[CERT-daily] Tageszusammenfassung - 15.04.2020
Daily end-of-shift report
team at cert.at
Wed Apr 15 19:04:22 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 14-04-2020 18:00 − Mittwoch 15-04-2020 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Patchday: Microsoft schließt über 100 Lücken, drei Windows-Lücken unter Beschuss ∗∗∗
---------------------------------------------
Wichtige Sicherheitsupdates schützen Windows & Co. 17 Schwachstellen sind mit dem Angriffsrisiko "kritisch" eingestuft.
---------------------------------------------
https://heise.de/-4702540
∗∗∗ Sicherheitswarnungen für Git und GitHub ∗∗∗
---------------------------------------------
Eine Schwachstelle in Git ermöglicht das Umleiten von Credentials, und GitHub warnt vor einer Welle von Phishing-Mails.
---------------------------------------------
https://heise.de/-4702519
∗∗∗ Medikamente sicher und legal online kaufen ∗∗∗
---------------------------------------------
Apotheken sind in Österreich trotz Corona-Krise geöffnet. Dennoch wollen Menschen die Ansteckungsgefahr in den Apotheken vermeiden und kaufen rezeptfreie Medikamente online. Es gibt jedoch zahlreiche Fake-Apotheken im Internet, die mit scheinbar rezeptfreien Medikamenten werben. Mit dem EU-Sicherheitslogo erkennen Sie legale Apotheken und können Medikamente ohne Risiko legal online kaufen.
---------------------------------------------
https://www.watchlist-internet.at/news/medikamente-sicher-und-legal-online-kaufen/
=====================
= Vulnerabilities =
=====================
∗∗∗ Microsoft Office April security updates fix critical RCE bugs ∗∗∗
---------------------------------------------
Microsoft released the April 2020 Office security updates on April 14, 2020, with a total of 55 security updates and 5 cumulative updates for 7 different products, and patching 5 critical bugs allowing attackers to run scripts as the current user and remotely execute arbitrary code on unpatched systems.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/microsoft-office-april-security-updates-fix-critical-rce-bugs/
∗∗∗ Eaton HMiSoft VU3 ∗∗∗
---------------------------------------------
This advisory contains mitigations for stack-based buffer overflow and out-of-bounds read vulnerabilities in Eatons HMiSoft VU3 human-machine interface (HMI).
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-105-01
∗∗∗ Triangle MicroWorks DNP3 Outstation Libraries ∗∗∗
---------------------------------------------
This advisory contains mitigations for a stack-based buffer overflow vulnerability in Triangle MicroWorks DNP3 components and source code libraries.
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-105-02
∗∗∗ Triangle MicroWorks SCADA Data Gateway ∗∗∗
---------------------------------------------
This advisory contains mitigations for stack-based buffer overflow, out-of-bounds read, and type confusion vulnerabilities in the Triangle MicroWorks SCADA Data Gateway.
---------------------------------------------
https://www.us-cert.gov/ics/advisories/icsa-20-105-03
∗∗∗ VMSA-2020-0007 ∗∗∗
---------------------------------------------
VMware vRealize Log Insight addresses Cross Site Scripting (XSS) and Open Redirect vulnerabilities (CVE-2020-3953, CVE-2020-3954)
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2020-0007.html
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (git, graphicsmagick, php-horde-data, and php-horde-trean), Mageia (apache, gnutls, golang, krb5-appl, libssh, libvncserver, mediawiki, thunderbird, tor, and wireshark), openSUSE (chromium, nagios, and thunderbird), Oracle (kernel and krb5-appl), Red Hat (elfutils, kernel, nss-softokn, ntp, procps-ng, and python), Scientific Linux (firefox), Slackware (git), SUSE (git and ruby2.5), and Ubuntu (git).
---------------------------------------------
https://lwn.net/Articles/817565/
∗∗∗ IPAS: Security Advisories for April 2020 ∗∗∗
---------------------------------------------
Hello, Today, in addition to the 6 security advisories we are releasing, we want to call your attention to a new whitepaper we have just published addressing CVE-2019-0090, a vulnerability in the Intel® Converged Security Management Engine (CSME) that we first disclosed in May of last year. You can read the whitepaper HERE.
---------------------------------------------
https://blogs.intel.com/technology/2020/04/ipas-security-advisories-for-april-2020/
∗∗∗ BSRT-2020-001 Local File Inclusion Vulnerability in Apache Tomcat Impacts BlackBerry Workspaces Server and BlackBerry Good Control ∗∗∗
---------------------------------------------
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000062739
∗∗∗ Security Advisory - Denial of Service Vulnerability on Huawei Smartphone ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200415-02-dos-en
∗∗∗ Security Advisory - Improper Authentication Vulnerability in Some Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200415-01-smartphone-en
∗∗∗ Security Advisory - Out of Bounds Read Vulnerability in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200415-01-oob-en
∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to privilege escalation (CVE-2020-4270) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-privilege-escalation-cve-2020-4270/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-performance-management-products-6/
∗∗∗ Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2019-4720) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-websphere-application-server-affects-the-ibm-performance-management-product-cve-2019-4720/
∗∗∗ Security Bulletin: A vulnerability in jQuery affects the IBM Performance Management product (CVE-2019-11358) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-jquery-affects-the-ibm-performance-management-product-cve-2019-11358/
∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to PHP object injection (CVE-2020-4271) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-php-object-injection-cve-2020-4271/
∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to information exposure (CVE-2019-4593) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-information-exposure-cve-2019-4593/
∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to instantiation of arbitrary objects (CVE-2020-4272) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-instantiation-of-arbitrary-objects-cve-2020-4272/
∗∗∗ Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-nx-os-firmware-used-by-ibm-c-type-san-directors-and-switches/
∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to Server-Side Request Forgery (SSRF) (CVE-2020-4294) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-server-side-request-forgery-ssrf-cve-2020-4294/
∗∗∗ Security Bulletin: IBM Security Guardium is affected by an Oracle MySQL vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-oracle-mysql-vulnerabilities-2/
∗∗∗ Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Überschreiben von Dateien ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0325
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list