Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild.
CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates.
Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8)
macOS Monterey 12.2.1
iOS 15.3.1 and iPadOS 15.3.1
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/11/apple-releases-security-updates-multiple-products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild.
CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates.
Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8)
macOS Monterey 12.2.1
iOS 15.3.1 and iPadOS 15.3.1
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/11/apple-releases-security-updates-multiple-products
www.cisa.gov
Apple Releases Security Updates for Multiple Products | CISA
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild. CISA…
pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available
https://www.netgate.com/blog/pfsense-plus-software-version-22.01-and-ce-2.6.0-are-now-available
https://www.netgate.com/blog/pfsense-plus-software-version-22.01-and-ce-2.6.0-are-now-available
Netgate
pfSense Plus Version 22.01 and CE Version 2.6.0 Software Now Available
This is a regularly scheduled release of pfSense Plus software and pfSense CE software including new features, additional hardware support, and bug fixes.
VMSA-2022-0001.2
CVSSv3 Range: 7.7
Issue Date: 2022-01-04
Updated On: 2022-02-14
CVE(s): CVE-2021-22045
Synopsis:
VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion
VMware Cloud Foundation
https://www.vmware.com/security/advisories/VMSA-2022-0001.html
CVSSv3 Range: 7.7
Issue Date: 2022-01-04
Updated On: 2022-02-14
CVE(s): CVE-2021-22045
Synopsis:
VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion
VMware Cloud Foundation
https://www.vmware.com/security/advisories/VMSA-2022-0001.html
VMSA-2022-0004
CVSSv3 Range: 5.3-8.4
Issue Date: 2022-02-15
CVE(s):CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
https://www.vmware.com/security/advisories/VMSA-2022-0004.html
CVSSv3 Range: 5.3-8.4
Issue Date: 2022-02-15
CVE(s):CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
https://www.vmware.com/security/advisories/VMSA-2022-0004.html
VMSA-2022-0005
CVSSv3 Range: 8.8
Issue Date: 2022-02-15
CVE(s): CVE-2022-22945
Synopsis:
VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945)
Impacted Products
VMware NSX Data Center for vSphere (NSX-V)
https://www.vmware.com/security/advisories/VMSA-2022-0005.html
CVSSv3 Range: 8.8
Issue Date: 2022-02-15
CVE(s): CVE-2022-22945
Synopsis:
VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945)
Impacted Products
VMware NSX Data Center for vSphere (NSX-V)
https://www.vmware.com/security/advisories/VMSA-2022-0005.html
VMware
VMSA-2022-0005
VMware NSX Edge update addresses CLI shell injection vulnerability (CVE-2022-22945)
Múltiples vulnerabilidades en productos VMware
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
ESXi, versiones:
7.0 U3;
7.0 U2;
7.0 U1;
7.0;
6.7;
6.5.
Fusion, versiones 12.x.
Workstation, versiones 16.x.
Cloud Foundation (ESXi), versiones:
4.x;
3.x.
NSX Data Center para vSphere, todas las versiones.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-24
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
ESXi, versiones:
7.0 U3;
7.0 U2;
7.0 U1;
7.0;
6.7;
6.5.
Fusion, versiones 12.x.
Workstation, versiones 16.x.
Cloud Foundation (ESXi), versiones:
4.x;
3.x.
NSX Data Center para vSphere, todas las versiones.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-24
INCIBE-CERT
Múltiples vulnerabilidades en productos VMware
Los investigadores Wei de Kunlun Lab, junto con Dimitri Di Cristofaro y Przemek Reszke de SECFORCE LTD, han reportado 6 vulnerabilidades, 5 de severidad alta y 1 media, aunque la combinación de
Múltiples vulnerabilidades en productos de TIBCO
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
TIBCO BusinessConnect Container Edition versión 1.1.0 y anteriores;
TIBCO AuditSafe versión 1.1.0 y anteriores.
Componentes Database, Auth Server y Web Server.
Descripción:
TIBCO ha reportado 3 vulnerabilidades: 2 de severidad crítica y 1 de severidad alta por las que un atacante no autenticado con acceso a la red podría ejecutar métodos de la API en el sistema afectado y obtener nombres y contraseñas de los usuarios.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-tibco-4
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
TIBCO BusinessConnect Container Edition versión 1.1.0 y anteriores;
TIBCO AuditSafe versión 1.1.0 y anteriores.
Componentes Database, Auth Server y Web Server.
Descripción:
TIBCO ha reportado 3 vulnerabilidades: 2 de severidad crítica y 1 de severidad alta por las que un atacante no autenticado con acceso a la red podría ejecutar métodos de la API en el sistema afectado y obtener nombres y contraseñas de los usuarios.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-tibco-4
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Drupal security advisories SA-CORE-2022-003 and SA-CORE-2022-004 and apply the necessary updates.
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/drupal-releases-security-updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Drupal security advisories SA-CORE-2022-003 and SA-CORE-2022-004 and apply the necessary updates.
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/drupal-releases-security-updates
www.cisa.gov
Drupal Releases Security Updates | CISA
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following…
Cisco Releases Security Updates for Email Security Appliance
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/cisco-releases-security-updates-email-security-appliance
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/cisco-releases-security-updates-email-security-appliance
www.cisa.gov
Cisco Releases Security Updates for Email Security Appliance | CISA
Cisco has released security updates to address a vulnerability affecting Cisco Email Security Appliance. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see…
Unsafe client-side session storage leading to authentication bypass / instance takeover via Zabbix Frontend with configured SAML (CVE-2022-23131)
https://support.zabbix.com/plugins/servlet/mobile#issue/ZBX-20350
https://support.zabbix.com/plugins/servlet/mobile#issue/ZBX-20350
Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites
https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html
https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html
VMSA-2022-0006
CVSSv3 Range: 6.6
Issue Date: 2022-02-23
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
Impacted Products
VMware Workspace ONE Boxer
https://www.vmware.com/security/advisories/VMSA-2022-0006.html
CVSSv3 Range: 6.6
Issue Date: 2022-02-23
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
Impacted Products
VMware Workspace ONE Boxer
https://www.vmware.com/security/advisories/VMSA-2022-0006.html
VMware
VMSA-2022-0006
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
Advisory ID: cisco-sa-nxos-bfd-dos-wGQXrzxn
First Published: 2022 February 23 16:00 GMT
Workarounds: No workarounds available
CVSS Score: Base 8.6
CVE-2022-20623
Summary
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn
Advisory ID: cisco-sa-nxos-bfd-dos-wGQXrzxn
First Published: 2022 February 23 16:00 GMT
Workarounds: No workarounds available
CVSS Score: Base 8.6
CVE-2022-20623
Summary
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn
Cisco
Cisco Security Advisory: Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.…
Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability
Advisory ID: cisco-sa-cfsoip-dos-tpykyDr
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvy95696 CSCvy95840
CVSS Score: 8.6
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the CFSoIP feature enabled:
Nexus 3000 Series Switches (CSCvy95696)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvy95696)
UCS 6400 Series Fabric Interconnects (CSCvy95840)
Note: For Nexus 3000 and Nexus 9000 Series Switches, CFSoIP is not enabled by default. For UCS 6400 Series Fabric Interconnects, CFSoIP is enabled by default.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cfsoip-dos-tpykyDr
Advisory ID: cisco-sa-cfsoip-dos-tpykyDr
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvy95696 CSCvy95840
CVSS Score: 8.6
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the CFSoIP feature enabled:
Nexus 3000 Series Switches (CSCvy95696)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvy95696)
UCS 6400 Series Fabric Interconnects (CSCvy95840)
Note: For Nexus 3000 and Nexus 9000 Series Switches, CFSoIP is not enabled by default. For UCS 6400 Series Fabric Interconnects, CFSoIP is enabled by default.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cfsoip-dos-tpykyDr
Cisco NX-OS Software NX-API Command Injection Vulnerability
Advisory ID: cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvz80191 CSCvz81047
CVSS Score: Base 8.8
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
Note: The NX-API feature is disabled by default.
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the NX-API feature enabled:
Nexus 3000 Series Switches (CSCvz80191)
Nexus 5500 Platform Switches (CSCvz81047)
Nexus 5600 Platform Switches (CSCvz81047)
Nexus 6000 Series Switches (CSCvz81047)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvz80191)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
Advisory ID: cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvz80191 CSCvz81047
CVSS Score: Base 8.8
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
Note: The NX-API feature is disabled by default.
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the NX-API feature enabled:
Nexus 3000 Series Switches (CSCvz80191)
Nexus 5500 Platform Switches (CSCvz81047)
Nexus 5600 Platform Switches (CSCvz81047)
Nexus 6000 Series Switches (CSCvz81047)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvz80191)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
Cisco
Cisco Security Advisory: Cisco NX-OS Software NX-API Command Injection Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
The vulnerability is due to insufficient input validation of user supplied data that is sent to…
The vulnerability is due to insufficient input validation of user supplied data that is sent to…
GPU giant Nvidia is investigating a potential cyberattack.
US chipmaker giant Nvidia confirmed today it's currently investigating an "incident" that reportedly took down some of its systems for two days.
https://www.bleepingcomputer.com/news/security/gpu-giant-nvidia-is-investigating-a-potential-cyberattack/
US chipmaker giant Nvidia confirmed today it's currently investigating an "incident" that reportedly took down some of its systems for two days.
https://www.bleepingcomputer.com/news/security/gpu-giant-nvidia-is-investigating-a-potential-cyberattack/
BleepingComputer
GPU giant Nvidia is investigating a potential cyberattack
US chipmaker giant Nvidia confirmed today it's currently investigating an "incident" that reportedly took down some of its systems for two days.
Múltiples vulnerabilidades en productos de GitLab
Fecha de publicación: 28/02/2022
Importancia: 5 - Crítica
Recursos afectados:
GitLab CE/EE, todas las versiones;
GitLab Omnibus, versiones anteriores a 14.8.
Descripción:
GitLab ha publicado 7 vulnerabilidades: 1 de severidad crítica, 5 de severidad media y 1 de severidad baja, por las que un atacante podría acceder al token de registro, añadir usuarios a grupos a través de una API, acceder a variables de entorno, listar usuarios no autenticados, ejecutar comandos arbitrarios, filtrar credenciales o causar una denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-gitlab
Fecha de publicación: 28/02/2022
Importancia: 5 - Crítica
Recursos afectados:
GitLab CE/EE, todas las versiones;
GitLab Omnibus, versiones anteriores a 14.8.
Descripción:
GitLab ha publicado 7 vulnerabilidades: 1 de severidad crítica, 5 de severidad media y 1 de severidad baja, por las que un atacante podría acceder al token de registro, añadir usuarios a grupos a través de una API, acceder a variables de entorno, listar usuarios no autenticados, ejecutar comandos arbitrarios, filtrar credenciales o causar una denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-gitlab
INCIBE-CERT
Múltiples vulnerabilidades en productos de GitLab
GitLab ha publicado 7 vulnerabilidades: 1 de severidad crítica, 5 de severidad media y 1 de severidad baja, por las que un atacante podría acceder al token de registro, añadir usuarios a grupos a
Múltiples vulnerabilidades en Lansweeper
Fecha de publicación: 01/03/2022
Importancia: 5 - Crítica
Recursos afectados:
Lansweeper 9.1.20. 2.
Descripción:
Marcin "Icewall" Noga, investigador de Cisco Talos, ha reportado 4 vulnerabilidades en la solución de gestión de activos informáticos Lansweeper, 3 de severidad crítica y 1 medio, cuya explotación podría permitir a un atacante realizar inyecciones SQL e inyección arbitraria de código Javascript.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-lansweeper
Fecha de publicación: 01/03/2022
Importancia: 5 - Crítica
Recursos afectados:
Lansweeper 9.1.20. 2.
Descripción:
Marcin "Icewall" Noga, investigador de Cisco Talos, ha reportado 4 vulnerabilidades en la solución de gestión de activos informáticos Lansweeper, 3 de severidad crítica y 1 medio, cuya explotación podría permitir a un atacante realizar inyecciones SQL e inyección arbitraria de código Javascript.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-lansweeper
INCIBE-CERT
Múltiples vulnerabilidades en Lansweeper
Marcin "Icewall" Noga, investigador de Cisco Talos, ha reportado 4 vulnerabilidades en la solución de gestión de activos informáticos Lansweeper, 3 de severidad crítica y 1 medio, cuya explotación
VMSA-2022-0007
CVSSv3 Range: 5.6
Issue Date: 2022-03-01
CVE(s): CVE-2022-22943
Synopsis:
VMware Tools for Windows update addresses an uncontrolled search path vulnerability (CVE-2022-22943)
Impacted Products
VMware Tools for Windows
https://www.vmware.com/security/advisories/VMSA-2022-0007.html
CVSSv3 Range: 5.6
Issue Date: 2022-03-01
CVE(s): CVE-2022-22943
Synopsis:
VMware Tools for Windows update addresses an uncontrolled search path vulnerability (CVE-2022-22943)
Impacted Products
VMware Tools for Windows
https://www.vmware.com/security/advisories/VMSA-2022-0007.html
Omisión de autenticación administrativa en FortiMail de Fortinet
Fecha de publicación: 02/03/2022
Importancia: 5 - Crítica
Recursos afectados:
FortiMail, versiones:
7.0.0 y anteriores;
6.4.5 y anteriores;
6.2.7 y anteriores;
6.0.11 y anteriores;
5.4.12 y anteriores.
Descripción:
Giuseppe Cocomazzi, del equipo de seguridad de productos de Fortinet, ha reportado una vulnerabilidad de severidad crítica de omisión de autenticación en FortiMail.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autenticacion-administrativa-fortimail-fortinet
Fecha de publicación: 02/03/2022
Importancia: 5 - Crítica
Recursos afectados:
FortiMail, versiones:
7.0.0 y anteriores;
6.4.5 y anteriores;
6.2.7 y anteriores;
6.0.11 y anteriores;
5.4.12 y anteriores.
Descripción:
Giuseppe Cocomazzi, del equipo de seguridad de productos de Fortinet, ha reportado una vulnerabilidad de severidad crítica de omisión de autenticación en FortiMail.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autenticacion-administrativa-fortimail-fortinet
INCIBE-CERT
Omisión de autenticación administrativa en FortiMail de Fortinet
Giuseppe Cocomazzi, del equipo de seguridad de productos de Fortinet, ha reportado una vulnerabilidad de severidad crítica de omisión de autenticación en FortiMail.