[CERT-daily] Tageszusammenfassung - 28.09.2023

Thu Sep 28 18:30:57 CEST 2023

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 27-09-2023 18:00 − Donnerstag 28-09-2023 18:00
Handler:     Michael Schlagenhaufer
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Researchers Release Details of New RCE Exploit Chain for SharePoint ∗∗∗
---------------------------------------------
One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.
---------------------------------------------
https://www.darkreading.com/vulnerabilities-threats/reseachers-release-details-of-new-rce-exploit-chain-for-sharepoint


∗∗∗ Unzählige Anwendungen betroffen: Chaos bei WebP-Lücke ∗∗∗
---------------------------------------------
Anfangs ordnete Google die Lücke aber nur dem hauseigenen Webbrowser Chrome zu. Mittlerweile hat Google sich aber korrigiert und für die alte Sicherheitslücke (CVE-2023-4863 "hoch") den neuen Eintrag CVE-2023-5129 mit einer kritischen Einstufung (CVSS Score 10 von 10) eingereicht. Dieser wurde aber bereits nach sechs Stunden durch Google als ungültig erklärt. Als Grund ist angegeben, dass der neue Eintrag sich mit dem alten Eintrag doppelt.
---------------------------------------------
https://www.heise.de/-9319783


∗∗∗ SMS Security & Privacy Gaps Make It Clear Users Need a Messaging Upgrade ∗∗∗
---------------------------------------------
Like any forty-year-old technology, SMS is antiquated compared to its modern counterparts. That’s especially concerning when it comes to security.
---------------------------------------------
http://security.googleblog.com/2023/09/sms-security-privacy-gaps-make-it-clear.html


∗∗∗ Mit Cloudflare Cloudflare umgehen ∗∗∗
---------------------------------------------
Von Cloudflare-Kunden konfigurierte Schutzmechanismen (z. B. Firewall, DDoS-Schutz) für Webseiten können aufgrund von Lücken in den mandantenübergreifenden Schutzmaßnahmen umgangen werden, wodurch Kunden potenziell Angriffen ausgesetzt sind, welche von Cloudflare verhindert werden sollten.
---------------------------------------------
https://certitude.consulting/blog/de/cloudflare-verwenden-um-cloudflare-zu-umgehen/


∗∗∗ TrendMicro veröffentlicht kritischen Patch für Apex One SP1 Build 12512 ∗∗∗
---------------------------------------------
Der kritische Patch beseitigt gleich mehrere Bugs, wovon einer verhindert, dass der Apex One-Server Virenerkennungsprotokolldaten von verwalteten Sicherheitsagenten empfangen kann.
---------------------------------------------
https://www.borncity.com/blog/2023/09/28/trendmicro-verffentlicht-kritischen-patch-fr-apex-one-sp1-build-12512/


∗∗∗ SSH keys stolen by stream of malicious PyPI and npm packages ∗∗∗
---------------------------------------------
A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/ssh-keys-stolen-by-stream-of-malicious-pypi-and-npm-packages/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Cisco Security Advisories 2023-09-27 ∗∗∗
---------------------------------------------
Cisco has published 15 security advisories: (1x Critical, 7x High, 6x Medium, 1x Informational)
---------------------------------------------
https://sec.cloudapps.cisco.com/security/center/Search.x?publicationTypeIDs=1&firstPublishedStartDate=2023%2F09%2F27&firstPublishedEndDate=2023%2F09%2F27


∗∗∗ Hoymiles: Bedrohliche Lücken in der S-Miles-Cloud ∗∗∗
---------------------------------------------
Ein Sicherheitsforscher hat sich Hoymiles Cloudservice genauer angesehen und Lücken gefunden, über die Wechselrichter sogar zerstört werden können.
---------------------------------------------
https://www.heise.de/-9319500


∗∗∗ Mozilla: Security Vulnerability fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox for Android 118.1.0, and Firefox Focus for Android 118.1.0. ∗∗∗
---------------------------------------------
CVE-2023-5217: Heap buffer overflow in libvpx. Impact: critical
---------------------------------------------
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/


∗∗∗ Google Chrome 117.0.5938.132 ∗∗∗
---------------------------------------------
Google hat zum 27. September 2023 Updates des Google Chrome Browsers 117 im Stable Channel für Mac, Linux und Windows freigegeben. Es ist ein Sicherheitsupdate, das ausgerollt werden und mehrere Schwachstellen (Einstufung teilweise als "hoch") beseitigen sollen.
---------------------------------------------
https://www.borncity.com/blog/2023/09/28/google-chrome-117-0-5938-132/


∗∗∗ GStreamer Security Advisories 2023-09-20 ∗∗∗
---------------------------------------------
GStreamer has published 3 security advisories at 2023-09-20.
---------------------------------------------
https://gstreamer.freedesktop.org/security/


∗∗∗ Hancom Office 2020 HWord footerr use-after-free vulnerability ∗∗∗
---------------------------------------------
A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this vulnerability.
---------------------------------------------
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1759


∗∗∗ Accusoft ImageGear dcm_pixel_data_decode out-of-bounds write vulnerability ∗∗∗
---------------------------------------------
An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
---------------------------------------------
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (ncurses), Fedora (emacs, firecracker, firefox, libkrun, python-oauthlib, and virtiofsd), Mageia (glibc and vim), Oracle (18), SUSE (bind, binutils, busybox, cni, cni-plugins, container-suseconnect, containerd, curl, exempi, ffmpeg, firefox, go1.19-openssl, go1.20-openssl, gpg2, grafana, gsl, gstreamer-plugins-bad, gstreamer-plugins-base, libpng15, libwebp, mutt, nghttp2, open-vm-tools, pmix, python-brotlipy, python3, python310, qemu, quagga, rubygem-actionview-5_1, salt, supportutils, xen, and xrdp), and Ubuntu (libwebp, minidlna, puma, and python2.7, python3.5). 
---------------------------------------------
https://lwn.net/Articles/945829/


∗∗∗ WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009 ∗∗∗
---------------------------------------------
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE identifiers: CVE-2023-39928, CVE-2023-35074, CVE-2023-39434, CVE-2023-40451, CVE-2023-41074, CVE-2023-41993.
---------------------------------------------
https://webkitgtk.org/security/WSA-2023-0009.html


∗∗∗ (0Day) Control Web Panel ∗∗∗
---------------------------------------------
ZDI-23-1476 - ZDI-23-1479
---------------------------------------------
https://www.zerodayinitiative.com/advisories/published/


∗∗∗ (0Day) Exim ∗∗∗
---------------------------------------------
ZDI-23-1468 - ZDI-23-1473
---------------------------------------------
https://www.zerodayinitiative.com/advisories/published/


∗∗∗ ZDI-23-1475: (0Day) Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-23-1475/


∗∗∗ ZDI-23-1474: (0Day) Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-23-1474/


∗∗∗ Drupal: Content Moderation Notifications - Moderately critical - Information disclosure - SA-CONTRIB-2023-047 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2023-047


∗∗∗ Drupal: Entity cache - Critical - Information disclosure - SA-CONTRIB-2023-046 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2023-046


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/support/pages/bulletin/


∗∗∗ Rockwell Automation PanelView 800 ∗∗∗
---------------------------------------------
https://www.cisa.gov/news-events/ics-advisories/icsa-23-271-01


∗∗∗ DEXMA DexGate ∗∗∗
---------------------------------------------
https://www.cisa.gov/news-events/ics-advisories/icsa-23-271-02

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily