Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices
[...]
The flaw has been assigned the identifier CVE-2022-0342 and is rated 9.8 out of 10 for severity. Credited with reporting the bug are Alessandro Sgreccia from Tecnical Service Srl and Roberto Garcia H and Victor Garcia R from Innotec Security.
[...]
https://thehackernews.com/2022/03/zyxel-releases-patches-for-critical-bug.html
[...]
The flaw has been assigned the identifier CVE-2022-0342 and is rated 9.8 out of 10 for severity. Credited with reporting the bug are Alessandro Sgreccia from Tecnical Service Srl and Roberto Garcia H and Victor Garcia R from Innotec Security.
[...]
https://thehackernews.com/2022/03/zyxel-releases-patches-for-critical-bug.html
About the security content of iOS 15.4.1 and iPadOS 15.4.1
Impact: An application may be able to execute arbitrary code with kernel privileges.
https://support.apple.com/en-us/HT213219
Impact: An application may be able to execute arbitrary code with kernel privileges.
https://support.apple.com/en-us/HT213219
Apple Support
About the security content of iOS 15.4.1 and iPadOS 15.4.1
This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1.
About the security content of macOS Monterey 12.3.1
Impact: An application may be able to execute arbitrary code with kernel privileges
https://support.apple.com/en-us/HT213220
Impact: An application may be able to execute arbitrary code with kernel privileges
https://support.apple.com/en-us/HT213220
Apple Support
About the security content of macOS Monterey 12.3.1
This document describes the security content of macOS Monterey 12.3.1.
SysAdmin 24x7
Spring Framework insecurely handles PropertyDescriptor objects with data binding Vulnerability Note VU#970766 Original Release Date: 2022-03-31 https://kb.cert.org/vuls/id/970766
CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
Level up your Java code and explore what Spring can do for you.
Múltiples vulnerabilidades en productos Netgear
Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica
Descripción:
Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-19
Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica
Descripción:
Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-19
INCIBE-CERT
Múltiples vulnerabilidades en productos Netgear
Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos.
Múltiples vulnerabilidades en GitLab
Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica
Recursos afectados:
Todas las versiones de:
GitLab CE/EE,
GitLab Omnibus,
GitLab Charts,
GitLab Pages.
Descripción:
GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar una vulnerabilidad tipo Cross-Site Scripting (XSS), acceder al token de registro y variables de entorno o causar una denegación de servicio entre otros.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-gitlab
Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica
Recursos afectados:
Todas las versiones de:
GitLab CE/EE,
GitLab Omnibus,
GitLab Charts,
GitLab Pages.
Descripción:
GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar una vulnerabilidad tipo Cross-Site Scripting (XSS), acceder al token de registro y variables de entorno o causar una denegación de servicio entre otros.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-gitlab
INCIBE-CERT
Múltiples vulnerabilidades en GitLab
GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar
CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell)
https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/
https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/
Unit 42
CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)
CVE-2022-22965, aka SpringShell, is a remote code execution vulnerability in the Spring Framework. We provide a root cause analysis and mitigations.
Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities
Original release date: April 01, 2022
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/spring-releases-security-updates-addressing-spring4shell-and
Original release date: April 01, 2022
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/spring-releases-security-updates-addressing-spring4shell-and
www.cisa.gov
Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities | CISA
Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution (RCE) vulnerability CVE-2022-22963 as well as Spring Framework versions 5.3.18 and 5.2.20 to address RCE vulnerability CVE-2022-22965, known as “Spring4Shell.”…
VMSA-2022-0010
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
CVE-2022-26871 Detail
NVD Published Date: 03/29/2022
NVD Last Modified: 03/30/2022
Source: Trend Micro, Inc.
Description
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
https://nvd.nist.gov/vuln/detail/CVE-2022-26871
NVD Published Date: 03/29/2022
NVD Last Modified: 03/30/2022
Source: Trend Micro, Inc.
