[CERT-daily] Tageszusammenfassung - 06.05.2022

Fri May 6 18:09:14 CEST 2022

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 05-05-2022 18:00 − Freitag 06-05-2022 18:00
Handler:     Michael Schlagenhaufer
Co-Handler:  Thomas Pribitzer

=====================
=       News        =
=====================

∗∗∗ New Raspberry Robin worm uses Windows Installer to drop malware ∗∗∗
---------------------------------------------
Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/new-raspberry-robin-worm-uses-windows-installer-to-drop-malware/


∗∗∗ Tipps zur Passwortsicherheit am World Password Day ∗∗∗
---------------------------------------------
Heute jährt sich der Welt-Passwort-Tag. Was können Sie tun, um sich online bestmöglich zu schützen? Hier finden Sie Tipps und Tricks für den sicheren Umgang mit Ihren Daten!
---------------------------------------------
https://www.watchlist-internet.at/news/tipps-zur-passwortsicherheit-am-world-password-day/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ ClamAV 0.105.0, 0.104.3, 0.103.6 released ∗∗∗
---------------------------------------------
Today, were also publishing the 0.104.3 and 0.103.6 security patch versions, including several CVE fixes.
---------------------------------------------
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html


∗∗∗ Schadcode-Attacken auf Videoüberwachungssystem und NAS von Qnap möglich ∗∗∗
---------------------------------------------
Wichtige Sicherheitsupdates schließen mehreren Lücken in Netzwerkprodukten von Qnap.
---------------------------------------------
https://heise.de/-7077449


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (dpdk, mruby, openjdk-11, and smarty3), Oracle (thunderbird), Red Hat (thunderbird), SUSE (chromium, libvirt, python-Twisted, and tar), and Ubuntu (cron and jbig2dec).
---------------------------------------------
https://lwn.net/Articles/894141/


∗∗∗ Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-speech-services-cartridge-for-ibm-cloud-pak-for-data-is-affected-but-not-classified-as-vulnerable-by-a-remote-code-execution-in-spring-framework-cve-2022-22965/


∗∗∗ Security Bulletin: Rational Asset Analyzer is affected by two WebSphere Application Server vulnerabilities (CVE-2018-25031, CVE-2021-46708) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-two-websphere-application-server-vulnerabilities-cve-2018-25031-cve-2021-46708/


∗∗∗ Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2022-23772 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-platform-navigator-and-automation-assets-in-ibm-cloud-pak-for-integration-are-vulnerable-to-denial-of-service-due-to-go-cve-2022-23772/


∗∗∗ Security Bulletin: TS3000 (TSSC/IMC) is vulnerable to privilege escalation vulnerability due to polkit ( CVE-2021-4034 ) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ts3000-tssc-imc-is-vulnerable-to-privilege-escalation-vulnerability-due-to-polkit-cve-2021-4034/


∗∗∗ Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-assistant-for-ibm-cloud-pak-for-data-is-affected-but-not-classified-as-vulnerable-by-a-remote-code-execution-in-spring-framework-cve-2022-22965/


∗∗∗ Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution with IBM WebSphere Application Server (CVE-2021-23450). ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-speech-services-cartridge-for-ibm-cloud-pak-for-data-is-vulnerable-to-arbitrary-code-execution-with-ibm-websphere-application-server-cve-2021-23450/


∗∗∗ Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2021-44716 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-platform-navigator-and-automation-assets-in-ibm-cloud-pak-for-integration-are-vulnerable-to-denial-of-service-due-to-go-cve-2021-44716/


∗∗∗ Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability (CVE-2022-22310). ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-a-websphere-application-server-vulnerability-cve-2022-22310/


∗∗∗ Security Bulletin: A vulnerability in IBM® SDK, Java™ may affect Rational Asset Analyzer (CVE-2021-35550) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-sdk-java-may-affect-rational-asset-analyzer-cve-2021-35550/


∗∗∗ Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-vulnerable-to-multiple-vulnerabilities-2/


∗∗∗ Security Bulletin: Vulnerability CVE-2021-39023 in IBM Guardium Data Encryption (GDE) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-cve-2021-39023-in-ibm-guardium-data-encryption-gde/


∗∗∗ Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote attack due to Go CVE-2021-44717 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-platform-navigator-and-automation-assets-in-ibm-cloud-pak-for-integration-are-vulnerable-to-remote-attack-due-to-go-cve-2021-44717/


∗∗∗ Security Bulletin: IBM Guardium Data Encryption is vulnerable to missing data encoding issue (CVE-2021-39027) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-guardium-data-encryption-is-vulnerable-to-missing-data-encoding-issue-cve-2021-39027/


∗∗∗ Security Bulletin: A vulnerability in IBM® SDK, Java™ affects Rational Asset Analyzer (CVE-2021-35603) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-sdk-java-affects-rational-asset-analyzer-cve-2021-35603/


∗∗∗ Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to attack under error due to Go CVE-2022-23773 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-platform-navigator-and-automation-assets-in-ibm-cloud-pak-for-integration-are-vulnerable-to-attack-under-error-due-to-go-cve-2022-23773/


∗∗∗ Security Bulletin: API Connect V10 is vulnerable to a remote code execution in Spring Framework (CVE-2022-22965) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-v10-is-vulnerable-to-a-remote-code-execution-in-spring-framework-cve-2022-22965/


∗∗∗ K52379673: Linux kernel vulnerability for CVE-2021-4083 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K52379673


∗∗∗ K50899356: file vulnerability CVE-2018-10360 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K50899356


∗∗∗ poppler: Schwachstelle ermöglicht Denial of Service ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K22-0545


∗∗∗ Foxit Reader: Schwachstelle ermöglicht Denial of Service ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K22-0544


∗∗∗ Johnson Controls Metasys ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-22-125-01

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily