===================== = End-of-Day report = =====================

Timeframe: Donnerstag 13-12-2018 18:00 − Freitag 14-12-2018 18:00 Handler: Dimitri Robl Co-Handler: Robert Waldner

===================== = News = =====================

∗∗∗ The economics of vulnerability disclosure ∗∗∗ --------------------------------------------- A new ENISA report aims to provide a glimpse into the costs, incentives, and impact related to discovering and disclosing vulnerabilities in information security. --------------------------------------------- https://www.enisa.europa.eu/news/enisa-news/the-economics-of-vulnerability-d...

∗∗∗ How to protect yourself as the threat of scam apps grows ∗∗∗ --------------------------------------------- As the threat of bogus apps continues, what can we do to protect ourselves against these fraudulent practices? --------------------------------------------- https://www.welivesecurity.com/2018/12/14/protect-yourself-threat-scam-apps-...

===================== = Vulnerabilities = =====================

∗∗∗ BlackBerry powered by Android Security Bulletin - December 2018 ∗∗∗ --------------------------------------------- BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones. --------------------------------------------- http://support.blackberry.com/kb/articleDetail?language=en_US&articleNum...

∗∗∗ Logitech Keystroke Injection Flaw Went Unaddressed for Months ∗∗∗ --------------------------------------------- The flaw allows a remote attacker to gain full access over a machine. --------------------------------------------- https://threatpost.com/logitech-keystroke-injection-flaw/139928/

∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by CentOS (ghostscript, git, java-1.7.0-openjdk, java-11-openjdk, kernel, NetworkManager, python-paramiko, ruby, sos-collector, thunderbird, and xorg-x11-server), Debian (gcc-4.9), and SUSE (amanda, ntfs-3g_ntfsprogs, and tiff). --------------------------------------------- https://lwn.net/Articles/774940/

∗∗∗ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0009 ∗∗∗ --------------------------------------------- Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. CVE identifiers: CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464. --------------------------------------------- https://webkitgtk.org/security/WSA-2018-0009.html

∗∗∗ QEMU: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- Ein lokaler Angreifer kann mehrere Schwachstellen in QEMU ausnutzen, um Informationen offenzulegen oder einen Denial of Service zu verursachen. --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K18-1175

∗∗∗ Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01

∗∗∗ Schneider Electric GUIcon Eurotherm ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-347-01

∗∗∗ Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-347-02

∗∗∗ Geutebrück GmbH E2 Series IP Cameras ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-347-03

∗∗∗ GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-347-04

∗∗∗ Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR ∗∗∗ --------------------------------------------- https://jvn.jp/en/jp/JVN87535892/

∗∗∗ 2018-12-14: Vulnerability in GATE E2 – Cross-site scripting (CVE-2018-18997) ∗∗∗ --------------------------------------------- https://search-ext.abb.com/library/Download.aspx?DocumentID=2CMT2018-005753&...

∗∗∗ 2018-12-14: Vulnerability in GATE E2 – No Access Control (CVE-2018-18995) ∗∗∗ --------------------------------------------- https://search-ext.abb.com/library/Download.aspx?DocumentID=2CMT2018-005751&...

∗∗∗ IBM Security Bulletin: Vulnerabilities in Struts v2 affect IBM Security Guardium (CVE-2016-1181, CVE-2016-1182) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-str...

∗∗∗ IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by vulnerabilities in IBM Java Runtime ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-...

∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Cross-Site scripting vulnerabilities vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-...

∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Cross-Site scripting vulnerability in user login vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-...

∗∗∗ IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services v2.1.1 is affected by a potential cross-site scripting (XSS) vulnerability (CVE-2018-1871) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-...

∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-...

∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Foreshadow Spectre Variant vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-...

∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Runtime Environment Java affect Rational Build Forge (CVE-2018-1656; CVE-2018-2973; CVE-2018-12539) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...

∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment and Tivoli Provisioning Manager for Images (CVE-2018-0732) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-ope...

∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a public disclosed vulnerability from Apache ZooKeeper ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-...

∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Emptoris Strategic Supply Management Suite of Products and IBM Emptoris Services Procurement ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...