Description
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
https://nvd.nist.gov/vuln/detail/CVE-2022-26871
Boletín de seguridad de Android de abril de 2022
Fecha de publicación: 05/04/2022
Importancia: 4 - Alta
Recursos afectados:
Android Open Source Project (AOSP):
Versiones 10, 11, 12 y 12L.
Descripción:
El boletín mensual de Android de abril de 2022 soluciona 3 vulnerabilidades de severidad alta que afectan al sistema, y que podrían permitir a un cibedelincuente la escalada remota de privilegios, sin necesidad de privilegios de ejecución adicionales ni interacción por parte del usuario, y la divulgación de información.
https://www.incibe.es/protege-tu-empresa/avisos-seguridad/boletin-seguridad-android-abril-2022
Fecha de publicación: 05/04/2022
Importancia: 4 - Alta
Recursos afectados:
Android Open Source Project (AOSP):
Versiones 10, 11, 12 y 12L.
Descripción:
El boletín mensual de Android de abril de 2022 soluciona 3 vulnerabilidades de severidad alta que afectan al sistema, y que podrían permitir a un cibedelincuente la escalada remota de privilegios, sin necesidad de privilegios de ejecución adicionales ni interacción por parte del usuario, y la divulgación de información.
https://www.incibe.es/protege-tu-empresa/avisos-seguridad/boletin-seguridad-android-abril-2022
INCIBE
Boletín de seguridad de Android de abril de 2022
SysAdmin 24x7
VMSA-2022-0010 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-02 (Initial Advisory) CVE(s): CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965) Impacted Products…
https://t.me/sysadmin24x7/4927
Actualización de contenido sobre vulnerabilidad
VMSA-2022-0010.1
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-06
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
Actualización de contenido sobre vulnerabilidad
VMSA-2022-0010.1
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-06
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
Telegram
SysAdmin 24x7
VMSA-2022-0010
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
Impacted Products…
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
Impacted Products…
Vulnerabilidad SQLi en FortiWAN de Fortinet
Fecha de publicación: 06/04/2022
Importancia: 5 - Crítica
Recursos afectados:
FortiWAN 4.5.8 y anteriores.
Descripción:
Giuseppe Cocomazzi, del equipo Fortinet Product Security, ha descubierto esta vulnerabilidad crítica que podría permitir a un atacante ejecutar código o comandos no autorizados.
Solución:
Actualizar a FortiWAN 4.5.9 o superior.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-sqli-fortiwan-fortinet
Fecha de publicación: 06/04/2022
Importancia: 5 - Crítica
Recursos afectados:
FortiWAN 4.5.8 y anteriores.
Descripción:
Giuseppe Cocomazzi, del equipo Fortinet Product Security, ha descubierto esta vulnerabilidad crítica que podría permitir a un atacante ejecutar código o comandos no autorizados.
Solución:
Actualizar a FortiWAN 4.5.9 o superior.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-sqli-fortiwan-fortinet
www.incibe.es
Vulnerabilidad SQLi en FortiWAN de Fortinet
Giuseppe Cocomazzi, del equipo Fortinet Product Security, ha descubierto esta vulnerabilidad crítica q
VMSA-2022-0011
CVSSv3 Range: 5.3-9.8
Issue Date: 2022-04-06
CVE(s): CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961
Synopsis:
VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.
Impacted Products:
VMware Workspace ONE Access (Access)
VMware Identity Manager (vIDM)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager
https://www.vmware.com/security/advisories/VMSA-2022-0011.html
CVSSv3 Range: 5.3-9.8
Issue Date: 2022-04-06
CVE(s): CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961
Synopsis:
VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.
Impacted Products:
VMware Workspace ONE Access (Access)
VMware Identity Manager (vIDM)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager
https://www.vmware.com/security/advisories/VMSA-2022-0011.html
Citrix Hypervisor Security Update
Description of Problem
A security issue has been identified that affects Citrix Hypervisor.
