Security Flaws & Fixes - W/E - 122217
ABB Pushes Out New Versions for Ellipse (12/19/2017)
ABB is resolving a vulnerability in its Ellipse product versions which could have resulted in an attacker discovering authentication credentials by sniffing network traffic. Versions 8.5.26 to 8.9.6 have been released to resolve the bug.
ABB is resolving a vulnerability in its Ellipse product versions which could have resulted in an attacker discovering authentication credentials by sniffing network traffic. Versions 8.5.26 to 8.9.6 have been released to resolve the bug.
DHS S&T Pilot Program Secures Public Safety Apps Against Vulnerabilities (12/18/2017)
A pilot project by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) resulted in the successful remediation of potential cybersecurity vulnerabilities in mobile applications used by the nation's public safety professionals, supporting the creation of an ongoing mobile app testing program. The pilot project, Securing Mobile Applications for First Responders, sought to determine the degree to which the selected public safety apps are vulnerable to cyber attacks - malware, ransomware, and spyware - or had coding vulnerabilities that could compromise the device's security, expose personal data, or allow for eavesdropping. Of the 33 apps tested, 32 of them had security concerns. Eighteen apps were discovered to have critical flaws.
A pilot project by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) resulted in the successful remediation of potential cybersecurity vulnerabilities in mobile applications used by the nation's public safety professionals, supporting the creation of an ongoing mobile app testing program. The pilot project, Securing Mobile Applications for First Responders, sought to determine the degree to which the selected public safety apps are vulnerable to cyber attacks - malware, ransomware, and spyware - or had coding vulnerabilities that could compromise the device's security, expose personal data, or allow for eavesdropping. Of the 33 apps tested, 32 of them had security concerns. Eighteen apps were discovered to have critical flaws.
Ecava IntegraXor Update Boots SQL Injection Bug (12/19/2017)
Ecava's IntegraXor, a Web SCADA/HMI solution, requires an update to version 6.1.1215.0 or newer to mitigate a SQL injection vulnerability. Further information has been posted in an ICS-CERT advisory.
Ecava's IntegraXor, a Web SCADA/HMI solution, requires an update to version 6.1.1215.0 or newer to mitigate a SQL injection vulnerability. Further information has been posted in an ICS-CERT advisory.
Google Gives Chrome an Update (12/18/2017)
Google issued an update to 63.0.3239.86 (Platform version: 10032.71.1) for most Chrome OS devices. This version contains a number of bug fixes and security updates.
Google issued an update to 63.0.3239.86 (Platform version: 10032.71.1) for most Chrome OS devices. This version contains a number of bug fixes and security updates.
Over 1,000 Connected Lexmark Printers Lacking Basic Security Measures (12/20/2017)
More than a thousand Lexmark printers are connected to the Internet but have no password security, the scientists at NewSky Security have warned. All an attacker needs to do is visit the following IP to determine if a specific printer is not secured: example.ip/cgi-bin/dynamic/printer/config/secure/auth/security_summary.html?info=normal&referrer=main_security. Once an unsecured printer is found, an attacker can set up a new password to overwrite prior configurations. NewSky discovered a federal government printer that is vulnerable to such attacks.
More than a thousand Lexmark printers are connected to the Internet but have no password security, the scientists at NewSky Security have warned. All an attacker needs to do is visit the following IP to determine if a specific printer is not secured: example.ip/cgi-bin/dynamic/printer/config/secure/auth/security_summary.html?info=normal&referrer=main_security. Once an unsecured printer is found, an attacker can set up a new password to overwrite prior configurations. NewSky discovered a federal government printer that is vulnerable to such attacks.
PEPPERL+FUCHS/ecom instruments' Products Have Vulnerabilities (12/19/2017)
PEPPERL+FUCHS/ecom instruments has reported that multiple products are affected due to vulnerabilities in the WPA2 protocol. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection. Further information is available from the vendor advisory.
PEPPERL+FUCHS/ecom instruments has reported that multiple products are affected due to vulnerabilities in the WPA2 protocol. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection. Further information is available from the vendor advisory.
Project Zero Links Bugs to Create Apacolypse Attack on Windows 10 (12/20/2017)
The Project Zero team at Google released a proof-of-concept attack for a patched Windows 10 machine that is a variation of a WPAD/PAC (Web Proxy Auto Discovery Protocol/Proxy Auto-Config) attack. This attack method involves connecting several vulnerabilities together which can then be used to launch a remote code execution on the victim machine. Google calls this attack method "Apacolypse."
The Project Zero team at Google released a proof-of-concept attack for a patched Windows 10 machine that is a variation of a WPAD/PAC (Web Proxy Auto Discovery Protocol/Proxy Auto-Config) attack. This attack method involves connecting several vulnerabilities together which can then be used to launch a remote code execution on the victim machine. Google calls this attack method "Apacolypse."
Siemens Mitigates KRACK Attacks with Driver Update for SIMATIC (12/19/2017)
Siemens released a driver update for SIMATIC RF350M and SIMATIC RF650M to mitigate against the KRACK (Key Reinstallation Attacks) vulnerabilities.
Siemens released a driver update for SIMATIC RF350M and SIMATIC RF650M to mitigate against the KRACK (Key Reinstallation Attacks) vulnerabilities.
Siemens Warns of Missing Integrity Verification in LOGO! Soft Comfort (12/19/2017)
Siemens reported that the Update Center of LOGO! Soft Comfort lacks integrity verification on software packages downloaded via an unprotected communication channel. This could allow a remote attacker in a privileged network position to manipulate a software package during download. As a solution, Siemens removed the Update Center from LOGO! Soft Comfort V8.2 and provides SHA-256 checksums for all LOGO! Soft Comfort software packages via a secured channel (HTTPS).
Siemens reported that the Update Center of LOGO! Soft Comfort lacks integrity verification on software packages downloaded via an unprotected communication channel. This could allow a remote attacker in a privileged network position to manipulate a software package during download. As a solution, Siemens removed the Update Center from LOGO! Soft Comfort V8.2 and provides SHA-256 checksums for all LOGO! Soft Comfort software packages via a secured channel (HTTPS).
Trend Micro Patches Bugs in Smart Protection Server (12/20/2017)
A Trend Micro advisory addresses multiple vulnerabilities in Smart Protection Server including session hijacking and remote code executions. The advisory contains patch information for remedying the bugs.
A Trend Micro advisory addresses multiple vulnerabilities in Smart Protection Server including session hijacking and remote code executions. The advisory contains patch information for remedying the bugs.
Updates Alleviate Vulnerability in WECON's LeviStudio HMI (12/19/2017)
A heap-based buffer overflow bug affects all versions of LeviStudio HMI. To mitigate risks, WECON issued updates. ICS-CERT has posted an advisory.
A heap-based buffer overflow bug affects all versions of LeviStudio HMI. To mitigate risks, WECON issued updates. ICS-CERT has posted an advisory.
vBulletin Receives Security Patches (12/20/2017)
Two potential issues have been identified in vBulletin 5.3.2 and higher. The first affects the template rendering functionality and could lead to arbitrary file deletion. The second allows the possibility of remote file inclusion via the legacy routing system on Windows servers. Fixes for these issues have been applied.
Two potential issues have been identified in vBulletin 5.3.2 and higher. The first affects the template rendering functionality and could lead to arbitrary file deletion. The second allows the possibility of remote file inclusion via the legacy routing system on Windows servers. Fixes for these issues have been applied.
VMware Pushes Out Security Fixes for Multiple Products (12/20/2017)
VMware issues updates for ESXi, vCenter Server Appliance, Workstation, and Fusion to address multiple security vulnerabilities.
VMware issues updates for ESXi, vCenter Server Appliance, Workstation, and Fusion to address multiple security vulnerabilities.