Security Flaws & Fixes - W/E - 092818
Apple Gives macOS Mojave a Security Update (09/25/2018)
Apple issued an update for macOS Mojave due to an input validation issue that could affect Bluetooth traffic. Users should immediately apply the update.
Apple issued an update for macOS Mojave due to an input validation issue that could affect Bluetooth traffic. Users should immediately apply the update.
Audit Finds DHS Drone Data Vulnerable to Cyber Attacks (09/26/2018)
Customs and Border Protection (CBP) has not effectively secured information, including images and video, collected by its drones, a new Department of Homeland Security (DHS) Office of Inspector General report has found. The research stated that CBP did not perform a privacy threshold analysis for the Intelligence, Surveillance, and Reconnaissance (ISR) Systems used in the Unmanned Aircraft Systems program to collect data because CBP officials were unaware of the requirement to do so. In addition, the agency didn't implement security controls either to protect ISR Systems or to implement physical access to the ground control station housing the data for these systems. Recommendations have been made to promote better management of the UAS program and improve the security of data collected.
Customs and Border Protection (CBP) has not effectively secured information, including images and video, collected by its drones, a new Department of Homeland Security (DHS) Office of Inspector General report has found. The research stated that CBP did not perform a privacy threshold analysis for the Intelligence, Surveillance, and Reconnaissance (ISR) Systems used in the Unmanned Aircraft Systems program to collect data because CBP officials were unaware of the requirement to do so. In addition, the agency didn't implement security controls either to protect ISR Systems or to implement physical access to the ground control station housing the data for these systems. Recommendations have been made to promote better management of the UAS program and improve the security of data collected.
Cisco Updates Video Surveillance Manager Software on Account of Vulnerability (09/24/2018)
A vulnerability in Cisco Video Surveillance Manager Software running on certain Connected Safety and Security Unified Computing System platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. Cisco has released software updates that address this vulnerability. In addition, the vendor released a number of advisories on September 26 to remedy vulnerabilities across multiple product lines.
A vulnerability in Cisco Video Surveillance Manager Software running on certain Connected Safety and Security Unified Computing System platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. Cisco has released software updates that address this vulnerability. In addition, the vendor released a number of advisories on September 26 to remedy vulnerabilities across multiple product lines.
Firmware Update Alleviates Missing Authentication Bug in SmartCooler (09/25/2018)
As detailed in an ICS-CERT advisory, Tec4Data released firmware for its SmartCooler, a cooling appliance. A vulnerability, which has been patched, could cause the device to shut down by exploiting missing authentication for a critical function.
As detailed in an ICS-CERT advisory, Tec4Data released firmware for its SmartCooler, a cooling appliance. A vulnerability, which has been patched, could cause the device to shut down by exploiting missing authentication for a critical function.
Linux Kernel Vulnerable to Privilege Escalation Bug (09/26/2018)
Qualys discovered an integer overflow vulnerability in the Linux kernel that could be exploited to cause a privilege escalation. The bug is dubbed "Mutagen Astronomy" and affects Red Hat, CentOS, and Debian 8.
Qualys discovered an integer overflow vulnerability in the Linux kernel that could be exploited to cause a privilege escalation. The bug is dubbed "Mutagen Astronomy" and affects Red Hat, CentOS, and Debian 8.
New Exploit Takes Aim at VBScript Engine (09/25/2018)
Trend Micro has observed an exploit targeting a use-after-free vulnerability that affects the VBScript engine in newer Windows versions. The malware obtains execution permission from Shell.Application by modifying the SafeMode flag in the VBScript Engine.
Trend Micro has observed an exploit targeting a use-after-free vulnerability that affects the VBScript engine in newer Windows versions. The malware obtains execution permission from Shell.Application by modifying the SafeMode flag in the VBScript Engine.
Rockwell Automation Squashes Critical Bugs in RSLinx Classic (09/25/2018)
Rockwell Automation's RSLinx Classic is vulnerable to several security issues which could result in a crash of the device or the execution of arbitrary code. A new software version is available and ICS-CERT posted its own advisory.
Rockwell Automation's RSLinx Classic is vulnerable to several security issues which could result in a crash of the device or the execution of arbitrary code. A new software version is available and ICS-CERT posted its own advisory.
Security Flaws Plague TP-LINK EAP Controller (09/26/2018)
The US-CERT issued an advisory for TP-LINK EAP Controller, which lacks user authentication for RMI service commands and utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server. A Java application or library with the Apache Commons Collections library in its classpath may be coerced into executing arbitrary Java functions or bytecode. Mitigation techniques are available.
The US-CERT issued an advisory for TP-LINK EAP Controller, which lacks user authentication for RMI service commands and utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server. A Java application or library with the Apache Commons Collections library in its classpath may be coerced into executing arbitrary Java functions or bytecode. Mitigation techniques are available.
Twitter Patches 16-Month-Old Bug that Exposed Messages (09/24/2018)
A bug in Twitter's Account Activity API (AAAPI) was discovered on September 10 and fixed, but it had affected accounts from May 2017, the company said in a statement. If a user interacted with an account or business on Twitter that relied on a developer using the AAAPI to provide their services, the bug may have caused some of these interactions to be unintentionally sent to another registered developer. Twitter said the bug affected less than 1% of accounts.
A bug in Twitter's Account Activity API (AAAPI) was discovered on September 10 and fixed, but it had affected accounts from May 2017, the company said in a statement. If a user interacted with an account or business on Twitter that relied on a developer using the AAAPI to provide their services, the bug may have caused some of these interactions to be unintentionally sent to another registered developer. Twitter said the bug affected less than 1% of accounts.
ZDI Calls Out Microsoft After JET Database Engine Bug Remains Officially Unpatched (09/24/2018)
Trend Micro's Zero Day Initiative (ZDI) details regarding an out-of-bounds bug in the Microsoft JET Database Engine that could result in a remote code execution issue. The bug can be triggered by opening a Jet data source via OLEDB. ZDI posted the bug report because the vulnerability was reported to Microsoft on May 8, but has yet to be officially fixed. However, 0patch released micropatch fixes for all supported versions of Windows.
Trend Micro's Zero Day Initiative (ZDI) details regarding an out-of-bounds bug in the Microsoft JET Database Engine that could result in a remote code execution issue. The bug can be triggered by opening a Jet data source via OLEDB. ZDI posted the bug report because the vulnerability was reported to Microsoft on May 8, but has yet to be officially fixed. However, 0patch released micropatch fixes for all supported versions of Windows.