This issue may allow privileged code in a guest VM to cause the host to crash or become unresponsive. The issue only affects systems with Intel CPUs where the malicious guest VM has had a physical PCI device assigned to it by the host administrator using the PCI passthrough feature.
The issue has the following identifier:
CVE-2022-26357
Customers who have not assigned a physical PCI device to a guest VM are not affected by this issue. Customers who are running on systems with only AMD CPUs are also not affected by this issue.
https://support.citrix.com/article/CTX390511
Description of Problem
A security issue has been identified that affects Citrix Hypervisor.
This issue may allow privileged code in a guest VM to cause the host to crash or become unresponsive. The issue only affects systems with Intel CPUs where the malicious guest VM has had a physical PCI device assigned to it by the host administrator using the PCI passthrough feature.
The issue has the following identifier:
CVE-2022-26357
Customers who have not assigned a physical PCI device to a guest VM are not affected by this issue. Customers who are running on systems with only AMD CPUs are also not affected by this issue.
https://support.citrix.com/article/CTX390511
VMSA-2022-0012
CVSSv3 Range: 7.3
Issue Date: 2022-04-06
CVE(s): CVE-2022-22962, CVE-2022-22964
Synopsis:
VMware Horizon Client for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)
Impacted Products
VMware Horizon Client for Linux
https://www.vmware.com/security/advisories/VMSA-2022-0012.html
CVSSv3 Range: 7.3
Issue Date: 2022-04-06
CVE(s): CVE-2022-22962, CVE-2022-22964
Synopsis:
VMware Horizon Client for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)
Impacted Products
VMware Horizon Client for Linux
https://www.vmware.com/security/advisories/VMSA-2022-0012.html
VMware
VMSA-2022-0012.1
VMware Horizon Agent for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)
ICS Medical Advisory (ICSMA-21-187-01)
Philips Vue PACS (Update B)
CVSS v3: 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Philips
Equipment: Vue PACS
Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Improper Authentication, Improper Initialization, Use of a Broken or Risky Cryptographic Algorithm, Protection Mechanism Failure, Use of a Key Past its Expiration Date, Insecure Default Initialization of Resource, Improper Handling of Unicode Encoding, Insufficiently Protected Credentials, Data Integrity Issues, Cross-site Scripting, Improper Neutralization, Use of Obsolete Function, Relative Path Traversal
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
Philips Vue PACS (Update B)
CVSS v3: 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Philips
Equipment: Vue PACS
Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Improper Authentication, Improper Initialization, Use of a Broken or Risky Cryptographic Algorithm, Protection Mechanism Failure, Use of a Key Past its Expiration Date, Insecure Default Initialization of Resource, Improper Handling of Unicode Encoding, Insufficiently Protected Credentials, Data Integrity Issues, Cross-site Scripting, Improper Neutralization, Use of Obsolete Function, Relative Path Traversal
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
https://t.me/sysadmin24x7/4927
Actualización de contenido sobre vulnerabilidad
VMSA-2022-0010.2
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-06
CVE(s):CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs (TAS)
VMware Tanzu Operations Manager (Ops Manager)
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
Actualización de contenido sobre vulnerabilidad
VMSA-2022-0010.2
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-06
CVE(s):CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs (TAS)
VMware Tanzu Operations Manager (Ops Manager)
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
Telegram
SysAdmin 24x7
VMSA-2022-0010
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
Impacted Products…
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
Impacted Products…
VMSA-2022-0010.4
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-08
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs (TAS)
VMware Tanzu Operations Manager (Ops Manager)
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-08
CVE(s): CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
Impacted Products
VMware Tanzu Application Service for VMs (TAS)
VMware Tanzu Operations Manager (Ops Manager)
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
Microsoft Releases April 2022 Security Updates
Original release date: April 12, 2022
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/microsoft-releases-april-2022-security-updates
Original release date: April 12, 2022
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/microsoft-releases-april-2022-security-updates
www.cisa.gov
Microsoft Releases April 2022 Security Updates | CISA
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s April 2022…