[CERT-daily] Tageszusammenfassung - 04.03.2020

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 03-03-2020 18:00 − Mittwoch 04-03-2020 18:00
Handler:     Thomas Pribitzer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Achtung: Lets Encrypt macht Mittwochnacht 3 Millionen Zertifikate ungültig ∗∗∗
---------------------------------------------
Webadmins aufgepasst: Wer jetzt seine Lets-Encrypt-Zertifikate nicht erneuert, könnte Donnerstag früh verunsicherte Nutzer auf der Matte stehen haben.
---------------------------------------------
https://heise.de/-4676017


∗∗∗ Ransomware Attackers Use Your Cloud Backups Against You ∗∗∗
---------------------------------------------
Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/


∗∗∗ ACSC Releases Securing Content Management Systems Guide ∗∗∗
---------------------------------------------
The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide outlining strategies for identifying and minimizing risks to web servers from installed content management systems (CMS).
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2020/03/04/acsc-releases-securing-content-management-systems-guide


∗∗∗ A Zero-Day Homograph Domain Name Attack ∗∗∗
---------------------------------------------
What started as almost casual research in November 2019 and disclosed to various vendors as a vulnerability in November and December 2019 and January 2020 was abruptly reclassified and treated as a zero-day vulnerability on February 13, 2020.
---------------------------------------------
https://www.securityweek.com/zero-day-homograph-domain-name-attack


∗∗∗ Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums ∗∗∗
---------------------------------------------
Impacted projects include WordPress, Concrete5, Composr, SilverStripe, ZenCart, and others.
---------------------------------------------
https://www.zdnet.com/article/academics-find-30-file-upload-vulnerabilities-in-23-web-apps-cmses-and-forums/


∗∗∗ Voice assistants can be hacked with ultrasonic waves ∗∗∗
---------------------------------------------
With access to text messages and the ability to make fraudulent phone calls, attackers could wreak more damage than youd think
---------------------------------------------
https://www.welivesecurity.com/2020/03/04/voice-assistants-hacked-ultrasonic-waves/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Emerson ValveLink ∗∗∗
---------------------------------------------
This advisory contains mitigations for an improper access control vulnerability in Emersons ValveLink digital valve controllers.
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-063-01


∗∗∗ PHOENIX CONTACT Emalytics Controller ILC ∗∗∗
---------------------------------------------
This advisory contains mitigations for an incorrect permission assignment for critical resource vulnerability in Phoenix Contacts Emalytics Controller modular inline devices.
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-063-02


∗∗∗ Omron PLC CJ Series ∗∗∗
---------------------------------------------
This advisory contains mitigations for an uncontrolled resource consumption vulnerability in Omrons PLC CJ Series programmable logic controllers.
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-063-03


∗∗∗ Moxa AWK-3131A Series Industrial AP/Bridge/Client ∗∗∗
---------------------------------------------
This advisory contains mitigations for several vulnerabilities in Moxas AWK-3131A wireless networking appliance.
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-063-04


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (libzypp), Fedora (opensmtpd and thunderbird), openSUSE (nodejs8), Red Hat (http-parser, kpatch-patch, and xerces-c), SUSE (cloud-init, compat-openssl098, kernel, postgresql96, python, and yast2-rmt), and Ubuntu (python-django and rake).
---------------------------------------------
https://lwn.net/Articles/813797/


∗∗∗ Cisco Security Advisories ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/publicationListing.x


∗∗∗ Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-susceptible-to-http2-implementation-vulnerabilities/


∗∗∗ Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by a vulnerability in libssh2 (CVE-2016-0787) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-module-ii-imm2-is-affected-by-a-vulnerability-in-libssh2-cve-2016-0787/


∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (February 2020v3) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-february-2020v3/


∗∗∗ Security Bulletin: Vulnerability in Apache Commons Beanutils library affect IBM Cúram Social Program Management (CVE-2019-10086) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-commons-beanutils-library-affect-ibm-cram-social-program-management-cve-2019-10086/


∗∗∗ Security Bulletin: A security vulnerability has been addressed in IBM Security Privileged Identity Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-addressed-in-ibm-security-privileged-identity-manager/


∗∗∗ Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in OpenSSL (CVE-2012-4929) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-module-ii-imm2-is-affected-by-vulnerability-in-openssl-cve-2012-4929/


∗∗∗ Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by a vulnerability with the IPv6 networking support (CVE-2015-2922) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-module-ii-imm2-is-affected-by-a-vulnerability-with-the-ipv6-networking-support-cve-2015-2922/


∗∗∗ Security Bulletin: IBM Security Privileged Identity Manager is affected by a security vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-a-security-vulnerability/


∗∗∗ Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Oct 2019 – Includes Oracle Oct 2019 CPU minus CVE-2019-2949 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-oct-2019-includes-oracle-oct-2019-cpu-minus-cve-2019-2949/


∗∗∗ HPESBHF03987 rev.1 - HPE OneView Global Dashboard (OVGD), Remote Information Disclosure ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03987en_us


∗∗∗ Red Hat OpenShift Container Platform: Mehrere Schwachstellen ermöglichen Privilegieneskalation ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0189

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily