[CERT-daily] Tageszusammenfassung - 14.07.2020

Daily end-of-shift report team at cert.at
Tue Jul 14 19:03:51 CEST 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 13-07-2020 18:00 − Dienstag 14-07-2020 18:00
Handler:     Thomas Pribitzer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ SCANdalous! (External Detection Using Network Scan Data and Automation) ∗∗∗
---------------------------------------------
Real Quick In case you’re thrown by that fantastic title, our lawyers made us change the name of this project so we wouldn’t get sued. SCANdalous—a.k.a. Scannah Montana a.k.a. Scanny McScanface a.k.a. “Scan I Kick It? (Yes You Scan)”—had another name before today that, for legal reasons, we’re keeping to ourselves. A special thanks to our legal team who is always looking out for us, this blog post would be a lot less fun without them. Strap in folks.
---------------------------------------------
http://www.fireeye.com/blog/threat-research/2020/07/scandalous-external-detection-using-network-scan-data-and-automation.html


∗∗∗ Vorsicht vor betrügerischer Werbung auf Facebook ∗∗∗
---------------------------------------------
Facebook und Instagram, durchaus lukrative Werbekanäle. Dass haben auch Kriminelle erkannt. Mit der Botschaft, dass die Shops luvpatient.com, liebesfreund.de und colorootd.com die Corona-Krise angeblich nicht überstanden haben, werden Produkte zu sehr günstigen Preisen im Feed oder zwischen den Stories beworben. Doch Vorsicht: Die bestellte Ware kommt nicht oder nur in minderwertiger Qualität an!
---------------------------------------------
https://www.watchlist-internet.at/news/vorsicht-vor-betruegerischer-werbung-auf-facebook/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security Bulletins Posted ∗∗∗
---------------------------------------------
Adobe has published security bulletins for Adobe Creative Cloud Desktop Application (APSB20-33), Adobe Media Encoder (APSB20-36), Adobe Genuine Service (APSB20-37), Adobe ColdFusion (APSB20-43) and Adobe Download Manager (APSB20-49). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1893


∗∗∗ SAP Patchday Juli 2020 ∗∗∗
---------------------------------------------
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in mehreren SAP Produkten ausnutzen, um die Kontrolle über SAP Anwendungen zu übernehmen, um Informationen offenzulegen, um einen Cross-Site Scripting Angriff durchzuführen und um weitere, nicht spezifizierte Auswirkungen zu erreichen.
---------------------------------------------
https://www.cert-bund.de/advisoryshort/CB-K20-0690


∗∗∗ SSA-305120 (Last Update: 2020-07-14): Vulnerabilities in SICAM MMU, SICAM T and SICAM SGU ∗∗∗
---------------------------------------------
SICAM MMU, SICAM T and the discontinued SICAM SGU devices are affected by multiple security vulnerabilities which could allow an attacker to perform a variety of attacks. This may include unauthenticated firmware installation, remote code execution and leakage of confidential data like passwords. Siemens has released updates to introduce authentication to the web application. It is still recommended to implement further mitigations, as most of the vulnerabilities might not be sufficiently [...]
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-305120.txt


∗∗∗ SSA-364335 (Last Update: 2020-07-14): Clear Text Transmission Vulnerability on SIMATIC HMI Panels ∗∗∗
---------------------------------------------
A clear text transmission vulnerability in SIMATIC HMI panels could allow an attacker to access sensitive information under certain circumstances.Siemens recommends specific countermeasures to mitigate this vulnerability.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-364335.txt


∗∗∗ SSA-573753 (Last Update: 2020-07-14): Remote Code Execution in Siemens LOGO! Web Server ∗∗∗
---------------------------------------------
The latest update for LOGO! 8 BM devices fixes a vulnerability that could allow remote code execution in the web server functionality.Siemens provides a firmware update for the latest versions of LOGO! BM.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-573753.txt


∗∗∗ SSA-589181 (Last Update: 2020-07-14): Denial-Of-Service in SIMATIC S7-200 SMART CPU Family Devices ∗∗∗
---------------------------------------------
The latest update for SIMATIC S7-200 SMART fixes a vulnerability that could allow an attacker to cause a permanent Denial-of-Service of an affected device by sending a large number of crafted packets.Siemens has released an update for the SIMATIC S7-200 SMART CPU family and recommends that customers update to the latest version.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-589181.txt


∗∗∗ SSA-604937 (Last Update: 2020-07-14): Multiple Web Server Vulnerabilities in Opcenter Execution Core ∗∗∗
---------------------------------------------
The latest update of Opcenter Execution Core fixes multiple vulnerabilities where the most severe could allow an attacker to perform a cross-site scripting (XSS) attack under certain conditions.Siemens has released an update for the Opcenter Execution Core and recommends that customers update to the latest version. Siemens recommends specific countermeasures as there are currently no further fixes available.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-604937.txt


∗∗∗ SSA-631949 (Last Update: 2020-07-14): Ripple20 and Intel SPS Vulnerabilities in SPPA-T3000 Solutions ∗∗∗
---------------------------------------------
SPPA-T3000 solutions are affected by vulnerabilities that were recently dislosed by JSOF research lab (“Ripple20”) for the TCP/IP stack used in APC UPS systems, and by Intel for the Server Platform Services (SPS) used in SPPA-T3000 Application Server and Terminal Server hardware.The advisory provides information to what amount SPAA-T3000 solutions are affected.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-631949.txt


∗∗∗ SSA-841348 (Last Update: 2020-07-14): Multiple Vulnerabilities in the UMC Stack ∗∗∗
---------------------------------------------
The latest update for the below listed products fixes two security vulnerabilities that could allow an attacker to cause a partial Denial-of-Service on the UMC component of the affected devices under certain circumstances, and one vulnerability that could allow an attacker to locally escalate privileges from a user with administrative privileges to execute code with SYSTEM level privileges.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-841348.txt


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (mingw-podofo and python-rsa), openSUSE (LibVNCServer, mozilla-nss, nasm, openldap2, and permissions), Red Hat (dovecot, sane-backends, and thunderbird), Scientific Linux (dbus), and SUSE (firefox and thunderbird).
---------------------------------------------
https://lwn.net/Articles/826113/


∗∗∗ [20200706] - Core - System Information screen could expose redis or proxy credentials ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/823-20200706-core-system-information-screen-could-expose-redis-or-proxy-credentials.html


∗∗∗ [20200705] - Core - Escape mod_random_image link ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/822-20200705-core-escape-mod-random-image-link.html


∗∗∗ [20200704] - Core - Variable tampering via user table class ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/821-20200704-core-variable-tampering-via-user-table-class.html


∗∗∗ [20200703] - Core - CSRF in com_privacy remove-request feature ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/820-20200703-core-csrf-in-com-privacy-remove-request-feature.html


∗∗∗ [20200702] - Core - Missing checks can lead to a broken usergroups table record ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/819-20200702-core-missing-checks-can-lead-to-a-broken-usergroups-table-record.html


∗∗∗ [20200701] - Core - CSRF in com_installer ajax_install endpoint ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/818-20200701-core-csrf-in-com-installer-ajax-install-endpoint.html


∗∗∗ Security Bulletin: Apache Tika as used by IBM QRadar SIEM is vulnerable to a denial of service (CVE-2020-1951, CVE-2020-1950) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-apache-tika-as-used-by-ibm-qradar-siem-is-vulnerable-to-a-denial-of-service-cve-2020-1951-cve-2020-1950/


∗∗∗ Security Bulletin: IBM QRadar is vulnerable to an XML External Entity Injection (XXE) attack (CVE-2020-4510) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-is-vulnerable-to-an-xml-external-entity-injection-xxe-attack-cve-2020-4510/


∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (CVE-2020-4513) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-cross-site-scripting-cve-2020-4513/


∗∗∗ Security Bulletin: Vulnerabilities in Java affect the IBM FlashSystem 900 (CVE-2019-2989 and CVE-2019-2964) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-java-affect-the-ibm-flashsystem-900-cve-2019-2989-and-cve-2019-2964/


∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to denial of service (CVE-2020-4511) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-denial-of-service-cve-2020-4511/


∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities/


∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to command injection (CVE-2020-4512) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-command-injection-cve-2020-4512/


∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (CVE-2020-4364) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-cross-site-scripting-cve-2020-4364/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list