[CERT-daily] Tageszusammenfassung - 10.10.2024

Daily end-of-shift report team at cert.at
Thu Oct 10 18:25:37 CEST 2024


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 09-10-2024 18:00 − Donnerstag 10-10-2024 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Firefox Zero-Day Under Attack: Update Your Browser Immediately ∗∗∗
---------------------------------------------
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component.
---------------------------------------------
https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html


∗∗∗ CISA says critical Fortinet RCE flaw now exploited in attacks ∗∗∗
---------------------------------------------
Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/cisa-says-critical-fortinet-rce-flaw-now-exploited-in-attacks/


∗∗∗ Benutzt hier jemand ein Smartphone mit Qualcomm-SOC? ∗∗∗
---------------------------------------------
Für viele Android-Geräte da draußen ist die Antwort: Ja.The zero-day vulnerability, officially designated CVE-2024-43047, “may be under limited, targeted exploitation,” according to Qualcomm, citing unspecified “indications” from Google’s Threat Analysis Group, the company’s research unit that investigates government hacking threats.
---------------------------------------------
http://blog.fefe.de/?ts=99f9d232


∗∗∗ Magenta ID wurde deaktiviert: Vorsicht vor täuschend echter Phishing-Mail ∗∗∗
---------------------------------------------
Ein sehr gut gefälschtes Magenta-Mail ist gerade in Österreich in Umlauf. Wer genau hinsieht, kann es entlarven.
---------------------------------------------
https://futurezone.at/digital-life/magenta-id-wurde-deaktiviert-mail-phishing-rechnung-hinweise-betrug-warnung/402960708


∗∗∗ Malware by the (Bit)Bucket: Unveiling AsyncRAT ∗∗∗
---------------------------------------------
Recently, we uncovered a sophisticated attack campaign employing a multi-stage approach to deliver AsyncRAT via a legitimate platform called Bitbucket.
---------------------------------------------
https://www.gdatasoftware.com/blog/2024/10/38043-asyncrat-bitbucket


∗∗∗ File hosting services misused for identity phishing ∗∗∗
---------------------------------------------
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
---------------------------------------------
https://www.microsoft.com/en-us/security/blog/2024/10/08/file-hosting-services-misused-for-identity-phishing/


∗∗∗ Technical Analysis of DarkVision RAT ∗∗∗
---------------------------------------------
IntroductionDarkVision RAT is a highly customizable remote access trojan (RAT) that first surfaced in 2020, offered on Hack Forums and their website for as little as $60. Written in C/C++, and assembly, DarkVision RAT has gained popularity due to its affordability and extensive feature set, making it accessible even to low-skilled cybercriminals. The RAT’s capabilities include keylogging, taking screenshots, file manipulation, process injection, remote code execution, and password theft.
---------------------------------------------
https://www.zscaler.com/blogs/security-research/technical-analysis-darkvision-rat


∗∗∗ Ransom & Dark Web Issues Week 2, October 2024 ∗∗∗
---------------------------------------------
* New Target of KillSec Ransomware Attack: South Korean Commercial Property Content Provider
* Dark Web Market Bohemia/Cannabia Shut Down by Law Enforcement, Two Administrators Arrested
* New Ransomware Gang Sarcoma: Conducted Attacks on a Total of 30 Companies
---------------------------------------------
https://asec.ahnlab.com/en/83739/


∗∗∗ Internet Archive unter Beschuss: Über 30 Millionen Nutzerdaten gestohlen ∗∗∗
---------------------------------------------
Bislang Unbekannte vergriffen sich mehrfach am Internet Archive. Bereits im September wurden Nutzerdaten und Passwort-Hashes abgezogen.
---------------------------------------------
https://heise.de/-9975986



=====================
=  Vulnerabilities  =
=====================

∗∗∗ GitLab warns of critical arbitrary branch pipeline execution flaw ∗∗∗
---------------------------------------------
GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-arbitrary-branch-pipeline-execution-flaw/


∗∗∗ Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems ∗∗∗
---------------------------------------------
Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands.The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck.
---------------------------------------------
https://thehackernews.com/2024/10/experts-warn-of-critical-unpatched.html


∗∗∗ wkhtmltopdf - Highly critical - Unsupported - SA-CONTRIB-2024-049 ∗∗∗
---------------------------------------------
Project: wkhtmltopdfDate: 2024-October-09Security risk: Highly critical 23 ∕ 25 AC:None/A:None/CI:All/II:All/E:Proof/TD:AllVulnerability: UnsupportedAffected versions: *Description: The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupportedSolution: If you use this project,
---------------------------------------------
https://www.drupal.org/sa-contrib-2024-049


∗∗∗ Facets - Critical - Cross Site Scripting - SA-CONTRIB-2024-047 ∗∗∗
---------------------------------------------
Project: FacetsDate: 2024-October-09Security risk: Critical 15 ∕ 25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site ScriptingAffected versions: Description: This module enables you to to easily create and manage faceted search interfaces.The module doesnt sufficiently filter for malicious script leading to a reflected cross site scripting (XSS) vulnerability.Solution: Install the latest version:If you use the Facets module, upgrade to Facets
---------------------------------------------
https://www.drupal.org/sa-contrib-2024-047


∗∗∗ Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046 ∗∗∗
---------------------------------------------
Project: Block permissionsDate: 2024-October-09Security risk: Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Access bypassAffected versions: >=1.0.0 Description: This module enables you to manage blocks from specific modules in the specific themes.The module doesnt sufficiently check permissions under the scenario when a block is added using the form "/admin/structure/block/add/{plugin_id}/{theme}" (route
---------------------------------------------
https://www.drupal.org/sa-contrib-2024-046


∗∗∗ Monster Menus - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-045 ∗∗∗
---------------------------------------------
Project: Monster MenusDate: 2024-October-09Security risk: Moderately critical 13 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Access bypass, Information DisclosureAffected versions: Description: This module enables you to group nodes within pages that have a highly-granular, distributed permissions structure.A function which can be used by third-party code does not return valid data under certain rare circumstances. If the third-party code relies on this
---------------------------------------------
https://www.drupal.org/sa-contrib-2024-045


∗∗∗ Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048 ∗∗∗
---------------------------------------------
Project: GutenbergDate: 2024-October-09Security risk: Moderately critical 12 ∕ 25 AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site Request ForgeryAffected versions: =3.0.0 Description: This module provides a new UI experience for node editing using the Gutenberg Editor library.The module did not sufficiently protect some routes against a Cross Site Request Forgery attack.This vulnerability is mitigated by the fact that the tricked user needs to have an
---------------------------------------------
https://www.drupal.org/sa-contrib-2024-048


∗∗∗ VMSA-2024-0020:VMware NSX updates address multiple vulnerabilities (CVE-2024-38818, CVE-2024-38817, CVE-2024-38815) ∗∗∗
---------------------------------------------
Multiple vulnerabilities in VMware NSX were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in the affected VMware products.
---------------------------------------------
https://support.broadcom.com/web/ecx/support-=content-notification/-/external/content/SecurityAdvisories/0/25047


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (chromium), Fedora (firefox, koji, unbound, webkit2gtk4.0, and xen), Red Hat (glibc, net-snmp, and tomcat), Slackware (mozilla), SUSE (apache-commons-io, buildah, cups-filters, liboath-devel, libreoffice, libunbound8, podman, and redis), and Ubuntu (cups-browsed, cups-filters, edk2, linux-raspi-5.4, and oath-toolkit).
---------------------------------------------
https://lwn.net/Articles/993595/


∗∗∗ Redis Vulnerability Security Update Advisory (CVE-2024-31449) ∗∗∗
---------------------------------------------
An update has been released to address vulnerabilities in Redis. Users of the affected versions are advised to update to the latest version.
---------------------------------------------
https://asec.ahnlab.com/en/83704/


∗∗∗ Ivanti Product Security Update Advisory ∗∗∗
---------------------------------------------
* CVE-2024-9380, CVE-2024-9381: Ivanti Cloud Services Appliance (CSA) versions: ~ 5.0.1 (inclusive)
* CVE-2024-7612: Ivanti EPMM (Core) versions: ~ 12.1.0.3 (inclusive)
* CVE-2024-9167: Velocity License Server versions: 5.1 (inclusive) ~ 5.1.2 (inclusive)
---------------------------------------------
https://asec.ahnlab.com/en/83706/


