Security Flaws & Fixes - W/E - 101218
Adobe Updates Multiple Products (10/10/2018)
Adobe has released updates for Digital Editions, Framemaker, and Technical Communications Suite.
Adobe has released updates for Digital Editions, Framemaker, and Technical Communications Suite.
Advisory Issued to Warn of Bugs in Auto-Maskin DCU 210E RP 210E (10/08/2018)
An advisory from the US-CERT provides details regarding authentication and encryption vulnerabilities in Auto-Maskin RP remote panels and DCU controls units which can allow attackers to access the units and control connected engines. These devices are used to monitor and control ship engines. At this time, there is no known solution.
An advisory from the US-CERT provides details regarding authentication and encryption vulnerabilities in Auto-Maskin RP remote panels and DCU controls units which can allow attackers to access the units and control connected engines. These devices are used to monitor and control ship engines. At this time, there is no known solution.
Apple's iCloud, iOS Receive Security Updates (10/08/2018)
Apple has released updates for iCloud and iOS. The updates alleviate vulnerabilities in prior versions.
Apple has released updates for iCloud and iOS. The updates alleviate vulnerabilities in prior versions.
Buffer Overflow Issue Patched in GE iFix Version 5.9 (10/10/2018)
GE's iFix HMI products contain a vulnerability that could result in a buffer overflow condition, as detailed in an ICS-CERT advisory. Multiple instances of this vulnerability have been identified in the third-party ActiveX object provided to GE iFIX by Gigasoft. GE released iFIX 5.9 in June 2017 to address this issue.
GE's iFix HMI products contain a vulnerability that could result in a buffer overflow condition, as detailed in an ICS-CERT advisory. Multiple instances of this vulnerability have been identified in the third-party ActiveX object provided to GE iFIX by Gigasoft. GE released iFIX 5.9 in June 2017 to address this issue.
Change Healthcare's PeerVue Web Vulnerable to Information Disclosure (10/08/2018)
The ICS-CERT has published details concerning an information exposure bug in all versions up to 7.6.2 of PeerVue Web Server. Users should contact the Change Healthcare Support team for information regarding the patch.
The ICS-CERT has published details concerning an information exposure bug in all versions up to 7.6.2 of PeerVue Web Server. Users should contact the Change Healthcare Support team for information regarding the patch.
Information Leakage Bug Detected in Carestream Vue RIS (10/08/2018)
Carestream Vue RIS, a Web-based radiology information system, has an information exposure vulnerability, according to an advisory from the ICS-CERT. Remediation and workarounds are available and information.
Carestream Vue RIS, a Web-based radiology information system, has an information exposure vulnerability, according to an advisory from the ICS-CERT. Remediation and workarounds are available and information.
Inspector General Report Finds Serious Issues with DHS S&T Insider Threat Program (10/10/2018)
A report from the Office of the Inspector General (OIG) at the Department of Homeland Security (DHS) raises concerns about the department's research arm, the Science and Technology (S&T) Directorate. The report is classified, but a one-page summary is available to the public and states that between January and June 2017, the OIG conducted a review of the S&T's insider threat program and has since made nine recommendations which are designed to strengthen and improve that program.
A report from the Office of the Inspector General (OIG) at the Department of Homeland Security (DHS) raises concerns about the department's research arm, the Science and Technology (S&T) Directorate. The report is classified, but a one-page summary is available to the public and states that between January and June 2017, the OIG conducted a review of the S&T's insider threat program and has since made nine recommendations which are designed to strengthen and improve that program.
Microsoft Squashes Bugs with October Bulletin of Security Fixes (10/10/2018)
Microsoft's October batch of fixes includes the remediation of security vulnerabilities in Internet Explorer, Edge, Windows, Office, .NET Core, and more. Among the issues remedied by this update is a zero-day
Microsoft's October batch of fixes includes the remediation of security vulnerabilities in Internet Explorer, Edge, Windows, Office, .NET Core, and more. Among the issues remedied by this update is a zero-day
vulnerability detected by Kaspersky Labin win32k.sys that was found in August. The exploit was executed by the first stage of a malware installer to gain necessary privileges for persistence on the victim's system.
Microsoft Stops Accepting Symantec TLS Digital Certificates (10/08/2018)
Since September, Microsoft has been deprecating the SSL/TLS capability of Symantec root certificates due to compliance issues. During certificate renewal, customers must now replace their current certificate with one signed by a non-Symantec root. Based upon a detailed schedule beginning with September 30, Microsoft Edge and Internet Explorer running on Windows 10/Windows Server 2016 will no longer trust certificates signed by the associated root certificate if issued after the TLS NotBefore Date. These dates are depicted in Microsoft's post.
Since September, Microsoft has been deprecating the SSL/TLS capability of Symantec root certificates due to compliance issues. During certificate renewal, customers must now replace their current certificate with one signed by a non-Symantec root. Based upon a detailed schedule beginning with September 30, Microsoft Edge and Internet Explorer running on Windows 10/Windows Server 2016 will no longer trust certificates signed by the associated root certificate if issued after the TLS NotBefore Date. These dates are depicted in Microsoft's post.
MikroTik's RouterOS Affected by Multiple Vulnerabilities (10/08/2018)
Tenable Research has discovered several vulnerabilities in RouterOS, an operating system used in MikroTik routers. The most critical bug is an authenticated remote code execution (RCE) but other issues include a file upload memory exhaustion, a memory corruption, and a recursive parsing stack exhaustion. The RCE bug can lead to a full system compromise. Based on Shodan analysis, approximately 35,000 to 40,000 MikroTik devices display an updated, patched version. MikroTik released RouterOS versions 6.40.9, 6.42.7 and 6.43 to address these vulnerabilities.
Tenable Research has discovered several vulnerabilities in RouterOS, an operating system used in MikroTik routers. The most critical bug is an authenticated remote code execution (RCE) but other issues include a file upload memory exhaustion, a memory corruption, and a recursive parsing stack exhaustion. The RCE bug can lead to a full system compromise. Based on Shodan analysis, approximately 35,000 to 40,000 MikroTik devices display an updated, patched version. MikroTik released RouterOS versions 6.40.9, 6.42.7 and 6.43 to address these vulnerabilities.
Mozilla Gives Thunderbird a Security Update (10/08/2018)
Mozilla pushed out an update for Thunderbird to fix several vulnerabilities. The newest version is 60.2.1.
Mozilla pushed out an update for Thunderbird to fix several vulnerabilities. The newest version is 60.2.1.
Multiple Advisories Posted for Siemens Products (10/09/2018)
Siemens has issued 13 advisories that detail security issues within multiple product lines. Among the issues are vulnerabilities in medium voltage SINAMICs products, a TLS ROBOT bug in SCALANCE W1750D, and an OpenSSL bug in the vendor's industrial products.
Siemens has issued 13 advisories that detail security issues within multiple product lines. Among the issues are vulnerabilities in medium voltage SINAMICs products, a TLS ROBOT bug in SCALANCE W1750D, and an OpenSSL bug in the vendor's industrial products.
Multiple Juniper Networks Advisories Released on October 10 (10/11/2018)
Juniper Networks has released multiple bulletins to address flaws in its product lines. Junos OS and the vSRX Series are among the products that are discussed in these advisories.
Juniper Networks has released multiple bulletins to address flaws in its product lines. Junos OS and the vSRX Series are among the products that are discussed in these advisories.
