[CERT-daily] Tageszusammenfassung - 02.11.2018

Fri Nov 2 18:14:21 CET 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 31-10-2018 18:00 − Freitag 02-11-2018 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Utilities, Energy Sector Attacked Mainly Via IT, Not ICS ∗∗∗
---------------------------------------------
Stealing administrative credentials to carry out months-long spy campaigns is a top threat.
---------------------------------------------
https://threatpost.com/utilities-energy-sector-attacked-mainly-via-it-not-ics/138733/


∗∗∗ Intel CPUs impacted by new PortSmash side-channel vulnerability ∗∗∗
---------------------------------------------
Intel processors are impacted by a new vulnerability that can allow attackers to leak encrypted data from the CPUs internal processes.
---------------------------------------------
https://www.zdnet.com/article/intel-cpus-impacted-by-new-portsmash-side-channel-vulnerability/


∗∗∗ Zero-Day-Lücke in Cisco Adaptive Security Appliance und Firepower Threat Defense ∗∗∗
---------------------------------------------
Unbekannte Angreifer attackieren derzeit Firewalls und Sicherheitslösungen von Cisco. Für die Sicherheitslücke gibt es noch keinen Patch.
---------------------------------------------
http://heise.de/-4208546


∗∗∗ Bleedingbit: Sicherheitslücken in Bluetooth LE gefährden Access Points ∗∗∗
---------------------------------------------
Sicherheitsforscher skizzieren eine ihrer Einschätzung nach kritische Schwachstelle in einigen Bluetooth-Low-Energy-Chips. Es gibt bereits erste Updates.
---------------------------------------------
http://heise.de/-4209343


∗∗∗ Gefälschte iTunes Store-Rechnung im Umlauf ∗∗∗
---------------------------------------------
Kriminelle versenden eine gefälschte iTunes Store-Rechnung. Darin behaupten sie, dass Empfänger/innen einen Einkauf getätigt haben. Diesen können sie angeblich unter Bekanntgabe persönlicher Daten und ihrer Kreditkarteninformationen stornieren. Konsument/innen, die den erfundenen Einkauf rückgängig machen wollen, übermitteln Verbrecher/innen sensible Angaben und werden Opfer eines Datendiebstahls.
---------------------------------------------
https://www.watchlist-internet.at/news/gefaelschte-itunes-store-rechnung-im-umlauf/


∗∗∗ Coinhive & MikroTik ∗∗∗
---------------------------------------------
Wir haben in den uns zur Verfügung stehenden Shodan Daten nach Systemen gesucht, die von der Krypto-Mining Kampagne gegen MikroTik Geräte betroffen sind. Dabei sind wir auf ca 330 IP-Adressen aus Österreich gestoßen und haben die entsprechenden Abuse-Kontakte informiert.
---------------------------------------------
https://www.cert.at/services/blog/20181102151919-2302.html


=====================
=  Vulnerabilities  =
=====================

∗∗∗ AVEVA InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition) ∗∗∗
---------------------------------------------
This advisory includes mitigations for stack-based buffer overflow and empty password in configuration file vulnerabilities in AVEVA’s InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition) products.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01


∗∗∗ Schneider Electric Software Update (SESU) ∗∗∗
---------------------------------------------
This advisory includes mitigations for a DLL hijacking vulnerability in the Schneider Electric Software Update (SESU).
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-305-02


∗∗∗ Circontrol CirCarLife ∗∗∗
---------------------------------------------
This advisory includes mitigations for authentication bypass using an alternate path or channel and insufficiently protected credentials vulnerabilities in Circontrol’s CirCarLife, an electric vehicle charging station.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-305-03


∗∗∗ Fr. Sauter AG CASE Suite ∗∗∗
---------------------------------------------
This advisory includes mitigations for an improper restriction of XML External Entity Reference vulnerability in Fr. Sauter AGs CASE Suite software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-305-04


∗∗∗ Anviz AIM CrossChex Standard 4.3 Excel Macro Injection ∗∗∗
---------------------------------------------
CSV (XLS) Injection (Excel Macro Injection or Formula Injection) exists in the AIM CrossChex 4.3 when importing or exporting users using xls Excel file. This can be exploited to execute arbitrary commands on the affected system via SE attacks when an attacker inserts formula payload in the Name field when adding a user or using the custom fields Gender, Position, Phone, Birthday, Employ Date and Address.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5498.php


∗∗∗ GitLab Critical Security Release: 11.4.4, 11.3.9, 11.2.8 ∗∗∗
---------------------------------------------
These versions contain a number of important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately.
---------------------------------------------
https://about.gitlab.com/2018/11/01/critical-security-release-gitlab-11-dot-4-dot-4-released/


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (phpldapadmin, poppler, and tzdata), Fedora (firefox, java-11-openjdk, libarchive, sos-collector, and teeworlds), Scientific Linux (java-1.7.0-openjdk, python-paramiko, and thunderbird), Slackware (curl), and SUSE (kernel, MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss, and wireshark).
---------------------------------------------
https://lwn.net/Articles/770367/


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (kernel and linux-lts), Debian (chromium-browser and mono), Oracle (firefox), and Ubuntu (curl).
---------------------------------------------
https://lwn.net/Articles/770473/


∗∗∗ Session Limit - Critical - Insecure Session Management - SA-CONTRIB-2018-072 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-072


∗∗∗ Decoupled Router - Critical - Access bypass - SA-CONTRIB-2018- 071 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-071


∗∗∗ Paragraphs - Moderately critical - Access Bypass - SA-CONTRIB-2018-073 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-073


∗∗∗ NextCloud Server: Mehrere Schwachstellen ermöglichen u. a. das Ausspähen von Informationen ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-2238/


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/


∗∗∗ Security Advisory - Authentication Bypass Vulnerability in Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181101-01-bypass-en

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily