[CERT-daily] Tageszusammenfassung - 22.04.2020
Daily end-of-shift report
team at cert.at
Wed Apr 22 18:15:09 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 21-04-2020 18:00 − Mittwoch 22-04-2020 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ You Wont Believe what this One Line Change Did to the Chrome Sandbox ∗∗∗
---------------------------------------------
The Chromium sandbox on Windows has stood the test of time. It’s considered one of the better sandboxing mechanisms deployed at scale without requiring elevated privileges to function. For all the good, it does have its weaknesses. The main one being the sandbox’s implementation is reliant on the security of the Windows OS.
---------------------------------------------
https://googleprojectzero.blogspot.com/2020/04/you-wont-believe-what-this-one-line.html
∗∗∗ New iPhone Zero-Day Discovered ∗∗∗
---------------------------------------------
Last year, ZecOps discovered two iPhone zero-day exploits. They will be patched in the next iOS release: Avraham declined to disclose many details about who the targets were, and did not say whether they lost any data as a result of the attacks, but said "we were a bit surprised about who was targeted."
---------------------------------------------
https://www.schneier.com/blog/archives/2020/04/new_iphone_zero.html
∗∗∗ NSA, ASD Release Guidance for Mitigating Web Shell Malware ∗∗∗
---------------------------------------------
The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly released a Cybersecurity Information Sheet (CSI) on mitigating web shell malware. Malicious cyber actors are increasingly deploying web shell malware on victim web servers to execute arbitrary system commands. By deploying web shell malware, cyber attackers can gain persistent access to compromised networks.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2020/04/22/nsa-asd-release-guidance-mitigating-web-shell-malware
∗∗∗ Achtung vor Shops mit service6 at vinayotap.com E-Mail-Adressen ∗∗∗
---------------------------------------------
Derzeit melden LeserInnen der Watchlist Internet vermehrt neue Fake-Shops, die vor allem eines gemeinsam haben: Sie verweisen alle auf die E-Mail-Adresse
---------------------------------------------
https://www.watchlist-internet.at/news/achtung-vor-shops-mit-service6vinayotapcom-e-mail-adressen/
=====================
= Vulnerabilities =
=====================
∗∗∗ Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D ∗∗∗
---------------------------------------------
The flaws exist in Autodesks FBX library, integrated in Microsofts Office, Office 365 ProPlus and Paint 3D applications.
---------------------------------------------
https://threatpost.com/microsoft-issues-out-of-band-security-update-for-office-paint-3d/155016/
∗∗∗ Zero-Day-Lücken in IBM Data Risk Manager - Forscher-Report ignoriert ∗∗∗
---------------------------------------------
Sicherheitsforscher haben im Überwachungstool IBM Data Risk Manager vier Lücken entdeckt - drei gelten als kritisch. Erste Patches sind bereits da.
---------------------------------------------
https://heise.de/-4707165
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Oracle (java-1.7.0-openjdk and java-1.8.0-openjdk), Red Hat (git, java-1.8.0-openjdk, java-11-openjdk, and kernel), Scientific Linux (kernel), Slackware (git), SUSE (openssl-1_1 and puppet), and Ubuntu (binutils and thunderbird).
---------------------------------------------
https://lwn.net/Articles/818359/
∗∗∗ 2020-04-21: Multiple vulnerabilities in B&R Automation Studio ∗∗∗
---------------------------------------------
https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio/
∗∗∗ 2020-04-21: TPM-Fail vulnerability in several B&R products ∗∗∗
---------------------------------------------
https://www.br-automation.com/en/downloads/022020-tpm-fail/
∗∗∗ 2020-04-22: UPS Adapter CS141 – Path traversal vulnerability ∗∗∗
---------------------------------------------
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107680A4579&LanguageCode=en&DocumentPartId=&Action=Launch
∗∗∗ Security Advisory - Improper Authentication Vulnerability in Several Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200422-01-authentication-en
∗∗∗ Security Advisory - Local Privilege Escalation Vulnerability in Huawei PCManager Product ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200422-01-pcmanager-en
∗∗∗ Security Advisory - Improper Authorization Vulnerability in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200422-01-smartphone-en
∗∗∗ Security Bulletin: CVE-2020-4202IBM UrbanCode Deploy (UCD) could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-4202ibm-urbancode-deploy-ucd-could-allow-an-authenticated-user-to-impersonate-another-user-if-the-server-is-configured-to-enable-distributed-front-end-dfe/
∗∗∗ Security Bulletin: Windows DLL injection vulnerability in IBM Java Runtime affects Collaboration and Deployment Services ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-windows-dll-injection-vulnerability-in-ibm-java-runtime-affects-collaboration-and-deployment-services/
∗∗∗ Security Bulletin: Ansible vulnerability affects IBM Elastic Storage System 3000 (CVE-2020-1734) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ansible-vulnerability-affects-ibm-elastic-storage-system-3000-cve-2020-1734/
∗∗∗ Security Bulletin: CVE-2019-4668 Pattern integration passwords stored in db without current encryption ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2019-4668-pattern-integration-passwords-stored-in-db-without-current-encryption/
∗∗∗ Security Bulletin: CVE-2014-3524 CSV Injection in reports ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2014-3524-csv-injection-in-reports/
∗∗∗ Security Bulletin: Stack-based Buffer Overflow vulnerability in IBM Spectrum Protect Server ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-stack-based-buffer-overflow-vulnerability-in-ibm-spectrum-protect-server/
∗∗∗ Security Bulletin: IBM Elastic Storage System 3000 is affected by a vulnerability where an unprivileged user could execute commands as root ( CVE-2020-4273) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-elastic-storage-system-3000-is-affected-by-a-vulnerability-where-an-unprivileged-user-could-execute-commands-as-root-cve-2020-4273/
∗∗∗ Atlassian Confluence: Schwachstelle ermöglicht Cross-Site Scripting ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0355
∗∗∗ Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Codeausführung ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0351
∗∗∗ OpenSSL: Schwachstelle ermöglicht Denial of Service ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0357
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list