∗∗∗ Adobe Family October 2024 Routine Security Update Advisory ∗∗∗
---------------------------------------------
Adobe has released a security update that addresses a vulnerability in its supplied products. Users of affected systems are advised to update to the latest version.
---------------------------------------------
https://asec.ahnlab.com/en/83710/


∗∗∗ SAP Product Security Update Advisory ∗∗∗
---------------------------------------------
* CVE-2024-37179: SAP BusinessObjects Business Intelligence Platform, ENTERPRISE 420, 430, 2025, Enterprise clienttools 420
* CVE-2024-41730: SAP BusinessObjects Business Intelligence Platform, ENTERPRISE 430, 440
* CVE-2024-39592: SAP PDCE, S4CORE 102, S4CORE 103, S4COREOP 104, S4COREOP 105, S4COREOP 106, S4COREOP 107, S4COREOP 108
---------------------------------------------
https://asec.ahnlab.com/en/83736/


∗∗∗ SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client Affected By Multiple Vulnerabilities ∗∗∗
---------------------------------------------
1) CVE-2024-45315 - SonicWALL SMA1000 Connect Tunnel Windows Client Link Following Denial-of-Service Vulnerability
2) CVE-2024-45316 - SonicWALL SMA1000 Connect Tunnel Windows Client Link Following Local Privilege Escalation Vulnerability
3) CVE-2024-45317 - Unauthenticated SMA1000 12.4.x Server-Side Request Forgery (SSRF) Vulnerability
---------------------------------------------
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017


∗∗∗ CISA Releases Twenty-One Industrial Control Systems Advisories ∗∗∗
---------------------------------------------
* ICSA-24-284-01 Siemens SIMATIC S7-1500 and S7-1200 CPUs
* ICSA-24-284-02 Siemens Simcenter Nastran
* ICSA-24-284-03 Siemens Teamcenter Visualization and JT2Go
* ICSA-24-284-04 Siemens SENTRON PAC3200 Devices
* ICSA-24-284-05 Siemens Questa and ModelSim
* ICSA-24-284-06 Siemens SINEC Security Monitor
* ICSA-24-284-07 Siemens JT2Go
* ICSA-24-284-08 Siemens HiMed Cockpit
* ICSA-24-284-09 Siemens PSS SINCAL
* ICSA-24-284-10 Siemens SIMATIC S7-1500 CPUs
* ICSA-24-284-11 Siemens RUGGEDCOM APE1808
* ICSA-24-284-12 Siemens Sentron Powercenter 1000
* ICSA-24-284-13 Siemens Tecnomatix Plant Simulation
* ICSA-24-284-14 Schneider Electric Zelio Soft 2
* ICSA-24-284-15 Rockwell Automation DataMosaix Private Cloud
* ICSA-24-284-16 Rockwell Automation DataMosaix Private Cloud
* ICSA-24-284-17 Rockwell Automation Verve Asset Manager
* ICSA-24-284-18 Rockwell Automation Logix Controllers
* ICSA-24-284-19 Rockwell Automation PowerFlex 6000T
* ICSA-24-284-20 Rockwell Automation ControlLogix
* ICSA-24-284-21 Delta Electronics CNCSoft-G2
---------------------------------------------
https://www.cisa.gov/news-events/alerts/2024/10/10/cisa-releases-twenty-one-industrial-control-systems-advisories


∗∗∗ Synacor Zimbra Collaboration Command Execution Vulnerability ∗∗∗
---------------------------------------------
Threat Actors are exploiting a recently fixed RCE vulnerability in Zimbra email servers, which can be exploited just by sending specially crafted emails to the SMTP server.
---------------------------------------------
https://fortiguard.fortinet.com/outbreak-alert/zimbra-collaboration-rce


∗∗∗ Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2024-048


∗∗∗ 2024-10-10: Cyber Security Advisory - ABB IRC5 RobotWare – PROFINET Stack Vulnerability ∗∗∗
---------------------------------------------
https://search.abb.com/library/Download.aspx?DocumentID=SI20337&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an ASN value of zero (0) is accepted (CVE-2024-47507) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-message-containing-aggregator-attribute-with-an-ASN-value-of-zero-0-is-accepted-CVE-2024-47507


∗∗∗ 2024-10 Security Bulletin: Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash (CVE-2024-47506) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-A-large-amount-of-traffic-being-processed-by-ATP-Cloud-can-lead-to-a-PFE-crash-CVE-2024-47506


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Specific-low-privileged-CLI-commands-and-SNMP-GET-requests-can-trigger-a-resource-leak


∗∗∗ 2024-10 Security Bulletin: Junos OS: Multiple vulnerabilities in OSS component nginx resolved ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-OSS-component-nginx-resolved


∗∗∗ 2024-10 Security Bulletin: Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash (CVE-2024-47504) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5000-Series-Receipt-of-a-specific-malformed-packet-will-cause-a-flowd-crash-CVE-2024-47504


∗∗∗ 2024-10 Security Bulletin: Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash (CVE-2024-47503) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX4600-and-SRX5000-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2024-47503


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: TCP session state is not always cleared on the Routing Engine (CVE-2024-47502) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-TCP-session-state-is-not-always-cleared-on-the-Routing-Engine-CVE-2024-47502


∗∗∗ 2024-10 Security Bulletin: Junos OS: MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C: In a VPLS or Junos Fusion scenario specific show commands cause an FPC crash (CVE-2024-47501) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX304-MX-with-MPC10-11-LC9600-and-EX9200-with-EX9200-15C-In-a-VPLS-or-Junos-Fusion-scenario-specific-show-commands-cause-an-FPC-crash-CVE-2024-47501


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD core (CVE-2024-47499) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BMP-scenario-receipt-of-a-malformed-AS-PATH-attribute-can-cause-an-RPD-core-CVE-2024-47499


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect (CVE-2024-47498) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-QFX5000-Series-Configured-MAC-learning-and-move-limits-are-not-in-effect-CVE-2024-47498


∗∗∗ 2024-10 Security Bulletin: Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion (CVE-2024-47497) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-QFX-Series-MX-Series-and-EX-Series-Receiving-specific-HTTPS-traffic-causes-resource-exhaustion-CVE-2024-47497


∗∗∗ 2024-10 Security Bulletin: Junos OS: MX Series: The PFE will crash on running specific command (CVE-2024-47496) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX-Series-The-PFE-will-crash-on-running-specific-command-CVE-2024-47496


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: In a dual-RE scenario a locally authenticated attacker with shell privileges can take over the device (CVE-2024-47495) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-In-a-dual-RE-scenario-a-locally-authenticated-attacker-with-shell-privileges-can-take-over-the-device-CVE-2024-47495


∗∗∗ 2024-10 Security Bulletin: Junos OS: Due to a race condition AgentD process causes a memory corruption and FPC reset (CVE-2024-47494) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Due-to-a-race-condition-AgentD-process-causes-a-memory-corruption-and-FPC-reset-CVE-2024-47494


∗∗∗ 2024-10 Security Bulletin: Junos OS: J-Web: Multiple vulnerabilities resolved in PHP software. ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-J-Web-Multiple-vulnerabilities-resolved-in-PHP-software


∗∗∗ 2024-10 Security Bulletin: Junos OS: SRX5K, SRX4600 and MX Series: Trio-based FPCs: Continuous physical interface flaps causes local FPC to crash (CVE-2024-47493) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5K-SRX4600-and-MX-Series-Trio-based-FPCs-Continuous-physical-interface-flaps-causes-local-FPC-to-crash-CVE-2024-47493


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP path attribute leads to an RPD crash (CVE-2024-47491) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-path-attribute-leads-to-an-RPD-crash-CVE-2024-47491


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhausted (CVE-2024-47490) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Receipt-of-specific-transit-MPLS-packets-causes-resources-to-be-exhausted-CVE-2024-47490


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: Multiple vulnerabilities resolved in c-ares 1.18.1 ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-c-ares-1-18-1


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE (CVE-2024-47489) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-Series-Receipt-of-specific-transit-protocol-packets-is-incorrectly-processed-by-the-RE-CVE-2024-47489


∗∗∗ 2024-10 Security Bulletin: Junos Space: Remote Command Execution (RCE) vulnerability in web application (CVE-2024-39563) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-Remote-Command-Execution-RCE-vulnerability-in-web-application-CVE-2024-39563


