
DESCRIPTION:A vulnerability has been discovered in SolarWinds Serv-U, which couldresult in remote code execution. SolarWinds Serv-U is an FTP serversoftware for secure file transfer. Successful exploitation of thisvulnerability could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis application, an attacker could then install programs; view, change,or delete data; or create new accounts with full user rights….
DESCRIPTION:Multiple vulnerabilities have been discovered in Kaseya VSA that couldallow for arbitrary code execution. Kaseya VSA is a software used byMSPs to remotely manage networks and endpoints. Successful exploitationof these vulnerabilities could result in arbitrary code execution withinthe context of the application, an attacker gaining the same privilegesas the logged-on user, or the bypassing of security restrictions.Depending on the permission associated with the application running…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow forarbitrary code execution. Android is an operating system developed byGoogle for mobile devices, including, but not limited to, smartphones,tablets, and watches. Successful exploitation of the most severe ofthese vulnerabilities could allow for arbitrary code execution withinthe context of a privileged process. Depending on the privilegesassociated with this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged-on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted than…
Description:Eclypsium researchers have identified multiple vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS.This chain of vulnerabilities has a cumulative CVSS score of 8.3 (High) because it allows a privileged network adversary to impersonate Dell.com andgain arbitrary code execution at the BIOS/UEFI level of the affected device. Such an attack would enable adversaries to control the device’s boot process andsubvert the operating system and higher-layer…
Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch is incomplete and the vulnerability can still be locally exploited to gain SYSTEM privileges. The remote code execution bug (tracked as CVE-2021-34527) allows attackers to take over affected servers via remote code execution (RCE) with SYSTEM…
Description:It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user.This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to dataconfidentiality and integrity as well as system availability. Impact:The vulnerability enables an unprivileged local…
Description:A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change or delete data;or create new accounts with full user rights.An attack must involve an authenticated user calling RpcAddPrinterDriverEx(). Impact:This remote code execution (RCE) CVE-2021-34527 impacts all versions…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple iOS that couldallow for arbitrary code execution. iOS is a mobile operating system formobile devices, including the iPhone, iPad, and iPod touch. Successfulexploitation of these vulnerabilities could result in arbitrary codeexecution within the context of the application, an attacker gaining thesame privileges as the logged-on user, or the bypassing of securityrestrictions. Depending on the permission associated with theapplication…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Connect is a suite of software for remote training, web conferencing,presentation, and desktop sharing.* Acrobat and Reader is a family of application software and Webservices mainly used to create, view, and edit PDF documents.* Experience Manager is a content management solution for buildingwebsites, mobile apps, and…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:There are six zero-day vulnerabilities that Microsoft has tracked asbeing actively exploited which include CVE-2021-33742, CVE-2021-33739,CVE-2021-31199, CVE-2021-31201, CVE-2021-31955 and CVE-2021-31956. IMPACT:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution. A full list of all vulnerabilities can be found at the link below:https://msrc.microsoft.com/update-guide/en-us Successful exploitation of the most severe of these vulnerabilitiescould result in an attacker gaining…
DESCRIPTION:Multiple vulnerabilities have been discovered in SAP products, the mostsevere of which could allow for remote code execution. SAP is a softwarecompany which creates software to manage business operations andcustomer relations. Successful exploitation of the most severe of thesevulnerabilities could allow an unauthenticated, remote attacker toexecute code on the affected systems. Depending on the privilegesassociated with the application, an attacker could then installprograms; view, change,…
DESCRIPTION:Threat intelligence firm Bad Packets has reported that hackers areactively scanning the Internet for VMware vCenter servers vulnerableagainst a critical RCE flaw recently fixed by VMware. IMPACT:Multiple vulnerabilities have been discovered in VMware vCenter Server,which could result in remote code execution. Details of thesevulnerabilities are as follows: * A remote code execution vulnerability in vCenter Server which enablesa malicious actor to execute commands with unrestricted…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Webex NetworkRecording Player and Cisco Webex Player that could allow for arbitrarycode execution. The Webex meeting service is a hosted multimediaconferencing solution that is managed and maintained by Cisco Webex. TheWebex Network Recording Player is an application that is used to convertWebex recording files to standard formats such as Windows Media Video,Flash or MP4. The Webex Player is…
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox,Firefox Extended Support Release (ESR) and Mozilla Firefox for iOS, themost severe of which could allow for arbitrary code execution. MozillaFirefox is a web browser used to access the Internet. Mozilla FirefoxESR is a version of the web browser intended to be deployed in largeorganizations. Mozilla Firefox for iOS is a web browser used to accessthe Internet on…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in VMware vCenter Server,the most severe of which could allow for remote code execution. VMwarevCenter Server is a centralized management utility for VMware, and isused to manage virtual machines, multiple ESXi hosts, and all dependentcomponents from a single centralized location. Successful exploitationof these vulnerabilities could allow an attacker to execute remote codein context of the user running the application. IMPACT:Multiple…
Description: The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Impacted Products:VMware vCenter Server (vCenter…
Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and tracked by Microsoft since January 2021, evolved over a series of waves demonstrating significant experimentation. On May 25, 2021, the campaign escalated as NOBELIUM leveraged the…
DESCRIPTION:A vulnerability has been discovered in Microsoft Windows JET DatabaseEngine that could allow for arbitrary code execution. Microsoft WindowsJET Database Engine provides data access to various applications such asMicrosoft Access, Microsoft Visual Basic, and third-party applications.Successful exploitation of this vulnerability could result in arbitrarycode execution within the context of the application, an attackergaining the same privileges as the logged-on user, or the bypassing ofsecurity restrictions….
Zeppelin ransomware is also referred to as Buran and has its origin in the Vega/VegaLocker family, a Delphi-based ransomware-as-a-service (RaaS).According to researcher Vitali Kremez, Zeppelin binaries are generated via a GUI wizard by affiliates who then distribute the malware in exchange for revenue sharing. Vega samples were first discovered in the beginning of 2019, being distributed alongside other widespread financial malware as part of a…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Acrobat and Reader is a family of application software and Webservices mainly used to create, view, and edit PDF documents.* Animate is a multimedia authoring computer animation program.* Experience Manager is a content management solution for buildingwebsites, mobile apps, and forms.* InCopy is a professional word…
DESCRIPTION:Multiple vulnerabilities have been discovered in Wi-Fi enabled devices,the most severe of which could allow for data exfiltration. IEEE 802.11is part of the IEEE 802 set of local area network technical standards,and specifies the set of medium access control and physical layerprotocols for implementing wireless local area network communication.Successful exploitation of the most severe of these vulnerabilitiescould allow an attacker to exfiltrate user data. IMPACT:*…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco SD-WAN vManageSoftware, the most severe of which could allow for arbitrary codeexecution. Cisco SD-WAN provides a centralized management interface ofan organization’s WAN including their cloud and data center environment.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to executeadministrative functions and obtain an admin account. An attacker couldthen view, change, or delete data;…
DESCRIPTION:Multiple vulnerabilities have been discovered in Exim, the most severeof which could allow for remote code execution. Exim is a mail transferagent used to deploy mail servers on Unix-like systems. Successfulexploitation of the most severe of these vulnerabilities will enable theattacker to perform command execution as root in the context of the mailserver. An attacker could then install programs; view, change, or deletedata; or create…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco HyperFlex HXsoftware, the most severe of which could allow for arbitrary codeexecution. The Cisco HyperFlex HX Series is Cisco’s a convergedinfrastructure system that integrates computing, networking and storageresources to increase efficiency and enable centralized management. Thisproduct contains a web-based interface which allows user can access tomanage the device. Successful exploitation of the most severe of thesevulnerabilities within the…
DESCRIPTION:A vulnerability has been discovered in HPE Edgeline InfrastructureManager Software that could allow for remote code execution. HPEEdgeline Infrastructure Manager Software was made to aggregate themanagement of Edgeline ComputeDevices. It is delivered as a VirtualMachine image (OVA) targeted at running on VMware ESXi, workstation,orplayer. Edgeline Infrastructure Manager supports discovery, monitoring,and management of EdgelineConverged Edge Systems. Successful exploitation of this vulnerability could result in remotecode execution…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process….
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows: iOS 14.5.1 and iPadOS 14.5.1* A memory corruption issue was addressed with improved state management. (CVE-2021-30665)* An integer overflow was addressed with improved input validation. (CVE-2021-30663) iOS 12.5.3* A buffer overflow issue was addressed with improved memory handling. (CVE-2021-30666)*…
The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. The 21Nails vulnerabilities, if left unpatched, could allow threat actors to take over these systems and then intercept or tamper with email communications passing through the Exim server. 11 issues are local…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * iCloud for Windows is a cloud storage and cloud computing service.* Xcode is an integrated development environment (IDE) for macOS.* Safari is a graphical web browser developed by Apple, based on theWebKit engine.* macOS Big Sur is the 17th and current major release of macOS.* macOS…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities in SonicWall Email Security (ES) could allowfor arbitrary code execution. Successful exploitation of thesevulnerabilities could allow for arbitrary code execution. SonicWallEmail Security (ES) is an email security solution that providescomprehensive inbound and outbound protection, and defends againstadvanced email-borne threats such as ransomware, zero-day threats, spearphishing and business email compromise (BEC). The solution can bedeployed as a physical appliance, virtual appliance, softwareinstallation, or a…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox/FirefoxESR/Thunderbird, the most severe of which could allow for arbitrary codeexecution. Mozilla Firefox is a web browser that is used to access theInternet. Mozilla Firefox ESR is a version of the web browser intendedto be deployed in large organizations. Mozilla Thunderbird is an emailclient. Successful exploitation of these vulnerabilities could allow forarbitrary code execution. Depending on the privileges…
DESCRIPTION:A vulnerability has been discovered in Pulse Connect Secure VPN thatcould allow for remote code execution. Pulse Connect Secure VPN providesTLS and mobile VPN solutions. Successful exploitation of thisvulnerability could allow for remote code execution. Depending on theprivileges associated with the application, an attacker could theninstall programs; view, change, or delete data; or create new accountswith full user rights. Applications that are configured to have…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in ArubaNetwork’s ArubaOSand SD-WAN, which could result in arbitrary code execution. Aruba (aHewlett Packard Enterprise company) is the worldwide second-largestenterprise WLAN vendor after Cisco. ArubaOS is its WLAN controllersystem for automating WLAN management, and SD-WAN (software defined WAN)is its cloud-oriented WAN orchestration system. Successful exploitationof these vulnerabilities could allow an attacker to execute arbitrarycode in context of the user running…
DESCRIPTION:A vulnerability has been discovered in Juniper Junos OS that could allowfor remote code execution. Junos OS is a single network operating systemproviding a common language across Juniper’s routing, switching andsecurity devices. This vulnerability specifically affects the overlaydservice of Juniper Networks Junos OS. The overlayd daemon handlesOverlay OAM packets, such as ping and traceroute, sent to the overlay.The service runs as root by default and…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
Window Manager vulnerability Description:CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). Due to the lack of bounds checking, attackers are able to create a situation that allows them to write controlled data at a controlled offset using DirectComposition API. Impact:It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits…
Description:CVE-2021-25296Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.Mitigation:Upgrade the Windows WMI config wizard from Admin > Manage Config Wizards to version 2.2.3 or above. CVE-2021-25297Nagios XI version xi-5.7.5 is affected by…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted…
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Photoshop is Adobe’s flagship image editing software.* Digital Editions is an e-book reader software program.* Bridge is a free digital asset management app. It is a mandatorycomponent of Adobe Creative Suite, Adobe eLearning Suite, AdobeTechnical Communication Suite and Adobe Photoshop CS2 through CS6.* RoboHelp is a…
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox,Firefox Extended Support Release (ESR) and Mozilla Thunderbird, the mostsevere of which could allow for arbitrary code execution. MozillaFirefox is a web browser used to access the Internet. Mozilla FirefoxESR is a version of the web browser intended to be deployed in largeorganizations. Mozilla Thunderbird is an email client. Successfulexploitation of these vulnerabilities could allow for arbitrary codeexecution….
DESCRIPTION:A vulnerability has been discovered in WebKit GTK and WPE WebKit whichcould allow for arbitrary code execution. * WebKitGTK is a full-featured port of the WebKit rendering engine,suitable for projects requiring any kind of web integration, from hybridHTML/CSS applications to full-fledged web browsers.* WPE is the reference WebKit port for embedded and low-consumptioncomputer devices. Successful exploitation of this vulnerability could allow for arbitrarycode execution. Depending…
Security researchers have found over 500,000 Huawei smartphone users have downloaded applications tainted with the Joker malware that unwittingly subscribes users to premium mobile services. A report from antivirus maker Doctor Web notes that the malicious apps retained their advertised functionality but downloaded components that subscribed users to premium mobile services. To keep users in the dark the infected apps requested access to notifications, which…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft ExchangeServer (on premises version) , the most severe of which could allow forarbitrary code execution. Microsoft Exchange Server is a mail serverused to run and manage an organization’s email services. Successfulexploitation of the most severe of these vulnerabilities could allow anattacker to execute arbitrary code in the context of the mail server.Depending on the privileges associated with the…
DESCRIPTION:A vulnerability has been discovered in Adobe ColdFusion, which couldallow for arbitrary code execution. Adobe ColdFusion is a webapplication development platform. Successful exploitation of thisvulnerability could result in an attacker executing arbitrary code inthe context of the affected application. Depending on the privilegesassociated with the application, an attacker could then installprograms; view, change, or delete data; or create new accounts with fulluser rights. Applications that…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco RV series smallbusiness routers, the most severe of which could allow for arbitrarycode execution. The Cisco RV series routers are recommended forconnecting your small business’ internal network devices to each other.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to execute arbitrarycode on the affected systems. IMPACT:Multiple vulnerabilities have been discovered in Cisco…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
Short Description: Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. The vulnerabilities recently being exploited were CVE-2021-26855, CVE-2021-26857,…
Short Description: Hangover threat group (aka Neon, Viceroy Tiger, MONSOON) carrying out targeted cyberattacks deploying BackConfig malware attacks against government and military organizations in South Asia including Bangladesh. Hangover Group is a cyberespionage group that was first observed in December 2013 carrying on a cyberattack against a telecom corporation in Norway. The Hangover Group’s initial vector of compromise is to carry out spear-phishing campaigns. The…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco SD-WAN vManageSoftware, the most severe of which could allow for arbitrary codeexecution. Cisco SD-WAN provides a centralized management interface ofan organization’s WAN including their cloud and data center environment.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to execute code on theaffected systems. Depending on the privileges associated with theapplication, an attacker could…
Transparent Tribe (also known as PROJECTM and MYTHIC LEOPARD) is a very prolific group that is well-known in the cybersecurity industry for its massive espionage campaigns. The APT group Transparent Tribe is mounting an ongoing cyberespionage campaign, researchers said, which is aimed at military and diplomatic targets around the world. Transparent Tribe mainly relies on both spear phishing and watering hole attacks to gain its…
Threat actor group “ALTDOS” operate by accessing and exfiltrating companies databases and have focus mainly on South-East Asia including Bangladesh.“ALTDOS” is known to extort companies for ransom for the data exfiltrated. Not much is known about this group, other than the breach reports. Target sectors: Financial-services,retail,communications,construction,energy,pharmaceuticals,telecommunications External Reference relared to “ALTDOS” threat actor:https://www.databreaches.net/thai-media-and-content-conglomerate-mono-next-public-company-hit-by-altdos-hackers/https://www.databreaches.net/thai-securities-trading-firm-goes-offline-after-cyberattack/
DESCRIPTION:Multiple vulnerabilities have been discovered in VMware vRealizeOperations Manager, which could result in remote code execution. VMwarevRealize Operations Manager is an IT management platform which enablesvisibility, optimization and management of an organization’s physical,virtual and cloud infrastructure. This software comes within an APIwhich enables developers to build vRealize Operations Manager clients tocommunicate with the server over HTTP. Successful exploitation of thesevulnerabilities could allow an attacker to…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Jabber the mostsevere of which could allow for arbitrary code execution. Cisco Jabberprovides instant messaging (IM), voice, video, voice messaging, desktopsharing, and conferencing on any device. Successful exploitation of themost severe of these vulnerabilities could allow an unauthenticated,remote attacker to execute code on the affected systems. Depending onthe privileges associated with the application, an attacker could theninstall programs;…
DESCRIPTION:Multiple vulnerabilities have been discovered in F5 products, the mostsevere of which could allow for remote code execution. * BIG-IP and BIG-IP Advanced WAF/ASM are a family of products coveringsoftware and hardware designed around application availability, accesscontrol, and security solutions.* BIG-IQ enables administrators to centrally manage BIG-IPinfrastructure across the IT landscape. It discovers, tracks, manages,and monitors physical and virtual BIG-IP devices – in the cloud,…
DESCRIPTION:Multiple vulnerabilities have been discovered in ArubaNetwork’s InstantAccess Point that could allow for arbitrary code execution. Aruba (aHewlett Packard Enterprise company) is the worldwide second-largestenterprise WLAN vendor. ArubaNetworks Instant Access Point is Wi-Fihardware which virtualizes Aruba Mobility Controller capabilities on802.11 access points (APs). Successful exploitation of thesevulnerabilities could allow an attacker to execute arbitrary code incontext of the user running the application. Depending on the…
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has identified extensive targeting, and has confirmed compromises, of Australian organisations with vulnerable Microsoft Exchange deployments. The ACSC is assisting affected organisations with their incident response and remediation. The ACSC has identified a large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC urges these…
Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices. “This dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect detection, completes the…
A new research has yielded yet another means to pilfer sensitive data by exploiting what’s the first “on-chip, cross-core” side-channel in Intel Coffee Lake and Skylake processors. Published by a group of academics from the University of Illinois at Urbana-Champaign, the findings are expected to be presented at the USENIX Security Symposium coming this August. While information leakage attacks targeting the CPU microarchitecture have been previously demonstrated…
Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content. Tracked as CVE-2021-1844, the vulnerability was discovered and reported to the company by Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research. According to the update notes posted…
Microsoft has released emergency out-of-band security updates thataddress four zero-day issues (CVE-2021-26855, CVE-2021-26857,CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchangeversions that are actively exploited in the wild. Researchers at the MS Exchange Server team have released a script thatcould be used by administrators to check if their installs arevulnerable to the recently disclosed vulnerabilities. Microsoft released the tool as open-source on GitHub, it can be…
DESCRIPTION:Multiple vulnerabilities have been discovered in SolarWinds Orion andServU-FTP, the most severe of which could allow for remote code execution. * SolarWinds Orion provides centralized monitoring across anorganization’s entire IT stack.* ServU-FTP is a multi-protocol file server capable of sending andreceiving files from other networked computers through various means. Successful exploitation of the most severe of these vulnerabilitiescould result in remote code execution that allows…
DESCRIPTION:A vulnerability has been discovered in the SonicWall SMA 100 Series,which could allow for SQL injection. The SonicWall SMA 100 Series is aunified secure access gateway that enables organizations to provideaccess to any application, anytime, from anywhere and any devices,including managed and unmanaged. Successful exploitation of thisvulnerability could result in SQL injection, which enables the retrievalof admin credentials. Afterwards, this retrieval can pivot into aremote-code…
I. Targeted Software Docker Kubernetes Amazon Web Services (AWS) Microsoft Azure Google Cloud II. Introduction A hacking group referred to as “TeamTNT” has been active within the previous 8 months. In the summer of 2020, security researches identified TeamTNT as the group behind a crypto-mining malware capable of stealing local credentials and Amazon Web Services (AWS) login details.[2] TeamTNT had been targeting Docker and Kubernetes.[2]…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco VPN Routers, themost severe of which could allow for arbitrary code execution as theroot user of an affected device. These VPN routers are often used toconnect hosts via the router hardware as opposed to individualinstallations on each device. Successful exploitation of the most severe of these vulnerabilitiescould allow for arbitrary code execution in the context of the root…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * tvOS is an operating system for the fourth-generation Apple TV digitalmedia player.* watchOS is the mobile operating system for the Apple Watch and isbased on the iOS operating system.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* iOS is a…
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis…
DESCRIPTION:A vulnerability has been discovered in GNU Libgcrypt, which could allowfor arbitrary code execution. Libgcrypt is a generic cryptographiclibrary offered as part of GNU Privacy Guard (GnuPG) software suite toprovide building blocks for carrying out cryptographic tasks such asencrypting and signing data and communications. It is shipped with mostLinux distributions including Ubuntu and Fedora. Successful exploitationof this vulnerability could result in arbitrary code execution in…
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * tvOS is an operating system for the fourth-generation Apple TV digitalmedia player.* watchOS is the mobile operating system for the Apple Watch and isbased on the iOS operating system.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* iOS is a…
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco’s SD-WAN, DNACenter, and Smart Software Manager Satellite products, the most severeof which could allow for arbitrary code execution with system privileges. * SD-WAN is used for cloud-based network architecture* DNA Center is a management platform for the Digital NetworkArchitecture product* Smart Software Manager is an enterprise product activation key/licensemanager Successful exploitation of the most severe of these vulnerabilitiescould…
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this…
IMPACT:Multiple vulnerabilities have been discovered in Oracle products, whichcould allow for remote code execution. SYSTEM AFFECTED:* Business Intelligence Enterprise Edition, versions 5.5.0.0.0,11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0* Enterprise Manager Base Platform, versions 13.2.1.0, 13.3.0.0, 13.4.0.0* Enterprise Manager for Fusion Applications, version 13.3.0.0* Enterprise Manager Ops Center, version 12.4.0.0* Hyperion Financial Reporting, version 11.1.2.4* Hyperion Infrastructure Technology, version 11.1.2.4* Instantis EnterpriseTrack, versions 17.1-17.3* JD Edwards EnterpriseOne Orchestrator, versions prior to…
DESCRIPTIONSudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character: IMPACTA heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user (users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to…
DESCRIPTION:Multiple vulnerabilities have been discovered in Siemens’ Solid Edge,the most severe of which could allow for arbitrary code execution in thecontext of the system process. Solid Edge is used for designing andviewing 2D and 3D models. Depending on the privileges associated withthe application, an attacker could view, change, or delete data. If thisapplication has been configured to have fewer user rights on the system,exploitation of…
DESCRIPTION:Multiple vulnerabilities have been discovered in Siemens’ JT2Go andTeamcenter Visualization products, the most severe of which could allowfor arbitrary code execution in the context of the system process. JT2Goand Teamcenter Visualization are used for viewing 3D models. Dependingon the privileges associated with the application, an attacker couldview, change, or delete data. If this application has been configured tohave fewer user rights on the system, exploitation…
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution. Successfulexploitation of the most severe of these vulnerabilities could result inan attacker gaining the same privileges as the logged-on user. Dependingon the privileges associated with the user, an attacker could theninstall programs; view, change, or delete data; or create new accountswith full user rights. Users whose accounts…
DESCRIPTION:A vulnerability has been discovered in Adobe Photoshop which could allowfor arbitrary code execution. Photoshop is Adobe’s flagship imageediting software. Successful exploitation of this vulnerability couldallow for arbitrary code execution. Depending on the privilegesassociated with the user an attacker could then install programs; view,change, or delete data; or create new accounts with full user rights.Users whose accounts are configured to have fewer user rights on…
DESCRIPTION Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in…
DESCRIPTION A vulnerability has been discovered in Mozilla Firefox, Firefox ExtendedSupport Release (ESR) and Firefox for Android, which could allow forarbitrary code execution. Mozilla Firefox is a web browser used toaccess the Internet. Mozilla Firefox ESR is a version of the web browserintended to be deployed in large organizations. Firefox for Android is aversion of the web browser used on Android based mobile devices.Successful exploitation…
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,…
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * Multiple vulnerabilities in Framework that could allow for Escalation of Privileges (CVE-2021-0303, CVE-2021-0306, CVE-2021-0307, CVE-2021-0310, CVE-2021-0315, CVE-2021-0317, CVE-2021-0318, CVE-2021-0319)* A vulnerability in Framework that could allow for Remote Code Execution…
DESCRIPTIONMultiple vulnerabilities have been discovered in Fortinet FortiWeb, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted…
DESCRIPTION Zyxel has released a patch for the hardcoded credential vulnerability of firewalls and AP controllers recently reported by researchers from Eye Control Netherlands. Users are advised to install the applicable firmware updates for optimal protection. A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected…
SUBJECTMultiple Vulnerabilities in ArubaNetworks ArubaOS and SD-WAN Could Allow for Arbitrary Code Execution DESCRIPTIONMultiple vulnerabilities have been discovered in ArubaNetwork’s ArubaOS and SD-WAN, which could result in arbitrary code execution. Aruba (a Hewlett Packard Enterprise company) is the worldwide second-largest enterprise WLAN vendor after Cisco. ArubaOS is its WLAN controller system for automating WLAN management, and SD-WAN (software defined WAN) is its cloud-oriented WAN orchestration…
TroubleGrabber, a new credential stealer discovered by Netskope securityresearchers, spreads via Discord attachments and uses Discord webhooksto deliver stolen information to its operators.Several threat actors usethe new info stealer to target gamers on Discord servers and to stealtheir passwords and other sensitive information. This malware, which primarily arrives via drive-by download, steals theweb browser tokens, Discord webhook tokens, web browser passwords, andsystem information. This information…
The Department of Homeland Security Cybersecurity and InfrastructureSecurity Agency (CISA) issued an Emergency Directive on December 13,2020 in response to the compromise of the SolarWinds Orion product forall federal civilian agencies. The directive calls for all organizationsto assess their exposure to the compromise and secure their networksagainst exploitation. The following SolarWinds Orion versions are affected: Orion Platform 2019.4 HF5, version 2019.4.5200.9083Orion Platform 2020.2 RC1, version 2020.2.100.12219Orion Platform 2020.2…
DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process….
