[CERT-daily] Tageszusammenfassung - 14.05.2019
Daily end-of-shift report
team at cert.at
Tue May 14 18:17:13 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Montag 13-05-2019 18:00 − Dienstag 14-05-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Unklare Angebote zu Strafregisterauszug, Führungs- und Leumundszeugnis ∗∗∗
---------------------------------------------
Auf leumundszeugnis.at, strafregisterauszug.at, fuehrungszeugnis.at und amtsweg.info können Konsument/innen Online-Wegweiser bzw. E-Books erwerben, die beschreiben, wie gewisse Anträge bei den zuständigen Ämtern online gestellt werden können. Für zahlreiche Interessent/innen ist aber nicht klar erkennbar, dass nur Anleitungen und nicht die amtlichen Dokumente selbst angeboten werden.
---------------------------------------------
https://www.watchlist-internet.at/news/unklare-angebote-zu-strafregisterauszug-fuehrungs-und-leumundszeugnis/
=====================
= Vulnerabilities =
=====================
∗∗∗ Update WhatsApp now: Bug lets snoopers put spyware on your phone with just a call ∗∗∗
---------------------------------------------
WhatsApp has disclosed a serious vulnerability in the messaging app that gives snoops a way to remotely inject Israeli spyware on iPhone and Android devices simply by calling the target.
The bug, detailed in a Monday Facebook advisory for CVE-2019-3568, is a buffer overflow vulnerability within WhatsApp's VOIP function.
---------------------------------------------
https://www.zdnet.com/article/update-whatsapp-now-bug-lets-snoopers-put-spyware-on-your-phone-with-just-a-call/
∗∗∗ Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder ∗∗∗
---------------------------------------------
Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse. None of the flaws patched this month in Adobe products has been found exploited in the wild. Out of 87 total flaws, a whopping number of vulnerabilities (i.e.,
---------------------------------------------
https://thehackernews.com/2019/05/adobe-software-updates.html
∗∗∗ Apple Releases Multiple Security Updates ∗∗∗
---------------------------------------------
Original release date: May 14, 2019 Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:watchOS 5.2.1Safari 12.1.1Apple TV Software 7.3tvOS 12.3iOS 12.3macOS Mojave 10.14.5,
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/05/14/Apple-Releases-Multiple-Security-Updates
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (flatpak, ghostscript, and python-jinja2), Debian (cups-filters, imagemagick, qt4-x11, and samba), Fedora (httpd and wpa_supplicant), openSUSE (freeradius-server, nmap, python-Jinja2, signing-party, and webkit2gtk3), Red Hat (java-1.7.1-ibm and java-1.8.0-ibm), Scientific Linux (python-jinja2), SUSE (cf-cli, java-1_8_0-openjdk, and libxslt), and Ubuntu (isc-dhcp, openjdk-8, openjdk-lts, samba, and VCFtools).
---------------------------------------------
https://lwn.net/Articles/788373/
∗∗∗ Intel Desktop Firmware: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
Intel Desktop Board products BIOS ist das BIOS welches mit Intel Motherboards ausgeliefert wird. Die Server Firmware stellt die Software-Grundbetriebskomponenten für Mainboards bereit.
Ein lokaler Angreifer kann eine Schwachstelle in Intel Desktop Firmware und Intel Server Firmware ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0399
∗∗∗ ASUS WebStorage abused to spy on users at the router level ∗∗∗
---------------------------------------------
ESET researcher Anton Cherepanov published a report detailing attack vectors related to WebStorage, ASUS's cloud storage service, on Tuesday. According to the team, the Plead malware may be being distributed through MiTM attacks taking place against ASUS software. Plead is a malware variant which specializes in data theft through a combination of the Plead backdoor and Drigo exfiltration tool.
---------------------------------------------
https://www.zdnet.com/article/asus-webstorage-abused-to-spy-on-users-at-the-router-level/
∗∗∗ Cisco Secure Boot Hardware Tampering Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot
∗∗∗ Cisco IOS XE Software Web UI Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-webui
∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Cloud January 2019 CPU ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-liberty-for-java-for-ibm-cloud-january-2019-cpu/
∗∗∗ IBM Security Bulletin: Potential denial of service vulnerability in Liberty for Java for IBM Cloud (CVE-2019-4046) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-denial-of-service-vulnerability-in-liberty-for-java-for-ibm-cloud-cve-2019-4046/
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-node-js-affect-ibm-cloud-app-management-v2018-2/
∗∗∗ SSA-102144 (Last Update: 2019-05-14): Code Execution Vulnerability in LOGO! Soft Comfort ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf
∗∗∗ SSA-542701 (Last Update: 2019-05-14): Vulnerabilities in SIEMENS LOGO! ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf
∗∗∗ SSA-549547 (Last Update: 2019-05-14): Multiple Vulnerabilites in SCALANCE W1750D ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf
∗∗∗ SSA-606525 (Last Update: 2019-05-14): Denial-of-Service Vulnerability in SINAMICS PERFECT HARMONY GH180 Ethernet Modbus Interface (G28) ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf
∗∗∗ SSA-697412 (Last Update: 2019-05-14): Multiple Vulnerabilities in SIMATIC WinCC, SIMATIC WinCC Runtime, SIMATIC PCS 7, SIMATIC TIA Portal ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf
∗∗∗ SSA-705517 (Last Update: 2019-05-14): Remote Code Execution Vulnerability in SIMATIC WinCC and SIMATIC PCS 7 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf
∗∗∗ SSA-804486 (Last Update: 2019-05-14): Multiple Vulnerabilities in SIMATIC Panels and SIMATIC WinCC (TIA Portal) ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf
∗∗∗ SSA-865156 (Last Update: 2019-05-14): Denial-of-Service Vulnerability in SINAMICS PERFECT HARMONY GH180 Fieldbus Network ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf
∗∗∗ SSA-902727 (Last Update: 2019-05-14): Multiple Vulnerabilities in Licensing Software for SISHIP Automation Solutions ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf
∗∗∗ HPESBMU03935 rev.1 - HPE Unified OSS Console Software Products using Apache CouchDB, Remote Code Execution, Remote Escalation of Privilege ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03935en_us
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list