Report: US Weapons Systems Easily Hackable Due to Critical Bugs (10/10/2018)
The Department of Defense (DOD), which is expected to spend $1.66 trillion USD to develop major weapon systems, is facing mounting challenges in keeping these systems safe from cyber attacks. This information comes from a Government Accountability Office (GAO) report which found that such issues are due to the computerized nature of weapon systems; DOD's late start in prioritizing weapon system cybersecurity; and DOD's nascent understanding of how to develop more secure weapon systems. In operational testing, DOD routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic. Using relatively simple tools and techniques, penetration testers were able to take control of systems and largely operate undetected, due in part to basic issues such as poor password management and unencrypted communications
The Department of Defense (DOD), which is expected to spend $1.66 trillion USD to develop major weapon systems, is facing mounting challenges in keeping these systems safe from cyber attacks. This information comes from a Government Accountability Office (GAO) report which found that such issues are due to the computerized nature of weapon systems; DOD's late start in prioritizing weapon system cybersecurity; and DOD's nascent understanding of how to develop more secure weapon systems. In operational testing, DOD routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic. Using relatively simple tools and techniques, penetration testers were able to take control of systems and largely operate undetected, due in part to basic issues such as poor password management and unencrypted communications
Security Updates Remedy Open Redirect in Apache Tomcat (10/08/2018)
Apache has updated Tomcat to eliminate an open redirect vulnerability. Further information regarding the updates and the affected versions are available from the vendor's advisory.
Apache has updated Tomcat to eliminate an open redirect vulnerability. Further information regarding the updates and the affected versions are available from the vendor's advisory.
Sony's Bravia Smart TVs Vulnerable to Remote Attacks (10/09/2018)
Sony has closed security holes in its Bravia Smart TV devices after receiving notification about these issues from Fortinet. The stack-based overflow, directory traversal, and command injection vulnerabilities affected Sony's proprietary applications called Photo Sharing Plus and could have been remotely exploited.
Sony has closed security holes in its Bravia Smart TV devices after receiving notification about these issues from Fortinet. The stack-based overflow, directory traversal, and command injection vulnerabilities affected Sony's proprietary applications called Photo Sharing Plus and could have been remotely exploited.
Unpatched Vulnerabilities Plague XMeye P2P Cloud Server (10/10/2018)
An alert from the ICS-CERT warns of multiple security issues affecting XMeye P2P Cloud Server from Hangzhou Xiongmai. Mitigations for these bugs are not available. SEC Consult found the issued and contacted the vendor.
An alert from the ICS-CERT warns of multiple security issues affecting XMeye P2P Cloud Server from Hangzhou Xiongmai. Mitigations for these bugs are not available. SEC Consult found the issued and contacted the vendor.
Update Fixes Bug in Fuji Electric Energy Savings Estimator (10/10/2018)
An uncontrolled search path element bug has been detected in Fuji Electric Energy Savings Estimator Versions V.1.0.2.0 and prior. According to the ICS-CERT, users should update to Version V.1.0.2.1.
An uncontrolled search path element bug has been detected in Fuji Electric Energy Savings Estimator Versions V.1.0.2.0 and prior. According to the ICS-CERT, users should update to Version V.1.0.2.1.
VMware Offers Insight into Vulnerabilities in Various Products (10/08/2018)
A SAML authentication bypass vulnerability that was found in the VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) has been resolved. This vulnerability, which can be leveraged during device enrollment, may allow for a malicious actor to impersonate an authorized SAML session if certificate-based authentication is enabled. VMware has also advised on a denial-of-service bug in ESXi, Workstation, and Fusion.
A SAML authentication bypass vulnerability that was found in the VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) has been resolved. This vulnerability, which can be leveraged during device enrollment, may allow for a malicious actor to impersonate an authorized SAML session if certificate-based authentication is enabled. VMware has also advised on a denial-of-service bug in ESXi, Workstation, and Fusion.
WECON's PI Studio Vulnerable to Multiple Bugs (10/08/2018)
Several vulnerabilities have been found in WECON's PI Studio, a HMI project programmer. As discussed in an ICS-CERT advisory, successful exploitation of these vulnerabilities may allow remote code execution, execution of code in the context of an administrator, read past the end of an allocated object or allow an attacker to disclose sensitive information under the context of administrator. The vendor has verified the vulnerabilities but has yet to release updates.
Several vulnerabilities have been found in WECON's PI Studio, a HMI project programmer. As discussed in an ICS-CERT advisory, successful exploitation of these vulnerabilities may allow remote code execution, execution of code in the context of an administrator, read past the end of an allocated object or allow an attacker to disclose sensitive information under the context of administrator. The vendor has verified the vulnerabilities but has yet to release updates.