DESCRIPTIONA vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open source framework used for building Java web applications. Successful exploitation of this vulnerability could allow for remote code execution. Depending on the privileges associated with the user, an attacker could then install programs; view; change, or delete data; or create new accounts with full user…
DESCRIPTIONA vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit…
DESCRIPTIONA vulnerability has been discovered in Mozilla Thunderbird, which could allow for arbitrary code execution. Mozilla Thunderbird is an email client. Successful exploitation of this vulnerability could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to…
DESCRIPTIONMultiple vulnerabilities have been discovered in VMware SD-WAN Orchestrator, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges given to the host machine. Depending on the privileges associated with VMware SD-WAN Orchestrator, an attacker could then install programs; view, change, or delete data; or create…
The GlobeImposter ransomware family first appeared around August of 2017. In early 2019, GlobeImposter ransomware underwent extensive modifications, after which the authors re-released it, causing havoc around the world. Ransom.GlobeImposter is a ransomware application that will encrypt files on a victim machine and demand payment to retrieve the information.Ransom.GlobeImposter may be distributed through a malicious spam campaign, recognizable only with their lack of message content…
Stantinko, one of the oldest malware botnets still operating today, has rolled out updates to its class of Linux malware, upgrading its trojan to pose as the legitimate Apache web server process (httpd) in order to make detection harder on infected hosts. According to a new analysis published by Intezer,come to confirm that despite a period of inactivity in regards to code changes, the Stantinko…
A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. The BlackBerry Research and Intelligence team have been monitoring a cyber-espionage campaign that is targeting disparate victims around the globe. The campaign, dubbed CostaRicto by BlackBerry, appears to be operated by “hackers-for-hire”, a group of APT mercenaries who possess bespoke malware tooling…
DESCRIPTIONMultiple vulnerabilities have been discovered in Adobe Acrobat and Adobe Reader, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a family of software developed by Adobe Inc. to view, create, manipulate, print, and manage files in PDF format. Adobe Reader is the free version within the Adobe Acrobat family of software. Successful exploitation of the most severe of these…
DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process….
DESCRIPTIONOctober 23 – UPDATED: Multiple vulnerability has been discovered in Cisco Adaptive Security Appliance and Firepower Threat Defense, which could allow for a denial of service condition. Cisco Adaptive Security Appliance is the core operating system that delivers enterprise-class firewall capabilities and Cisco Firepower Threat Defense is an integrative software image. Successful exploitation of this vulnerability could allow an attacker to cause denial-of-service condition. IMPACTMultiple…
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,…
DESCRIPTIONMultiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Firefox ESR, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code…
DESCRIPTIONMultiple vulnerabilities have been discovered in HP Intelligent Management Center (iMC), the most severe of which could allow for arbitrary code execution. HP Intelligent Management Center (iMC) is software platform used to manage enterprise network environments. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution within the context of a privileged process. Attackers can exploit these issues to execute…
DESCRIPTIONMultiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution. SYSTEM AFFECTED • Application Performance Management (APM), versions 13.3.0.0, 13.4.0.0 • Big Data Spatial and Graph, versions prior to 3.0 • Enterprise Manager Base Platform, versions 13.2.1.0, 13.3.0.0, 13.4.0.0 • Enterprise Manager for Peoplesoft, version 13.4.1.1 • Enterprise Manager for Storage Management, versions 13.3.0.0, 13.4.0.0 • Enterprise Manager Ops Center,…
DESCRIPTIONMultiple vulnerabilities have been discovered in Magento CMS, the most severe of which could allow for arbitrary code execution. Magento is a web-based e-commerce application written in PHP. Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new…
DESCRIPTIONA vulnerability has been discovered in Juniper Junos OS, which could allow for denial of service. Junos OS is a FreeBSD-based operating system used in Juniper Networks routers. This vulnerability specifically affects MX Series routers and EX9200 series switches with Trio-based PFEs configured with IPv6 Distributed Denial of Service (DDoS) protection mechanism enabled. An attacker can exploit this issue to disrupt network protocol operations or…
DESCRIPTIONMultiple vulnerabilities have been discovered in SonicWALL Sonic OS, the most severe of which could allow for arbitrary code execution. SonicWALL is a firewall and cybersecurity solution vendor. Successful exploitation of the most severe of these vulnerabilities could allow for buffer overflow within the context of the application. Attackers may exploit this issue to execute arbitrary code within the context of the affected application. Failed…
DESCRIPTIONA remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. IMPACTAn attacker who successfully exploited this vulnerability…
DESCRIPTIONA SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other versions >= 17.0 have received a hotfix. IMPACT9.8 CRITICAL SYSTEM AFFECTEDSophos XG Firewall v18.0 MR1 and…
DESCRIPTIONMultiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with…
DESCRIPTIONA vulnerability has been discovered in Adobe Flash Player, which could allow for arbitrary code execution. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages. Successful exploitation of this vulnerability could result in an attacker executing arbitrary code in the context of the affected application. Depending on the privileges…
DESCRIPTION Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could…
DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process….
DESCRIPTIONTreck IP network stack software is designed for and used in a variety of embedded systems. The software can be licensed and integrated in various ways, including compiled from source, licensed for modification and reuse and finally as a dynamic or static linked library. Treck IP software contains multiple vulnerabilities, most of which are caused by memory management bugs. For more details on the vulnerabilities…
DESCRIPTION Multiple vulnerabilities have been discovered in Microsoft Edge, the most severe of which could allow for arbitrary code execution. Microsoft Edge is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could…
DESCRIPTION Multiple vulnerabilities have been discovered in iCloud for Windows and macOS. The most severe of these vulnerabilities could allow for arbitrary code execution. macOS is a desktop operating system for Macintosh computers. iCloud is a cloud storage service that can be used on Windows computers. Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution within the context of…
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-September-24. The following PSIRT security advisories (29 High) were published at 16:00 UTC today. 1) Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability CVE-2020-3526 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW +——————————————————————– 2) Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability CVE-2020-3552 SIR:…
DESCRIPTION Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could…
DESCRIPTION Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Firefox ESR, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary…
DESCRIPTION The Drupal AJAX API does not disable JSONP by default, which can lead to cross-site scripting. SYSTEM AFFECTED Following actions are recommended to be taken: Install the latest version: • If you are using Drupal 7.x, upgrade to Drupal 7.73. • If you are using Drupal 8.8.x, upgrade to Drupal 8.8.10. • If you are using Drupal 8.9.x, upgrade to Drupal 8.9.6. • If…
DESCRIPTIONMultiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote attacker to execute arbitrary code and perform other unauthorized actions on a vulnerable system. IMPACT • Full administrative access via backdoor password (CVE-2020-24215) • Administrative root access via backdoor password (CVE-2020-24218) • Arbitrary file read via path traversal (CVE-2020-24219) •…
DESCRIPTIONMultiple vulnerabilities have been discovered in iOS, iPadOS, watchOS, tvOS, watchOS, Xcode, and Safari. The most severe of these vulnerabilities could allow for arbitrary code execution. • iOS is a mobile operating system for Apple cellphones. • iPadOS is a mobile operating system for Apple tablets. • tvOS is an operating system for the Apple media streaming device Apple TV. • WatchOS is an…
DESCRIPTIONA remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view,…
Description:An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’. The prime elements of this vulnerability are the weak encryption standards and the authentication process used in the Netlogon protocol. As new Windows Domain Controllers use standard AES-256 as encryption standards, incorrect use…
A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner.According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner.According to the researchers, for the spread of the botnet, it was done scan to…
DESCRIPTION Adobe has released an out-of-band security update for Adobe Media Encoder that fixes three ‘Important’ security vulnerabilities. The three vulnerabilities are classified as ‘Information Disclosure,’ which could allow sensitive information to be leaked in the security of the active user. Adobe advises customers to update the vulnerable apps to the latest versions as soon as possible to block attacks attempting to exploit unpatched installations….
DESCRIPTION Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts…
DESCRIPTION AMT is part of the Intel vPro platform (Intel’s umbrella marketing term for its collection of computer hardware technologies) and is primarily used by enterprise IT shops for remote management of corporate systems. The flaw can be exploited by an unauthenticated attacker on the same network, in order to gain escalated privileges. The issue (CVE-2020-8758), found internally by Intel employees, ranks 9.8 out of…
DESCRIPTION Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for arbitrary code execution. PAN-OS is an operating system for Palo Alto Network Appliances. An attacker can exploit this issue by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated remote attacker…
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,…
DESCRIPTIONMultiple vulnerabilities have been discovered in Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager, the most severe of which could allow for arbitrary code execution. Adobe InDesign is a desktop publishing and typesetting software that can be used to create works such as posters, flyers, brochures, magazines, newspapers, presentations, books and ebooks. Adobe FrameMaker is a document processor designed for writing and editing large or…
DESCRIPTION Multiple vulnerabilities have been discovered in SAP products, the most severe of which could allow for arbitrary code execution. SAP is a software company which creates software to manage business operations and customer relations. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to execute code on the affected systems. Depending on the privileges associated with the application,…
DESCRIPTION Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts…
DESCRIPTION Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged…
DESCRIPTIONGRUB2 is a multiboot boot loader that replaced GRUB Legacy in 2012. A boot loader is the first program that runs upon boot and loads the operating system. Many vendors also use a shim, a signed software package that contains the vendor’s certificate and code that verifies and runs the boot loader. This means that firmware Certificate Authority providers can just sign the shim as…
Original release date: September 4, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against finance and business organizations worldwide. A DoS attack is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users. In a DDoS attack, the…
Short Description: About Emotet Malware: Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document files, or malicious link. The spam emails contain either a URL or an attachment, and purport to be sending…
Short Description: About BeagleBoyz: “BeagleBoyz ” is a newly identified group that is a subset of activity by the threat actors known as HIDDEN COBRA/LAZARUS/APT 38. The primary modus operandi (not limited to) of the BeagleBoyz is social engineering, spearphishing, and watering hole tactics. Contained within the Malware Analysis Reports (MAR) cited above are unique malware samples that are a combination of remote access tools/trojans…
DESCRIPTIONA vulnerability has been discovered in the File Manager plugin that could allow for remote code execution. WordPress is a web-based publishing application implemented in PHP, and the File Manager Plugin allows site Admins to upload, edit, delete files and folders directly from the WordPress backend without having to use FTP. Successful exploitation of this vulnerability could allow for remote code execution in the context…
DESCRIPTIONMultiple vulnerabilities have been discovered in Cisco Jabber for Windows the most severe of which could allow for arbitrary code execution. Cisco Jabber provides instant messaging (IM), voice, video, voice messaging, desktop sharing, and conferencing on any device. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to execute code on the affected systems. Depending on the privileges associated…
DESCRIPTIONCisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A remote attacker could exploit this vulnerability to exhaust process memory of an affected device. This vulnerability was detected in exploits in the wild. IMPACTAn…
DESCRIPTION Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. IMPACT These vulnerabilities are due to the incorrect…
DESCRIPTION Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Firefox ESR, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary…
DESCRIPTION Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could…
North Korea’s BeagleBoyz are responsible for the sophisticated cyber-enabled ATM cash-out campaigns identified publicly as “FASTCash” in October 2018. Since 2016, the BeagleBoyz have perpetrated the FASTCash scheme, targeting banks’ retail payment system infrastructure (i.e., switch application servers processing International Standards Organization [ISO] 8583 messages, which is the standard for financial transaction messaging). The BeagleBoyz overlap to varying degrees with groups tracked by the cybersecurity…
DESCRIPTION Multiple vulnerabilities have been discovered in IBM Security Guardium Insights, the most severe of which could allow for the program to become compromised. IBM Security Guardium Insights is a program developed to monitor traffic traveling across the network to protect against data leakage and maintain data integrity. Successful exploitation of the most severe of these vulnerabilities could allow for a remote attacker to compromise…
DESCRIPTION A vulnerability has been discovered in Cisco Small Business, Smart, and Managed Switches which could allow for a denial-of-service condition when the switch processes a specially crafted IPv6 address. The vulnerability occurs due to insufficient validation of incoming IPv6 traffic. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. The vulnerability does not affect IPv4…
Description FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack. Impact Successful exploit could allow an authenticated attacker to launch a command injection attack. Mitigation Huawei has released software updates to fix this vulnerability. Product Name Affected Version Resolved Product and Version FusionCompute…
DESCRIPTION A vulnerability has been discovered in Google Chrome, which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application…
DESCRIPTION Multiple vulnerabilities have been discovered in Citrix XenMobile Server, the most severe of which could allow for reading of arbitrary files on the server. XenMobile is a software that provides mobile device management and mobile application management. Successful exploitation of the most severe of theses vulnerabilities could allow for arbitrary file read, resulting in access to configuration data and further attacks. IMPACT Multiple vulnerabilities…
DESCRIPTION Multiple vulnerabilities have been discovered in iOS, iPadOS, macOS, tvOS, watchOS, and Safari. The most severe of these vulnerabilities could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution within the context of the application, an attacker gaining the same privileges as the logged-on user, or the bypassing of security restrictions. Depending on…
DESCRIPTION Multiple vulnerabilities have been discovered in SAP products, the most severe of which could allow for arbitrary code execution. SAP is a software company which creates software to manage business operations and customer relations. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to execute code on the affected systems. Depending on the privileges associated with the application,…
DESCRIPTION Multiple Vulnerabilities have been discovered in Apache Struts, the most severe of which could allow for remote code execution. Apache Struts is an open source framework used for building Java web applications. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker…
DESCRIPTION The Cybersecurity and Infrastructure Security Agency (CISA) has observed cyber actors using emails containing a Microsoft Word document with a malicious Visual Basic Application (VBA) macro code to deploy KONNI malware. KONNI is a remote administration tool (RAT) used by malicious cyber actors to steal files, capture keystrokes, take screenshots, and execute arbitrary code on infected hosts. RECOMMENDATIONS CISA recommends that users and administrators…
DESCRIPTION Multiple vulnerabilities have been discovered in Adobe Acrobat and Adobe Reader, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a family of software developed by Adobe Inc. to view, create, manipulate, print, and manage files in PDF format. Adobe Reader is the free version within the Adobe Acrobat family of software. Successful exploitation of the most severe of…
DESCRIPTION Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged…
DESCRIPTION Apache web server is a common application used as a web application server. Being a open source software, it is extremely common and used throughout almost all the organizations. A specially crafted packet can crash the service and user can gain access and perform Remote Code Execution (RCE) on the server. If the attacker can perform the attack successfully, depending on the access level…
DESCRIPTION Server Message Block (SMB) is a protocol which is commonly found in windows based systems. This is a common method for sharing folder and accessing them via network. This method is quite common which makes this vulnerability very dangerous as even large enterprises usually have common shared location where they can store and retrieve files. IMPACTThis vulnerability can lead towards development of many malware…
DESCRIPTION Almost all of the Netgear devices now contains web interface for easy management. It becomes easy for the home administrator to configure and manage the device efficiently. Moreover, WiFi routers from this company is widely used Bangladesh. To do this httpd service has been used and it fails to validate the he header size provided to the upgrade_check.cgi handler. Despite copying the header to…
DESCRIPTIONMultiple vulnerabilities have been discovered in SAP products, the most severe of which could allow an unauthenticated, remote attacker to execute code on the affected systems. Details of the vulnerabilities are as follows: * Multiple Vulnerabilities in SAP NetWeaver AS JAVA (LM Configuration Wizard) (CVE-2020-6286).* Security updates for the browser control Google Chromium delivered with SAP Business Client.* Information Disclosure in SAP NetWeaver (XMLToolkit for…
Description In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. Impact This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the BIG-IP management port and/or Self IPs, to execute arbitrary system commands, create or delete…
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of June 2020.
