The US Cybersecurity and Infrastructure Security Agency (CISA) has added two privilege elevation vulnerabilities – one in Microsoft Exchange Server and one in Windows – to its Known Exploited Vulnerabilities (KDEV) Catalog. US Federal Civilian Executive Branch Agencies have until January 31 to mitigate the flaws. Note CVE-2022-41080 – an Exchange privilege escalation flaw from …
Vulnerabilities
Cisco has published an advisory alerting users to vulnerabilities in some of its small business routers. The flaws, an authentication bypass vulnerability and a remote commend execution vulnerability, affect Cisco Small Business RV016, RV042, RV042G, and RV082 routers. Cisco will not release updates to address the flaws. Note Cisco last sold these devices in 2016. …
An architectural vulnerability in more than 100 models of Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) could be exploited to install firmware and bypass all protected boot features. Because of the nature of the flaw, it cannot be fixed with a software patch. Siemens notes that exploiting the flaw requires physical access to …
Fortinet says that an unknown threat actor exploited a critical flaw in its FortiOS SSL-VPN to infect systems at government and government-related organizations. Fortinet released a fix for the heap-based buffer overflow vulnerability (CVE-2022-42475) late last year. FortiOS SSL-VPN version 7.2.8 was released at the end of November; Fortinet published an advisory on December 12. …
Hackers are exploiting a known critical vulnerability in the Web Control Panel web hosting interface. The unauthenticated remote code execution flaw was patched in October 2022; users are urged to update to version 0.9.8.1147 or later. Note This is an attack on “CentOS Web Panel,” which is a very analogous project to the classic “Webmin” …
On Tuesday, January 10, Microsoft released fixes for nearly 100 vulnerabilities. One of the flaws, a privilege elevation vulnerability in Windows Advanced Local Procedure Call (ALPC), is being actively exploited. The vulnerability could lead to a browser sandbox escape and be exploited to gain system privileges. Eleven of the vulnerabilities are deemed critical; the others …
Updated on 2023-01-09: Hitachi Energy Vulnerabilities The US Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control System (ICS) advisories regarding vulnerabilities in Hitachi Energy products. The flaws affect Hitachi Energy UNEM, Hitachi Energy FOXMAN-UN, and Hitachi Energy Lumada Asset Performance Management. Hitachi has addressed the vulnerabilities and urges users to update to …
Updated on 2023-01-09: Security Flaws Affect Millions of Cars Researchers have detected security bugs affecting vehicles from 16 companies in the automotive industry. The flaws could be exploited to lock and unlock cars, to start and stop engines, take over accounts, execute code remotely, and track the location of vehicles, and conduct other troublesome activity. …
In December, Auth0 released an updated version of JsonWebToken open source library to address a remote code execution vulnerability. The flaw was detected by researchers at Palo Alto Networks Unit 42; they reported the issue to Auth0 in July. Users are urged to update to JsonWebToken version 9.0.0 or newer. Note Interesting vulnerability, in particular …
Updated on 2023-01-05: New WordPress backdoor Dr.Web researchers have found a new exploit tool designed to attack WordPress sites, infect them with a backdoor, and then inject malicious scripts in their codebase. The malware targets vulnerabilities in more than 30 WordPress themes and plugins and exclusively targets Linux-based servers. Read more: Linux backdoor malware infects …
Updated on 2022-12-30 The US Cybersecurity and Infrastructure Security Agency (CISA) has added two JasperReports vulnerabilities to its known exploited vulnerabilities catalog: CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9). The flaws were disclosed in 2018; fixes are available for both flaws. CISA says it has become aware that the vulnerabilities – an information …
National Cyber Awareness System CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA Releases Three Industrial Systems Control Advisories Fortinet Releases Security Updates for FortiADC Ubuntu Security Notices USN-5794-1: Linux kernel (AWS) vulnerabilities USN-5793-1: Linux kernel vulnerabilities USN-5792-1: Linux kernel vulnerabilities USN-5791-1: Linux kernel vulnerabilities USN-5790-1: Linux kernel vulnerabilities USN-5789-1: Linux kernel (OEM) vulnerabilities USN-5788-1: …
Updated on 2022-12-29 CVE-2022-23093 Arch Cloud Labs have published a breakdown of CVE-2022-23093, a vulnerability in the FreeBSD ping utility. Overview: FreeBSD vulnerability The FreeBSD project has issued a rare security advisory, this time for a vulnerability in the ping utility (CVE-2022-23093). Probably not that bad, though. “The memory safety bugs described above can be …
Updated on 2022-12-22: macOS Gatekeeper bypass Microsoft has published a write-up on another macOS Gatekeeper bypass found by its MSTIC team. I don’t know how I feel about Microsoft’s security teams sifting through Apple’s products when their Exchange servers keep getting ransomed left and right. Read more: Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability Overview: …
The US Cybersecurity and Infrastructure Security Agency (CISA) has published three advisories regarding vulnerabilities in Rockwell Automation controllers. Rockwell has released updates to address two of the vulnerabilities: an improper access control issue in Rockwell Automation Studio 5000 Logix Emulate and an improper input validation issue in Rockwell Automation GuardLogix and ControlLogix controllers. Rockwell has …