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization (CVE-2024-39547) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-cRPD-Receipt-of-crafted-TCP-traffic-can-trigger-high-CPU-utilization-CVE-2024-39547


∗∗∗ 2024-10 Security Bulletin: Junos OS: Multiple vulnerabilities resolved in OpenSSL ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-resolved-in-OpenSSL


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files (CVE-2024-39544) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Low-privileged-local-user-able-to-view-NETCONF-traceoptions-files-CVE-2024-39544


∗∗∗ 2024-10 Security Bulletin: Junos OS Evolved: Connections to the network and broadcast address accepted (CVE-2024-39534) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Connections-to-the-network-and-broadcast-address-accepted-CVE-2024-39534


∗∗∗ 2024-10 Security Bulletin: Junos OS: SRX Series: Low privileged user able to access sensitive information on file system (CVE-2024-39527) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-sensitive-information-on-file-system-CVE-2024-39527


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: MX Series with MPC10/MPC11/LC9600, MX304, EX9200, PTX Series: Receipt of malformed DHCP packets causes interfaces to stop processing packets (CVE-2024-39526) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-MX-Series-with-MPC10-MPC11-LC9600-MX304-EX9200-PTX-Series-Receipt-of-malformed-DHCP-packets-causes-interfaces-to-stop-processing-packets-CVE-2024-39526


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: When BGP nexthop traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash (CVE-2024-39525) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-nexthop-traceoptions-is-enabled-receipt-of-specially-crafted-BGP-packet-causes-RPD-crash-CVE-2024-39525


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: Junos OS and Junos OS Evolved: Receipt of a specifically malformed BGP packet causes RPD crash when segment routing is enabled (CVE-2024-39516) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-BGP-packet-causes-RPD-crash-when-segment-routing-is-enabled-CVE-2024-39516


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: With BGP traceoptions enabled, receipt of specially crafted BGP update causes RPD crash (CVE-2024-39515) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-traceoptions-enabled-receipt-of-specially-crafted-BGP-update-causes-RPD-crash-CVE-2024-39515


∗∗∗ 2024-10 Security Bulletin: Junos Space: OS command injection vulnerability in OpenSSH (CVE-2023-51385) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-OS-command-injection-vulnerability-in-OpenSSH-CVE-2023-51385


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: With BGP traceoptions enabled, receipt of specifically malformed BGP update causes RPD crash (CVE-2024-39516) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-BGP-packet-causes-RPD-crash-when-segment-routing-is-enabled-CVE-2024-39516


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD core (CVE-2024-47499) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BMP-scenario-receipt-of-a-malformed-AS-PATH-attribute-can-cause-an-RPD-core-CVE-2024-47499


∗∗∗ 2024-10 Security Bulletin: Junos OS and Junos OS Evolved: When BGP traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash (CVE-2024-39525) ∗∗∗
---------------------------------------------
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-nexthop-traceoptions-is-enabled-receipt-of-specially-crafted-BGP-packet-causes-RPD-crash-CVE-2024-39525


∗∗∗ SSA-438590 V1.0: Buffer Overflow Vulnerability in Siveillance Video Camera Drivers ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-438590.html


∗∗∗ CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent (Severity: MEDIUM) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/CVE-2024-9469


∗∗∗ CVE-2024-9471 PAN-OS: Privilege Escalation (PE) Vulnerability in XML API (Severity: MEDIUM) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/CVE-2024-9471


∗∗∗ CVE-2024-9468 PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet (Severity: HIGH) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/CVE-2024-9468


∗∗∗ PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover (Severity: CRITICAL) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/PAN-SA-2024-0010


∗∗∗ CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability (Severity: MEDIUM) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/CVE-2024-9473


∗∗∗ PAN-SA-2024-0011 Chromium: Monthly Vulnerability Updates (Severity: HIGH) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/PAN-SA-2024-0011


∗∗∗ CVE-2024-9470 Cortex XSOAR: Information Disclosure Vulnerability (Severity: MEDIUM) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/CVE-2024-9470


∗∗∗ PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials (Severity: CRITICAL) ∗∗∗
---------------------------------------------
https://security.paloaltonetworks.com/PAN-SA-2024-0010

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list