SaltStack has released a security update to address critical vulnerabilities affecting Salt versions prior to 2019.2.4 and 3000.2. Salt is an open-source remote task and configuration management framework widely used in data centers and cloud servers. A remote attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities were detected in exploits in the wild. CVE-2020-11651: An issue was discovered in…
CVE-2020-8618:An assertion check in BIND (that is meant to prevent going beyond the end of a buffer when processing incoming data) can be incorrectly triggered by a large response during zone transfer. Impact: An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to…
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.8, 8.9, and 9.0. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. For more information, please visit following URL:https://www.drupal.org/sa-core-2020-004https://www.drupal.org/sa-core-2020-005
WordPress 5.4.1 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. WordPress 5.4.2 is now available. For more information, please visit following URL:https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. The vulnerability is due to unsafe usage of shared memory that is used by the affected software. An attacker with permissions to view system memory could exploit this vulnerability by running an application on the local system that is…
CVE-2020-13428:A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file. Impact:According to VideoLan’s security bulletin, this vulnerability can be exploited by creating a specially crafted file and tricking a user into opening it…
Palo Alto Networks’ Unit 42 researchers discovered six new vulnerabilities in D-Link wireless cloud routers running their latest firmware.The vulnerabilities were found in the DIR-865L model of D-Link routers. The following are the six vulnerabilities found: CVE-2020-13782: Improper Neutralization of Special Elements Used in a Command (Command Injection)CVE-2020-13786: Cross-Site Request Forgery (CSRF)CVE-2020-13785: Inadequate Encryption StrengthCVE-2020-13784: Predictable seed in pseudo-random number generatorCVE-2020-13783: Cleartext storage of sensitive…
The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given the name Ripple20, affect hundreds of millions of devices and include multiple remote code execution vulnerabilities. These vulnerabilities affect Treck TCP/IP stack implementations for embedded systems. The Treck TCP/IP stack is affected including: IPv4IPv6UDPDNSDHCPTCPICMPv4ARP Impact:Successful exploitation of these…
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. What is UPnP? Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and…
Description: A vulnerability has been discovered in Microsoft Windows SMB Server that could allow for remote code execution. This vulnerability is due to an error in handling maliciously crafted compressed data packets within version 3.1.1 of Server Message Blocks. To exploit this vulnerability, an attacker can send specially crafted compressed data packets to a target Microsoft Server Message Block 3.0 (SMBv3) server. Clients who connects…
Description: A vulnerability has been discovered in Zoom Client that could allow for arbitrary code execution. An exploitable partial path traversal vulnerability exists in the way Zoom Client processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution due to how Zoom handles shared files. Zoom automatically unpacks shared…
Severity: High Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the “signature_algorithms_cert” TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service…
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of April 2020.
Security researchers at Trend Micro discovered a potential cyberespionage campaign, which we have named Project Spy, that infects Android and iOS devices with spyware.Trend Micro also reported that, significantly small number of downloads of the app in Pakistan, India, Afghanistan, Bangladesh, Iran, Saudi Arabia, Austria, Romania, Grenada, and Russia. The spyware apps can steal Facebook messages, WhatsApp messages, text messages, contact lists, call logs, photos,…
Description:A vulnerability was identified in Google Chrome, a remote attacker could exploit this vulnerability to trigger remote code execution and denial of service on the targeted system. Impact:Denial of ServiceRemote Code Execution Google Chrome (Desktop version) prior to 81.0.4044.113 version are vulnerable. Mitigation:Updates are available.Google has released Chrome version 81.0.4044.113 for Windows, Mac, and Linux.Please see the references or vendor advisory for more information. Reference:https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html
Description: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more…
Description: Google has released Chrome version 81.0.4044.92 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
Description: Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
Description: VMware has released security updates to address a vulnerability in VMware Directory Service (vmdir). An attacker could exploit this vulnerability to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2020-0006.html
Description : Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. System / Technologies Affected : iCloud for Windows 7.18 iCloud for Windows 10.9.3 iTunes 12.10.5 for Windows iOS 13.4 and iPadOS 13.4 Safari 13.1 watchOS 6.2 tvOS 13.4 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update…
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of March 2020.
Description: A vulnerability has been discovered in Microsoft Windows SMB Server that could allow for remote code execution. This vulnerability is due to an error in handling maliciously crafted compressed data packets within version 3.1.1 of Server Message Blocks. To exploit this vulnerability, an attacker can send specially crafted compressed data packets to a target Microsoft Server Message Block 3.0 (SMBv3) server. Clients who connects…
The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of…
Description: Multiple vulnerabilities in the Cisco Webex Network Recording Player and Cisco Webex Player could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. An attacker could exploit these vulnerabilities by sending a user a link or email attachment containing a malicious ARF (Advanced Recording Format) or WRF (Webex Recording Format) file via a link or an email…
Description : Multiple vulnerabilities were identified in Google Chrome, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system. Impact: Remote Code Execution Security Restriction Bypass System / Technologies Affected : Google Chrome (Desktop version) prior to 80.0.3987.132 Mitigation: Before installation of the software, please visit the vendor’s web-site for more details….
Description: A vulnerability has been discovered in the WordPress Duplicator Plugin that could allow for Arbitrary File Downloads. This vulnerability exists due to the way Duplicator handles certain requests from unauthenticated users. When an attacker sends a specially crafted request to Duplicator, an unauthenticated user can download arbitrary files from the target WordPress site. This includes the ‘wp-config.php’ file, which contains various site configurations, and…
Subject: A Vulnerability in Apache Tomcat Could Allow for Arbitrary File Reading (CVE-2020-1938) Description: A vulnerability has been discovered in Apache Tomcat, which could allow for reading of arbitrary files on the affected system. The vulnerability exists in the AJP protocol, which is by default exposed over TCP port 8009 and enabled. The vulnerability can be exploited by an attacker who can communicate with…
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of February 2020.
Description: Google has released Chrome version 80.0.3987.122 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Feb https://support.microsoft.com/en-us/help/20200211/security-update-deployment-information-february-11-2020
Description: Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Framemaker APSB20-04 Acrobat and Reader APSB20-05 Flash Player APSB20-06 Digital Editions APSB20-07 Experience Manager APSB20-08 Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for…
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of January 2020.
Summary New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats. On January 14, 2020, Microsoft released software fixes to address 49 vulnerabilities as part of their monthly Patch Tuesday announcement. Among…
Description: Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more…
Description: Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager (DCNM). A remote attacker could exploit these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: Cisco Data Center Network…
Description: Microsoft has released information about CVE-2019-1491, a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1491 https://support.microsoft.com/en-us/help/20191210/security-update-deployment-information-december-10-2019
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of November – December 2019.
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of October 2019.
Description: Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.7.x, and 8.8.x. An attacker could exploit some of these vulnerabilities to modify data on an affected website. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: SA-CORE-2019-012 SA-CORE-2019-011 SA-CORE-2019-010 SA-CORE-2019-009
Description: Microsoft has released information about CVE-2019-1491, a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1491 https://support.microsoft.com/en-us/help/20191210/security-update-deployment-information-december-10-2019
Description: WordPress 5.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
Description: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Xcode 11.3 watchOS 5.3.4 watchOS 6.1.1 tvOS 13.3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra Safari 13.0.4 iOS 12.4.4 iOS 13.3 and iPadOS 13.3 iTunes 12.10.3 for Windows iCloud for Windows 7.16…
Description: Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges. Linux Administrative Tools for Intel Network Adapters Advisory INTEL-SA-00237 FPGA SDK for OpenCL Advisory INTEL-SA-00284 Processors Voltage Settings Modification Advisory INTEL-SA-00289 Control Center-I Advisory INTEL-SA-00299 Quartus Prime Pro Edition Advisory INTEL-SA-00311 SCS Platform Discovery Utility Advisory INTEL-SA-00312 Unexpected Page Fault in Virtualized…
Description: VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2019-0020.html https://www.vmware.com/security/advisories/VMSA-2019-0021.html
Description: Intel has released security updates to address vulnerabilities in multiple products. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: BMC Advisory INTEL-SA-00313 UEFI Advisory INTEL-SA-00280 SGX and TXT Advisory INTEL-SA-00220 Processor Security Advisory INTEL-SA-00240 CSME, Intel SPS, Intel TXE, Intel AMT, Intel PTT and Intel DAL Advisory INTEL-SA-00241 Graphics Driver for Windows Advisory INTEL-SA-00242 Ethernet 700…
Description: Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-pi-epn-codex https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-sbr-cominj https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-telepres-roomos-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-telepres-roomos-privesc
Description: Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/
Description: The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to obtain sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.samba.org/samba/security/CVE-2019-10218.html https://www.samba.org/samba/security/CVE-2019-14833.html https://www.samba.org/samba/security/CVE-2019-14847.html
Description: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates. Impact: A remote attacker could exploit this vulnerability to take control of…
Description: VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry (PCF). An attacker could exploit this vulnerability to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2019-0016.html
Description: The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities affecting Pulse Secure Virtual Private Network (VPN). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been targeted by advanced persistent threat (APT) actors. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the…
Description: The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information….
Description: Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. watchOS 5.3.1 iOS 12.4.1 macOS Mojave 10.14.6 tvOS 12.4.1 Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more…
Description: WordPress 5.2.2 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
Description: Exim has released patches to address vulnerabilities affecting Exim 4.92.1 and prior versions. A remote attacker could exploit this vulnerability to take control of an affected email server. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://exim.org/static/doc/security/CVE-2019-15846.txt https://kb.cert.org/vuls/id/672565/
Description: Cisco has released security updates to address a vulnerability in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos
Description: Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. Paragraph Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html https://cyber.gc.ca/en/alerts/atlassian-confluence-security-advisory
Summary The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an…
Description: The CERT Coordination Center (CERT/CC) has released information on TCP networking vulnerabilities affecting Linux and FreeBSD kernels. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/905115/
Description: Apple has released security updates to address vulnerabilities in AirPort Express, AirPort Extreme, and AirPort Time Capsule wireless routers with 802.11n. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for…
Description: Dell has released a security advisory to address a vulnerability in Dell SupportAssist software. An attacker could exploit this vulnerability to access sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.dell.com/support/article/us/en/04/sln317291/dsa-2019-084-dell-supportassist-for-business-pcs-and-dell-supportassist-for-home-pcs-security-update-for-pc-doctor-vulnerability?lang=en
Description: Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more…
Description: Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more…
Description: Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: NUC Firmware Advisory INTEL-SA-00264 RAID Web Console 3 for Windows Advisory INTEL-SA-00259…
Description Apple has released AirPort Base Station Firmware Update 7.91 to address vulnerabilities in AirPort Extreme and AirPort Time Capsule wireless routers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for…
Description: Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support operating systems: In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008 Out-of-support systems: Windows 2003 and Windows XP A remote attacker could exploit this vulnerability to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control…
Description: VMware has released security updates to address vulnerabilities in the following products : vCenter Server, ESXi, Workstation, Fusion. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2019-0007.html https://www.vmware.com/security/advisories/VMSA-2019-0008.html
Description: Cisco has released security updates to address vulnerabilities in multiple Cisco products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x
Description: Facebook has released a security advisory to address a vulnerability in WhatsApp. A remote attacker could exploit this vulnerability to take control of an affected device. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.facebook.com/security/advisories/cve-2019-3568
Description: Oracle has released its Critical Patch Update for April 2019 to address 297 vulnerabilities across multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Description: Cisco has released a security update to address vulnerabilities in multiple Cisco products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x
Description: Drupal has released security updates to address multiple vulnerabilities in Drupal Core. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/sa-core-2019-005 https://www.drupal.org/sa-core-2019-006
Description: The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting multiple Virtual Private Network (VPN) applications. An attacker could exploit this vulnerability to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/192371/
Description: VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2019-0006.html
Apache Releases Security Updates for Apache Tomcat Description: The Apache Software Foundation has released Apache Tomcat versions 7.0.94 and 8.5.40 to address a vulnerability. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201904.mbox/%3C13d878ec-5d49-c348-48d4-25a6c81b9605%40apache.org%3E
Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. The April security release consists of security updates for the following software: Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore ASP.NET Microsoft Exchange Server Team Foundation Server Azure DevOps Server Open Enclave SDK Windows Admin Center Impact: A remote attacker could exploit…
Description: Cisco has released several security advisories to address vulnerabilities in multiple Cisco products : Cisco IP Phone 8800 Series Path Traversal Vulnerability cisco-sa-20190320-ipptv Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability cisco-sa-20190320-ipfudos Cisco IP Phone 8800 Series Authorization Bypass Vulnerability cisco-sa-20190320-ipab Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability cisco-sa-20190320-ip-phone-rce Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability cisco-sa-20190320-ip-phone-csrf Impact: A…
Description: Drupal has released security updates to address a vulnerability in Drupal Core. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/sa-core-2019-004
Description: ASUS has released Live Update version 3.6.8. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system. These vulnerabilities were detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s:…
Description: Microsoft has released an update to address a vulnerability in Azure Linux Guest Agent Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804
Description: Intel has released security updates and recommendations to address vulnerabilities in multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.intel.com/content/www/us/en/security-center/default.html Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available….
Description: WordPress 5.1 and prior versions are affected by a vulnerability. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
Description: Adobe has released security updates to address a vulnerability in ColdFusion. These updates resolve a critical vulnerability that could lead to arbitrary code execution in the context of the running ColdFusion service. Adobe is aware of a report that CVE-2019-7816 has been exploited in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the…
Description: Cisco has released security updates to address vulnerabilities in multiple Cisco products. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a…
Description: OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q Impact: An attacker could exploit this vulnerability to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.openssl.org/news/secadv/20190226.txt
Description: Drupal has released security updates to address a vulnerability in Drupal Core. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/sa-core-2019-003
Description: Drupal has released security updates addressing vulnerabilities in Drupal 7.x, 8.5.x, and 8.6.x. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/sa-core-2019-001 https://www.drupal.org/sa-core-2019-002
Description: Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Description: Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. The January security release consists of security updates for the following software: Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore .NET Framework ASP.NET Microsoft Exchange Server Microsoft Visual Studio Impact: A remote attacker could exploit this vulnerability to take control of an…
Description: Adobe has released security updates to address vulnerabilities in Adobe Connect and Adobe Digital Editions. This update resolves an important session token exposure vulnerability. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/connect/apsb19-05.html https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html
Description: WordPress 5.0 and prior versions are affected by multiple vulnerabilities. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
Description: Microsoft has released out-of-band security updates to address a vulnerability in Internet Explorer 9, 10, and 11. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653 https://www.kb.cert.org/vuls/id/573168/
Description: Cisco has released security updates to address a vulnerability in Adaptive Security Appliance. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181219-asa-privesc
Description: VMware has released security updates to address a vulnerability in Workstation and Fusion. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0030.html
Description: The Samba Team has released security updates to address several vulnerabilities in Samba. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 CVE-2018-16852 CVE-2018-16853 CVE-2018-16857
Description: Apple has released security updates to address vulnerabilities in multiple products. iCloud for Windows 7.9 Safari 12.0.2 iTunes 12.9.2 for Windows macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra tvOS 12.1.1 iOS 12.1.1 Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for…
Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. The November security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore .NET Core Skype for Business Azure App Service on Azure Stack Team Foundation Server Microsoft Dynamics 365 (on-premises) version 8 PowerShell Core Microsoft.PowerShell.Archive 1.2.2.0 Impact:…
Description: Adobe has released security updates to address vulnerabilities in Flash Player, Adobe Acrobat and Reader, and Adobe Photoshop CC. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb18-39.html https://helpx.adobe.com/security/products/acrobat/apsb18-40.html https://helpx.adobe.com/security/products/photoshop/apsb18-43.html
Description: VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.vmware.com/security/advisories/VMSA-2018-0027.html
Description: Cisco has released a security advisory to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos https://www.kb.cert.org/vuls/id/339704
Description: The Apache Software Foundation has released a security update to address a vulnerability affecting Apache Tomcat JK Connectors 1.2.0 to 1.2.44. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201810.mbox/%3c16a616e5-5245-f26a-a5a4-2752b2826703@apache.org%3e
Description: Cisco has released security updates to address a vulnerability in Cisco Webex Productivity Tools and the Cisco Webex Meetings Desktop App. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection
Description: Microsoft has released a security update to address a vulnerability in the Yammer desktop application. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569
Description: libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
Description: Drupal has released security updates addressing multiple vulnerabilities in Drupal 7.x and 8.x. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.drupal.org/sa-core-2018-006
Description: Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x
Description: Oracle has released its Critical Patch Update for October 2018 to address 301 vulnerabilities across multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution…
Description: The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201810.mbox/%3c4cf697b0-db03-9eab-f2aa-54c2026d0e88@apache.org%3e
Description: VMware has released a security update to address a vulnerability in AirWatch Console. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0024.html
Description: Apple has released security updates to address vulnerabilities in iCloud for Windows and iOS. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT209141 https://support.apple.com/en-us/HT209162
Description: Cisco has released several updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
Description: Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. The updates below are available for these Mac models: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013, Mid 2010, and Mid 2012 models…
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution…
Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. The September security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore Adobe Flash Player .NET Framework Microsoft.Data.OData ASP.NET Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are…
Description: Adobe has released security updates to address vulnerabilities in Adobe Flash Player and ColdFusion. These updates address an important vulnerability in Adobe Flash Player 30.0.0.154 and earlier versions. Successful exploitation could lead to information disclosure. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb18-31.html https://helpx.adobe.com/security/products/coldfusion/apsb18-33.html
Description:VMware has released security updates to address vulnerabilities in VMware AirWatch Agent and Content Locker. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0023.html
Description:Cisco has released a security update to address a vulnerability in Cisco Data Center Network Manager. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180828-dcnm-traversal
Description: Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/906424
Description: The Apache Software Foundation has released a security update to address a vulnerability in Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://cwiki.apache.org/confluence/display/WW/S2-057
Description: Adobe has released security updates to address vulnerabilities in Adobe Photoshop CC. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/photoshop/apsb18-28.html
Description: Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/332928
Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ecb26425-583f-e811-a96f-000d3a33c573
Description: Security researchers have identified a speculative execution side-channel method called L1 Terminal Fault (L1TF). This method impacts select microprocessor products supporting Intel® Software Guard Extensions (Intel® SGX). Further investigation by Intel has identified two related applications of L1TF with the potential to impact additional microprocessors, operating systems, system management mode, and virtualization software. If used for malicious purposes, this class of vulnerability has the…
Description: Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. This Security Alert addresses an Oracle Database vulnerability in versions 11.2.0.4 and 12.2.0.1 on Windows. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html
Description: Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability. Relevant Products VMware Horizon 6 VMware Horizon 7 VMware Horizon Client for Windows Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0019.html
Description: The Linux kernel, versions 4.9+, is vulnerable to denial of service conditions with low rates of specially modified packets. Impact: An remote attacker may be able to trigger a denial-of-service condition against a system with an available open port. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/962459 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e
Description: Drupal has released a security update addressing a vulnerability in Drupal 8.x. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/SA-CORE-2018-005
Description: The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
Description: Cisco has released updates to address vulnerabilities affecting Cisco products. Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
Description: Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. Impact: An attacker could exploit these vulnerabilities to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Description: Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/
Description: VMware has released security updates to address vulnerabilities in VMware ESXi, Workstation, and Fusion. Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0016.html
Description: Cisco has released updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Cisco has released software updates that address this vulnerability. Please see the references or vendor advisory for more information. References: Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability cisco-sa-20180620-nxos-bo Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary…
Description: Intel has released recommendations to address a vulnerability—dubbed Lazy FP state restore—affecting Intel Core-based microprocessors. System software may utilize the Lazy FP state restore technique to delay the restoring of state until an instruction operating on that state is actually executed by the new process. Systems using Intel® Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore…
Description: Cisco has released updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Cisco has released software updates that address this vulnerability. Please see the references or vendor advisory for more information. Reference URL’s: Digital Network Architecture Center Static Credentials Vulnerability cisco-sa-20180516-dnac Digital Network Architecture Center Authentication Bypass Vulnerability cisco-sa-20180516-dna2 Digital Network…
Description: Red Hat has released security updates to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Red Hat Enterprise Linux 6 and 7. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://bugzilla.redhat.com/show_bug.cgi?id=1567974 https://access.redhat.com/security/cve/cve-2018-1111 https://access.redhat.com/security/vulnerabilities/3442151
Description: Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Impact: Successful exploitation of the most severe of these vulnerabilities could…
Description: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. There are reports of a remote code execution vulnerability (CVE-2018-8174) being actively exploited in the wild as part of a cyber-espionage campaign. Impact: Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user….
Description: A vulnerability has been discovered in Adobe Flash Player, which could allow for arbitrary code execution. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages. Impact: Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the user running the application. Depending on…
Description: Multiple Dell EMC Products are prone to multiple remote command-injection vulnerabilities. Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. Impact: A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed. Mitigation: Updates are available. Please see the…
Description: Apple Swift is prone to an arbitrary code-execution vulnerability. Impact: A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208804 https://lists.apple.com/archives/security-announce/2018/May/msg00000.html https://www.securityfocus.com/bid/104085/info https://swift.org/
Description: A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. Impact: Upon visiting a malicious or compromised website with a vulnerable device, an attacker may be able to bypass security features provided by the web browser. Mitigation: Apply an update. Google Chrome and Mozilla Firefox have released updates which disable high precision timers…
Description: Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * An information disclosure vulnerability in Android runtime. (CVE-2017-13309) * Multiple elevation of privilege vulnerabilities in Framework. (CVE-2017-13310, CVE-2017-13311) * Multiple information disclosure vulnerabilities in Kernel components. (CVE-2017-16643, CVE-2017-5754) *…
Description: VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to…
Description: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses…
Description: An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. Impact: An attacker can exploit this issue to crash the host, denying service to legitimate users. Xen 4.0 and later are vulnerable. Mitigation: Updates are available. Please see the references or vendor…
Description: RCS module in Huawei ALP-AL00B smart phones with software versions earlier than 8.0.0.129, BLA-AL00B smart phones with software versions earlier than 8.0.0.129 has a remote-control vulnerability. An attacker can trick a user to install a malicious application. When the application connects with RCS for the first time, it needs user to manually click to agree. In addition, the attacker needs to obtain the key…
Description: Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution. Impact: An attacker tricks the user who has root…
Description: A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image. To exploit the vulnerability, an attacker would place malicious code in a specially crafted container image which, if an authenticated administrator imported (pulled), could cause a container management service utilizing the Host Compute Service Shim library to execute malicious…
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution…
Description: Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe Impact: An attacker can exploit this issue to cause denial-of-service conditions. OpenSSL…
Description: A flaw was found in the way the Linux KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Impact: An attacker can leverage this issue to gain elevated privileges…
Description: A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the targeted user’s privilege level. The vulnerability is due to insufficient validation of the Action Message Format (AMF) protocol. An attacker could exploit this vulnerability by sending a…
Description: A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit…
Description: A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affected access point. Impact: The vulnerability exists because the Cisco Mobility Express controller of the affected software configures the…
Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. Impact: An attacker…
Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : Safari 11.1 macOS High Sierra 10.13.4 iOS 11.3.1 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208741 https://support.apple.com/en-us/HT208742 https://support.apple.com/en-us/HT208743
Description: Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The following products are covered by the updates : Cisco WebEx Clients Remote Code Execution Vulnerability cisco-sa-20180418-wbs(link is external) Cisco UCS Director Virtual Machine Information Disclosure Vulnerability for End User Portal cisco-sa-20180418-uscd(link is external) Cisco StarOS Interface Forwarding Denial…
Description: CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses). We would like to thank the CKEditor team for patching the vulnerability and coordinating the fix and release process, and matching the Drupal core security…
Description: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Impact: An attacker could exploit this vulnerability to take control of an…
Description: VMware has released security updates to address a vulnerability in vRealize Automation. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0009.html
Description: Adobe has released security updates to address vulnerabilities in Adobe PhoneGap Push Plugin, Adobe Digital Editions, Adobe InDesign, Adobe Experience Manager, and Adobe Flash Player. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/phonegap/apsb18-15.html https://helpx.adobe.com/security/products/Digital-Editions/apsb18-13.html https://helpx.adobe.com/security/products/indesign/apsb18-11.html https://helpx.adobe.com/security/products/experience-manager/apsb18-10.html https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
Description: Microsoft has released updates to address vulnerabilities in Microsoft software. The April security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore Adobe Flash Player Microsoft Malware Protection Engine Microsoft Visual Studio Microsoft Azure IoT SDK Impact: A remote attacker could exploit this vulnerability to take control of…
Description: Microsoft has released security updates to address a vulnerability in Windows 7 x64 and Windows Server 2008 R2 x64 systems. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. This issue is addressed in the Microsoft update for CVE-2018-1038. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/277400
Description: The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Upgrade to Struts 2.5.16. Please see the references or vendor advisory for more information. Reference URL’s: https://cwiki.apache.org/confluence/display/WW/S2-056
Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: If you are running 7.x, upgrade to Drupal 7.58. If you are running…
Description: Cisco has released updates to address vulnerabilities affecting multiple products. Review the following Cisco Security Advisories and apply the necessary updates: Cisco IOS XE Software Static Credential Vulnerability Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability Impact: A remote attacker could exploit some of these vulnerabilities to…
Description: Multiple vulnerabilities have been discovered in MozillaFirefox and Firefox Extended Support Release (ESR), which could allow for remote code execution. Details of the vulnerabilities are as follows: * A remote code-execution vulnerability exists because it fails to properly process Vorbis audio data. Specifically, this issue occurs due to an out-of-bounds write error in the ‘libvorbis’ library. (CVE-2018-5146) * A remote code-execution vulnerability exists because…
Description: Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow for remote code execution. These vulnerabilities are as follows: * One use after free vulnerability that could allow for remote code execution (CVE-2018-4919). * One type confusion vulnerability that could allow for remote code execution (CVE-2018-4920) Impact: Successful exploitation of these vulnerabilities could result in the attacker gaining control of the affected…
Description: A vulnerability has been discovered in ManageEngine Applications Manager, which could allow for remote code execution. The publically accessible testCredential.do endpoint takes multiple user inputs and validates supplied credentials by accessing a specific system. This endpoint calls several internal classes and then executes a PowerShell script. If the specified system is an Office SharePoint Server, then the username and password parameters to this script…
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Impact: Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code…
Description: A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) condition. The vulnerability is due to improper handling of a TCP connection request when the IVR connection is already established. An attacker could exploit this vulnerability…
Description: A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper security restrictions that are imposed by the web-based service portal of the affected software. An attacker could exploit this vulnerability by…
Description: A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. The vulnerability is due to insecure key generation during application configuration. An attacker could exploit this vulnerability by using a known insecure key value to bypass security protections by sending arbitrary requests using the insecure key to a targeted…
Description: Multiple vulnerabilities have been discovered in Adobe Acrobat and Reader, the most severe of which could allow for arbitrary code execution. Adobe Acrobat and Reader allow a user to view, create, manipulate, print and manage files in Portable Document Format (PDF). Successful exploitation of the most severe of these vulnerabilities could result in an attacker executing arbitrary code in the context of the affected…
Description: Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged…
Description: A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is…
Description: A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user.The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting a crafted request to the user interface of Cisco UCS Central. Impact: Command Execution Vulnerability Vulnerable Products This vulnerability affects Cisco…
Description: A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, the attacker must provide a valid username. The vulnerability is due to incorrect RADIUS user credential validation. An attacker could exploit this vulnerability by attempting to access a Cisco Policy Suite domain configured with RADIUS…
Description: A vulnerability has been discovered in Adobe Flash Player that could allow for remote code execution. This vulnerability occurs due to a use-after-free error (CVE-2018-4878). Adobe is scheduled to release a patch to address this vulnerability during the week of February 5th, 2018. In the meantime, Adobe has provided mitigation steps that are listed in the recommendations section below. Impact: Successful exploitation of this…
Description: A vulnerability has been identified in Mozilla Firefox, which could allow for arbitrary code execution. A Content Security Policy (CSP) is not properly enforced on chrome-privileged documents, which are used by extensions in Mozilla FireFox. An attacker could exploit this vulnerability by enticing a user running a vulnerable version of the application to follow a specially crafted link designed to trigger this issue. Impact:…
Description: CVE-2017-3145 is a denial-of-service vector which can potentially be exploited against ISC BIND servers, causing them to crash. The underlying flaw has existed since BIND 9.0.0 but is not known to be reachable in any version prior to those containing the fix for CVE-2017-3137 [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1], and…
Description: A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during communications with the Cisco Virtualized Voice Browser (VVB). An attacker could exploit this vulnerability by sending malformed SIP…
Description: A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a privilege level of a guest user. The vulnerability is due to an incorrect networking configuration…
Description: A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from…
Description: A vulnerability has been discovered in HP products, which could allow for arbitrary code execution. Depending on the printer’s placement on the network, an attacker could potentially install programs; view, change, or delete data; or create new accounts with full user rights. Impact: This vulnerability could potentially be exploited to execute arbitrary code. System affected : HP PageWide Managed MFP P57750dw, J9V82A, J9V82B, J9V82C,…
Description: A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. Impact: The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An…
Description: Mozilla! has released security updates to address multiple vulnerabilities for the following software : Firefox ESR 52.6 Firefox 58 Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/ https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/
Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : Safari 11.0.3 watchOS 4.2.2 iOS 11.2.5 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan tvOS 11.2.5 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory…
Description: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Impact: A remote attacker could exploit some of these vulnerabilities to obtain…
Description: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address an important out-of-bounds read vulnerability that could lead to information exposure. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
Description: Microsoft has released updates to address vulnerabilities in Microsoft software. The January security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps SQL Server ChakraCore .NET Framework .NET Core ASP.NET Core Adobe Flash Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected…
Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : iOS 11.2.2 Safari 11.0.2 macOS High Sierra 10.13.2 Impact: An attacker could exploit these vulnerabilities to obtain access to sensitive information. Mitigation: Updates are available. Please see the Apple security pages for more information. Reference URL’s: https://support.apple.com/en-us/HT208401 https://support.apple.com/en-us/HT208403 https://support.apple.com/en-us/HT208397
Description: VMware has released security updates to address multiple vulnerabilities for the following products vRealize Operations for Horizon (V4H) vRealize Operations for Published Applications (V4PA) VMware Workstation Pro / Player (Workstation) VMware Fusion Pro / Fusion (Fusion) Horizon View Client for Windows Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Updates are available. Please see the references…
Description: Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. This attack only affects Windows operating systems. Other operating systems are unaffected. Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/
Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with…
Description: The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution. Impact: Attackers can exploit…
Description: An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled. Impact: Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Mitigation: Updates are available. Please see the references…
Description: An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled. Impact: Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Mitigation: Updates are available. Please see the references…
Description: Multiple Cisco WebEx Products are prone to the following security vulnerabilities: Multiple remote code-execution vulnerabilities Multiple denial-of-service vulnerabilities Impact: An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. These issues are being tracked by Cisco Bug IDs- CSCve02843 CSCve10584 CSCve10591 CSCve10658 CSCve10744 CSCve10749 CSCve10762…
Description: Apple has released a supplemental security update to address a vulnerability in macOS High Sierra 10.13. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.kb.cert.org/vuls/id/113765 https://support.apple.com/en-us/HT208315
Description: An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3 Impact: An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead…
Description: A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain Smart Licensing configuration parameters. An authenticated attacker could exploit the vulnerability by configuring a malicious…
Description: The vulnerability exists due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions within the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. To exploit this vulnerability, an attacker must have local access and be…
Description: Cisco ASA Next-Generation Firewall Services is prone to a remote security-bypass vulnerability. Impact: Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This issue is being tracked by Cisco Bug CSCvd97962. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.securityfocus.com/bid/101915/info https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-firepower1
Description: WPA2 is prone to multiple security weaknesses. Impact: Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. This may aid in further attacks. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.krackattacks.com/ https://ics-cert.us-cert.gov/advisories/ICSA-17-318-01 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4
Description: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. Impact: Local attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Intel Manageability Engine versions 11.0, 11.5, 11.6, 11.7, 11.10, and 11.20 are vulnerable. Mitigation:…
Description: Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. Impact: An attacker can leverage this issue to execute arbitrary code in the context of the…
Description: Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka “Microsoft Office Remote Code Execution Vulnerability”. Impact: An attacker can leverage this issue to execute arbitrary code in the context of the currently…
Description: Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard. Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy. Tools that enable system-wide ASLR without also setting bottom-up ASLR will fail to…
Description: Microsoft has released updates to address vulnerabilities in Microsoft software. The November security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ASP.NET Core and .NET Core Chakra Core Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Updates are available. Please…
Description: Joomla! has released version 3.8.2 of its Content Management System (CMS) software to address multiple vulnerabilities. Impact: A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.joomla.org/announcements/release-news/5716-joomla-3-8-2-release.html
Description: WordPress 4.8.3 is now available. This is a security release for all previous versions and it is strongly encouraged you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from…
Description: The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is…
Description: Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window. Impact: Successful exploits may allow…
Description: Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. Impact: An attacker can exploit this issue to cause a local denial-of-service condition; other attacks may also be possible. Mitigation: Administrators may disable administrative privileges on…
Description: A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit…
Description: A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. Impact: The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in…
Description: On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP for Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local application software. Impact: The vulnerability is due to the use of a static key value stored in the application used to encrypt the…
Description: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with…
Description: PHP Object Injection Vulnerability Severity 9.8 (Critical) have been found in Appointments, RegistrationMagic-Custom Registration Forms, and Flickr Gallery plugins. Affected plugins and versions: Appointments by WPMU Dev (fixed in 2.2.2) Flickr Gallery by Dan Coulter (fixed in 1.5.3) RegistrationMagic-Custom Registration Forms by CMSHelpLive (fixed in 3.7.9.3) Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available….
Description: Mozilla! has released security updates to address multiple vulnerabilities for the following softwares : Firefox ESR 52.4 Firefox 56 Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/ https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/
Description: Apple has released iOS 11.0.1 to address vulnerabilities in previous versions of iOS. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208143
Description: Google has released Chrome version 61.0.3163.100 for Windows, Mac, and Linux. This update addresses multiple vulnerabilities that an attacker may exploit to cause a denial-of-service condition. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
Description: Joomla! has released version 3.8.0 of its Content Management System (CMS) software to address several vulnerabilities. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.joomla.org/announcements/release-news/5713-joomla-3-8-0-release.html
Description: WordPress versions 4.8.1 and earlier are affected by several security issues and advised to upgrade to 4.8.2 immediately. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
Description: Apple has released security updates to address vulnerabilities in multiple products. The products addressed are as below : iOS 11 Safari 11 tvOS 11 watchOS 4 Xcode 9 Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208112 https://support.apple.com/en-us/HT208116 https://support.apple.com/en-us/HT201222…
Description: The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat. When running on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by…
Description: Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191 Impact: An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of running code received from a remote IP address on…
Description: VMware releases security updates to address vulnerabilities. This release consists of security updates for the following software: ESXi vCenter Server Fusion Workstation Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2017-0015.html
Description: Microsoft releases security updates for September 17. This release consists of security updates for the following software: Microsoft Excel 2016 for Mac Microsoft Office 2016 for Mac Microsoft .NET Framework Windows Server 2008 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/summary https://support.microsoft.com/en-us/help/20170912/security-update-deployment-information-september-12-2017
Description: Todd Miller’s sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution. Impact: Local attackers could exploit this issue to run arbitrary commands with root privileges. This issue is fixed in sudo 1.8.20p2. NOTE: This issue is the result of an incomplete fix for the issue described in BID 98745…
Description: The REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering and this can lead to Remote Code Execution when deserializing XML payloads. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Apache Struts 2.5 through 2.5.12…
Description: A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. Impact: An attacker…
Description: A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are higher or lower than what should have been granted. The attacker cannot gain root-level privileges. The vulnerability is due to…
Description: A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart. Impact: An attacker could exploit this vulnerability by sending a high rate of TCP packets to a specific group of open listening ports on a targeted device. An exploit could…
Description: The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. Impact: Attackers can exploit this issue to execute arbitrary code on the affected system.Versions prior to Symantec Messaging Gateway 10.6.3-266 are vulnerable. Mitigation: Updates are available. Please check…
Description: Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an attacker to execute code remotely on a target system when the Windows font library fails to properly handle specially crafted embedded fonts, aka “Express Compressed Fonts Remote Code Execution Vulnerability.” Impact: An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts…
Description: The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected. Impact: Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Linux Kernel 4.11.5 is vulnerable; other versions may also be…
Description: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. Impact: Successful exploits may allow attackers to execute arbitrary code in context of the application. Failed exploits may result in denial-of-service conditions. Mitigation: Updates…
Description: A kernel data leak due to an out-of-bound read was found in Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since v4.7-rc1 upto v4.13 including. A data leak happens when these functions fill in sockaddr data structures used to export socket’s diagnostic information. As a result upto 100 bytes of the slab data could be leaked to a userspace. Impact: Local attackers can exploit…
Description: AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971. Impact: Remote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Mitigation: Updates are available. Please check specific vendor advisory for more information….
Description: udevd in udev 232, when the Linux kernel 4.8.0 is used, does not properly verify the source of a Netlink message, which allows local users to execute arbitrary commands by leveraging access to the NETLINK_KOBJECT_UEVENT family, and the presence of the /lib/udev/rules.d/50-udev-default.rules file, to provide a crafted REMOVE_CMD value. Impact: Local attackers may exploit this issue to execute arbitrary commands with elevated privileges. Mitigation:…
Description: A privilege escalation vulnerability was found in nagios that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It’s possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change. Impact: A local attacker may exploit this issue to gain elevated root privileges on the affected…
Description: The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP – Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must…
Description: BIND is open source software that enables you to publish your Domain Name System (DNS) information on the Internet, and to resolve DNS queries for your users. An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND…
Description: BIND is open source software that enables you to publish your Domain Name System (DNS) information on the Internet, and to resolve DNS queries for your users. An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully…
Description: Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for…
Description: Drupal 8.3.7 is a maintenance release which contain fixes for security vulnerabilities. Updating your existing Drupal 8 sites is strongly recommended. This release fixes security issues only; there are no new features nor non-security-related bug fixes in this release. Impact: A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. Mitigation: Updates are available. Please check specific vendor advisory for more…
Description: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. Impact: An attacker who successfully exploited the vulnerability could take control…
Description: Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb17-23.html https://helpx.adobe.com/security/products/acrobat/apsb17-24.html https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html
Description: Microsoft releases security updates for August 17. This release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft SharePoint Adobe Flash Player Microsoft SQL Server Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/b3d96835-f651-e711-80dd-000d3a32fc99
Description: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. Impact: An attacker can exploit this issue to cause a local denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference…
Description: Oracle MySQL Server is prone to a remote security vulnerability in MySQL Server. The vulnerability can be exploited over the ‘MySQL’ protocol. The ‘Server: DML’ sub component is affected. This vulnerability affects the following supported versions: 5.7.18 and prior 5.5.56 and prior 5.6.36 and prior Impact: Remote Security Vulnerability. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.securityfocus.com/bid/99767/info…
Description: Adobe Acrobat and Reader are prone to multiple unspecified memory-corruption vulnerabilities. Adobe recommends users update their software installations to the latest versions by following the instructions below. The latest product versions are available to end users via one of the following methods: Users can update their product installations manually by choosing Help > Check for Updates. The products will update automatically, without requiring user…
Description: Google chrome before version 60.0.3112.78 for Windows, Mac, and Linux has multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Impact: Attackers can exploit these issues to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html
Description: An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. Impact: An attacker who exploited the vulnerability could use the information to compromise the user’s computer…
Description: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference…
Description: Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or…
Description: An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the “Intel Graphics Driver” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Impact: Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may…
Description: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Impact: An attacker can exploit these issues…
Description: The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact. Impact: An attacker can exploit this issue to cause denial-of-service condition. Mitigation: Updates are available. Please check…
Description: The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device. Impact: A local attacker can exploit this issue to cause a denial-of-service condition. Linux Kernel 4.10.7 and prior versions are vulnerable. Mitigation: Updates are available. Please…
Description: In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. Impact: Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions….
Description: While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby…
Description: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface. Impact: An attacker can exploit this issue to cause a local denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for…
Description: Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus’ Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in ‘enc_part’ instead of the unencrypted version stored in ‘ticket’. Use of the unencrypted version provides an opportunity for successful server impersonation…
Description: A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors. Impact: Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Mitigation: Updates are available….
Description: glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and…
Description: Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the “Broadpwn” issue. Impact: Broadcom Wi-Fi chips embedded in Android and iOS devices are vulnerable to a bug that allows an attacker to execute code on their devices, without any interaction needed from the user. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s:…
Description: The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function. Impact: Attackers can exploit this issue to crash the QEMU instance, resulting in a…
Description: git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a – (dash) character. Impact: Remote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized…
Description: There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private…
Description: A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to insufficient validation of user-supplied input on the web interface. An attacker could exploit this vulnerability by authenticating to the affected device and performing…
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Below versions are affected: PHP 5.6 prior to 5.6.31 PHP 7.0 prior to 7.0.21…
Description: A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box. Impact: Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. Microsoft Skype…
Description: Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225. Impact: A guest may cause a hypervisor crash, resulting in a Denial of Service (DoS). Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://xenbits.xen.org/xsa/advisory-225.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10923
Description: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2. Impact: For the worst issue, a PV guest could gain a writeable mapping of its own pagetable, allowing it…
Description: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. Impact: A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://xenbits.xen.org/xsa/advisory-217.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-10912
Description: The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://struts.apache.org/docs/s2-048.html http://blog.trendmicro.com/trendlabs-security-intelligence/examining-cve-2017-9791-new-apache-struts-remote-code-execution-vulnerability/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9791 http://www.securityfocus.com/bid/99484/info
Description: An open redirect vulnerability exists in Microsoft Exchange that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. When an authenticated Exchange user clicks the link, the authenticated user’s browser session could be redirected to a malicious site that is designed to impersonate a legitimate…
Description: Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka “Microsoft Exchange Cross-Site Scripting Vulnerability”. This CVE ID is unique from CVE-2017-8559. Impact: Attackers can exploit this issue to gain elevated privileges. Mitigation: Updates are available….
Description: An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information. Impact: Attackers can exploit this issue to gain elevated privileges. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference…
Description: Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. Impact: Attackers can exploit this issue to obtain sensitive information or may crash the application resulting in a denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for more information….
Description: Oracle has released advance notification regarding the July 2017 Critical Patch Update (CPU) to be released on July 18, 2017. The update addresses 315 vulnerabilities affecting the following software: Oracle Database Server, versions 11.2.0.4, 12.1.0.2, 12.2.0.1 Oracle REST Data Services, versions prior to 3.0.10.25.02.36 Oracle API Gateway, version 11.1.2.4.0 Oracle BI Publisher, versions 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0, 12.2.1.2.0 Oracle Business…
Description: Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka “Win32k Elevation of Privilege Vulnerability”. This CVE ID is unique from CVE-2017-8578, CVE-2017-8580,…
Description: Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka “Win32k Elevation of Privilege Vulnerability”. Impact: A local attacker can exploit this issue to…
Description: Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka “Windows Kernel Elevation of Privilege Vulnerability”. Impact: An attacker can exploit this issue to execute arbitrary code with elevated privileges. Mitigation: Updates…
Description: Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files, aka “WordPad Remote Code Execution Vulnerability”. Impact: Successfully exploiting this issue may result in the…
Description: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka “Windows Search Remote Code Execution Vulnerability”. Impact: Successfully exploiting this issue may result in…
Description: Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka “Windows PowerShell Remote Code Execution Vulnerability”. Impact: Successfully exploiting this issue may result in the execution of…
Description: Microsoft Edge in Windows 10 1703 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka “Microsoft Edge Remote Code Execution Vulnerability.” Impact: Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Mitigation: Updates are available. Please check…
Description: HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memory, aka “Https.sys Information Disclosure Vulnerability”. Impact: Attackers can exploit this issue to obtain sensitive information that…
Description: Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability. Impact: Denial of Service Vulnerability Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8585 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8585
Description: Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and shares during rename operations, aka “Windows Explorer Remote Code Execution Vulnerability”. Impact: Attackers can…
Description: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol, aka “Windows Elevation of Privilege Vulnerability”. Impact: An attackers…
Description: Some Huawei products as listed below : FusionCompute V100R003C10SPC600 V100R005C00 V100R005C10 V100R005C10U1_B1075917 LogCenter V100R001C10 RH2288 V2 V100R002C00 eLog V200R003C10 V200R003C20 eSight V300R003C20 V300R005C00SPC200 (for full list, be advised to visit specific vendor listed URLs given below) The above listed versions are vulnerable for Dirty COW (CVE-2016-5195) exploit. Impact: An attacker can exploit this vulnerability to escalate the privilege levels to obtain administrator privilege. Mitigation:…
Description: Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for more information….
Description: Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. Impact: An attacker can exploit this issue to…
Description: Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer…
Description: Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition. Impact: An attackers may exploit these issues to gain elevated privileges. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.cvedetails.com/cve/CVE-2016-8796/ http://www.securityfocus.com/bid/94405/info http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-firewall-en
Description: Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command’s parameters, and run this injected command with root privilege. Impact: An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.cvedetails.com/cve/CVE-2016-8801/ http://www.securityfocus.com/bid/94832/info http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161207-01-storage-en
Description: Vulnerability in the Oracle API Gateway component of Oracle Fusion Middleware (subcomponent: Oracle API Gateway). The supported version that is affected is 11.1.2.4.0. Easily “exploitable” vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle API Gateway. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification…
Description: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). For supported versions that are affected see note. Easily “exploitable” vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Solaris. Note: CVE-2017-3623 is assigned…
Description: Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users…
Description: RoundCube Webmail is prone to multiple privilege escalation vulnerabilities. RoundCube Webmail versions prior to 1.0.11, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5 are vulnerable. Impact: An attackers may exploit these issues to gain elevated privileges. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: http://www.securityfocus.com/bid/98445/info https://roundcube.net/news/2017/04/28/security-updates-1.2.5-1.1.9-and-1.0.11
Description: The WP Statistics plugin for WordPress is prone to an unspecified cross-site-scripting vulnerability because it fails to sufficiently sanitize user-supplied input. Impact: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Versions prior…
Description: The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an…
Description: An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Impact: A server that relies solely on TSIG keys with no other address-based ACL protection could be vulnerable to malicious…
Description: An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of…
Description: Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka “Office Remote Code Execution Vulnerability”. This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281. Impact: An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely…
Description: The flaw was discovered last month by security researchers from Qualys, who worked with various vendors to make sure patches are available before going public with their findings. According to Qualys researchers, the issue affects a host of *NIX systems, such as Linux, OpenBSD, NetBSD, FreeBSD, and Solaris. Researchers only tested Stack Clash on the i386 and amd64 platforms, and they don’t exclude that…
Description: In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. Impact: Attackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Mitigation: Upgrade to Wireshark 2.2.7 or later. Reference URL’s: http://www.securityfocus.com/bid/98800/info http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9347 https://www.wireshark.org/security/wnpa-sec-2017-31.html
Description: Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations. Impact: An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit…
Description: The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. Impact: Attackers can exploit this issue to crash the affected application, resulting in a denial-of-service condition. Mitigation: Updates are…
Description: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily “exploitable” vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. Impact: A local attacker may exploit this issue to gain elevated…
Description: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). Easily “exploitable” vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Solaris. Impact: An attacker can exploit this issue to execute arbitrary code within…
Description: When determining tty, Sudo does not correctly parse the contents of /proc/[pid]/ stat, local attackers may use this method to overwrite any file on the file system, bypassing expected permissions or getting the root shell. Impact: Local attackers could exploit this issue to run arbitrary commands with root privileges. Sudo versions 1.8.6p7 through 1.8.20 are vulnerable. Mitigation: Updates are available. Please see the references…
Description: The TLS session cache in FreeRADIUS before 3.0.14 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS. Impact: An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. FreeRADIUS versions prior to 3.0.14 are vulnerable. Mitigation: Updates…
Description: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. Impact: Attackers can exploit this issue to cause the kernel to enter into an infinite loop which may cause denial-of-service conditions. Mitigation: Updates are available. Please see the references…
Description: On Juniper Networks EX Series Ethernet Switch, running affected Junos OS versions, has been discovered with a vulnerability in IPv6 processing that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. A malicious network-based packet flood of these crafted IPv6 NDP packets may eventually lead to resource exhaustion and a…
Description: All versions of Samba from 3.5.0 onward are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Impact: Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Mitigation:…
Description: Vanilla Forums software (including the latest stable version of 2.3 in its default configuration) is affected by * Host Header Injection CVE-2016-10073 which can be exploited by unauthenticated remote attackers to potentially intercept password reset hash and gain unauthorized access to the victim account or perform web-cache poisoning attacks. Impact: With victim user interaction, attacker could potentially intercept the password reset hash. This vulnerability…
Description: LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. Impact: As an impact it is known to affect confidentiality, integrity, and availability. Mitigation: Updates are available. Please see the references for more information. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8358 https://www.libreoffice.org/about-us/security/advisories/ https://security-tracker.debian.org/tracker/CVE-2017-8358 https://access.redhat.com/security/cve/cve-2017-8358 https://bugzilla.redhat.com/show_bug.cgi?id=1447279 https://www.suse.com/security/cve/CVE-2017-8358/
Description: SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. The vulnerability is caused by a new component, com_fields, which was introduced in version 3.7. Impact: An SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites. Mitigation: Upgrade to version 3.7.1. Please check specific vendor advisory…
Description: WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of…
Description: Microsoft Windows SMB Server is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Related CVE’s: CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148 Vulnerable Versions: Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012…
Description: SquirrelMail versions 1.4.22 and below are vulnerable to a command-line argument injection exploit that could allow arbitrary code execution if $edit_identity and $useSendmail are enabled and user has knowledge of the location and permissions on the SquirrelMail attachment directory. Impact: Successful exploit allows an attacker to inject and execute arbitrary commands in context of the affected application. Squirrelmail version 1.4.22 and prior are vulnerable….
Description: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacks certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. Impact: Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks….
Description: Cyber security researchers from IOActive said in an advisory that after reverse engineering, the router firmware they identified total of 10 security vulnerabilities, ranging from low-to-high risk issues, six of which can be exploited remotely by unauthenticated attackers. Impact: Because of these vulnerabilities, it allows unauthenticated attackers to create a Denial-of-Service (DoS) condition on the router. Attackers can also bypass the authentication protecting the…
Description: The Drupal security team has discovered a critical vulnerability in a third-party module named References. Although this module is no longer maintained, it is currently used within over 120,000 installations. Impact: The Drupal security team did not disclose the technical details about the vulnerability in order to avoid the exploitation of the flaw in the wild. Mitigation: As per drupal.org official page information, if…
Description: The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by triggering a DNS request from the Cisco ASA Software and replying with a crafted response. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Only traffic directed to…
Description: The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exploit this vulnerability by sending a crafted packet to the affected system. Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be…
Description: The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by…
Description: The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4…
Description: The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically. Related CVE: CVE-2017-3808 Impact: A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified…
Description: The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Related CVE: CVE-2016-6368…
Description: These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Related CVE ID(s): CVE-2017-3860, CVE-2017-3861, CVE-2017-3862,…
Description: The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka “Windows GDI Elevation of Privilege Vulnerability.” This vulnerability is different from those described in CVE-2017-0001,…
Description: Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability.” This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037. Internet Explorer 9, 10 and 11 are vulnerable. Impact: Attackers can exploit this issue to execute arbitrary code in the context…
Description: This vulnerability allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a document containing an embedded exploit. The vulnerability affects Microsoft Office, including the latest Office 2016 edition running on Windows 10. Impact: Researchers has observed Office documents exploiting CVE-2017-0199 that download and execute malware payloads from different well-known malware families. Mitigation: Updates are…
Description: The vulnerability is due to incomplete IPv6 UDP header validation. An attacker could exploit this vulnerability by sending a crafted IPv6 UDP packet to a specific port on the targeted device. An exploit could allow the attacker to impact the availability of the device as it could unexpectedly reload. Impact: Attackers can exploit this issue to cause denial-of-service conditions. Mitigation: Cisco has released software…
Description: The vulnerability is due to the existence of default credentials for an affected device that is running Cisco Mobility Express Software, regardless of whether the device is configured as a master, subordinate, or standalone access point. An attacker who has layer 3 connectivity to an affected device could use Secure Shell (SSH) to log in to the device with elevated privileges. A successful exploit…
Description: The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition. Impact: Attackers can exploit this issue to reload the affected device, denying service to legitimate…
Description: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. Impact: Local attackers may exploit…
Description CVE-2017-7269: Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with “If: <http://” in a PROPFIND request, as exploited in the wild in July or August 2016. Impact: Attackers can exploit this issue to execute arbitrary code in the…
Description: Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. Impact: Local attackers may exploit this issue to gain elevated privileges. Mitigation: Updates are available. Please check the respective vendor advisory for more information. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2636 https://access.redhat.com/security/cve/cve-2017-2636 https://security-tracker.debian.org/tracker/CVE-2017-2636 https://kalilinux.co/2017/03/17/cve-2017-2636-linux-kernel-flaw-can-local-privilege-escalation/#.WM-uEmclHIU
Description CVE-2017-3881: Cisco is warning of a new critical IOS / IOS XE vulnerability that affects more than 300 of its switch models. A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. Impact: An…
Description: The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017. Impact: This vulnerability allows for unauthenticated, remote code execution on the server. Mitigation: Upgrade to Struts 2.3.32 or Struts 2.5.10.1…
Description: Cross-site scripting (XSS) via media file metadata. Control characters can trick redirect URL validation Unintended files can be deleted by administrators using the plugin deletion functionality Cross-site scripting (XSS) via video URL in YouTube embeds. Cross-site scripting (XSS) via taxonomy term names. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources Impact: Intruder may perform malicious activity by exploiting…
Description: In Roundcube 1.2.2 and earlier, user-controlled input flows unsanitized into the fifth argument of a call to PHP’s built-in function mail() which is documented as security critical. The problem is that the invocation of the mail() function will cause PHP to execute the sendmail program. The fifth argument allows to pass arguments to this execution which allows a configuration of sendmail. Since sendmail offers…
CVE-2016-0028: Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka “Microsoft Exchange Information Disclosure Vulnerability.” Impact: An attacker can exploit this issue to conduct spoofing attacks…
Description: CVE-2016-1531: Exim before 4.86.2, when installed as setuid root, allows local users to gain privileges via the perl_startup argument. Impact: When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges. Mitigation: Vendor has released patch version. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531 https://www.exim.org/static/doc/CVE-2016-1531.txt https://github.com/Exim/exim/wiki/EximSecurity
Description: CVE-2013-7091: Directory traversal vulnerability on /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: This can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API. Impact: An attacker can exploit this vulnerability to obtain potentially sensitive information like LDAP root credentials and execute arbitrary…
Description: CVE-2016-0728: The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. Impact: Local attackers may exploit this issue to gain root privileges. Mitigation: Vendor has released patch version. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0728 https://access.redhat.com/security/cve/cve-2016-0728 https://security-tracker.debian.org/tracker/CVE-2016-0728 https://www.suse.com/security/cve/CVE-2016-0728/
Description: CVE-2016-3081: Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2 and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled allows remote attackers to execute arbitrary code via method: prefix, related to chained expressions. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Mitigation: Vendor has…
Description: CVE-2016-8740: The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. Impact: Apache HTTPD Server 2.4.17 through 2.4.23 are vulnerable, remote attackers can exploit this issue to exhaust the memory,…
Description: CVE-2016-10033: The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \” (backslash double quote) in a crafted Sender property. CVE-2016-10045: The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary…
Description: CVE-2016-4010: Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data. Impact: Magento e-commerce platform is vulnerable to an unauthenticated arbitrary file write vulnerability. Attackers can exploit this issue to gain administrative access to the application. Mitigation: Vendor has released patch version. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4010 https://www.trendmicro.com/vinfo/us/threat-encyclopedia/vulnerability/9855/magento-unauthenticated-arbitrary-unserializearbitrary-write-file-vulnerability-cve20164010 http://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/ https://magento.com/security/patches/magento-206-security-update
Description: CVE-2016-8869: The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. CVE-2016-8870: The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create…
Description: httpoxy is a set of vulnerabilities that affect application code running in CGI or CGI-like environments. It comes down to a simple namespace conflict: RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY HTTP_PROXY is a popular environment variable used to configure an outgoing proxy Impact: Drupal 8 uses the third-party PHP library Guzzle for making…
Description: The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys. Impact: A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. Depending on the content of the requests this can lead…
Description: The user interface for assigning taxonomy terms in Press is shown to users who do not have permissions to use it. WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue. A cross-site scripting (XSS) vulnerability was discovered in the posts list table. An unauthenticated privilege escalation vulnerability was discovered in a REST…
Description: WordPress plugin NextGEN Gallery has severe SQL Injection vulnerability. According to the original source, one of the following conditions must be met for exploitation: The use of a NextGEN Basic TagCloud gallery. If users are able to submit posts to be reviewed (contributors). Impact: This vulnerability allows an unauthenticated user to grab data from the victim’s website database including sensitive user information. Mitigation: Vendor…
CVE-2016-0099: The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka “Secondary Logon Elevation of Privilege Vulnerability.” Mitigation: Microsoft has released patches…
CVE-2016-5195: Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.” Mitigation: Updates are available. Please check vendor advisory for more information. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195 https://dirtycow.ninja/ https://access.redhat.com/security/cve/cve-2016-5195 https://access.redhat.com/security/vulnerabilities/DirtyCow https://security-tracker.debian.org/tracker/CVE-2016-5195
The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on locally and runs arbitrary code in kernel mode. An attacker could then install programs, view, change or delete data or create new accounts with full user rights. Mitigation: Microsoft has released patches for Windows Platform. Reference URL’s: http://www.cvedetails.com/cve/cve-2015-1676 http://www.cvedetails.com/cve/cve-2015-1677 http://www.cvedetails.com/cve/cve-2015-1678 http://www.cvedetails.com/cve/cve-2015-1679 http://www.cvedetails.com/cve/cve-2015-1680 http://www.cvedetails.com/cve/cve-2015-1701 https://technet.microsoft.com/library/security/MS15-051 https://support.microsoft.com/en-us/help/3057191/ms15-051-vulnerabilities-in-windows-kernel-mode-drivers-could-allow-information-disclosure-may-12,-2015
New CVE-2017-6074 Linux local root exploit was published. CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. Mitigation: Recent versions of the SELinux policy can mitigate this flaw….
ISC announced CVE-2017-3135, a denial-of-service vulnerability that can affect resolvers using both DNS64 and RPZ to rewrite responses for the same view. This affects all BIND 9.9 releases since 9.9.3, all BIND 9.10 releases, and all BIND 9.11 releases, including the 9.9.10b1, 9.10.5b1, and 9.11.1b1 releases. Mitigation: Upgrade to the patched release most closely related to your current version of BIND. These can all be…
Researchers at Proofpoint discovered an infection technique which targets only chrome users on Windows. The Chrome users are targeted with Font Wasn’t Found Social Engineering Scheme if they navigate to a compromised website through search engines. Once users runs the downloaded file dubbed as “Chrome_Font.exe”, it gets installed and infects the user system. Upon infection, the computer will start browsing in the background on its…
