Citrix Releases Security Updates for Hypervisor

Description of Problem
A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to compromise the host. Citrix believes that there would be significant complexity in performing this attack in Citrix Hypervisor.

The issue has the following CVE identifier:
CVE-2022-26362
In addition Intel has disclosed several issues that affect CPU hardware and may allow code inside a guest VM to access very small sections of memory data that are actively being used elsewhere on the system. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasing hotfixes that include product changes to mitigate these CPU issues.

These issues have the following CVE identifiers:
CVE-2022-21123
CVE-2022-21125
CVE-2022-21127
CVE-2022-21166
Customers who are not running PV guest VMs are not affected by the Citrix Hypervisor issue.
Customers who are not using Intel CPUs are not affected by the Intel CPU issues.

https://support.citrix.com/article/CTX460064/citrix-hypervisor-security-update

Múltiples vulnerabilidades en SRM de Synology

Fecha de publicación: 27/06/2022
Importancia: 4 - Alta

Recursos afectados:
Synology Router Manager (SRM), versiones 1.2 y 1.3.

Descripción:
Synology ha publicado varias vulnerabilidades de severidad alta que afectan al software SRM, las cuales podrían permitir a un ciberatacante inyectar comandos SQL o leer y escribir archivos arbitrarios.

https://www.incibe.es/protege-tu-empresa/avisos-seguridad/multiples-vulnerabilidades-srm-synology

Mitel VoIP Bug Exploited in Ransomware Attacks.

Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim’s environments.

https://threatpost.com/mitel-voip-bug-exploited/180079/

Dozens of cryptography libraries vulnerable to private key theft.

Signing mechanism security shortcomings exposed

A poor implementation of Ed25519, a popular digital signature algorithm, has left dozens of cryptography libraries vulnerable to attacks.

According to Konstantinos Chalkias, a cryptographer at MystenLabs who discovered and reported the vulnerability, attackers could exploit the bug to steal private keys from cryptocurrency wallets.

Some but not yet all of the vulnerable technologies have been patched.

https://portswigger.net/daily-swig/dozens-of-cryptography-libraries-vulnerable-to-private-key-theft

https://github.com/MystenLabs/ed25519-unsafe-libs

Múltiples vulnerabilidades en productos Netgear

Fecha de publicación: 30/06/2022
Identificador: INCIBE-2022-0816
Importancia: 5 - Crítica

Descripción:
Las investigaciones de wtbw han reportado 2 vulnerabilidades críticas en varios productos de Netgear.

Solución:
Descargar la última versión del firmware disponible para cada producto desde la página web de soporte de Netgear.

Detalle:
Las vulnerabilidades son del tipo:
omisión de autenticación,
inyección de comandos previa a la autenticación.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-20

https://www.netgear.com/support/?_ga=2.103705091.246084655.1656482490-551952353.1601964157

Patch Now: Linux Container-Escape Flaw in Azure Service Fabric.

Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.

Microsoft this week disclosed a serious container-escape vulnerability in its widely used Azure Service Fabric technology, which gives attackers a way to gain root privileges on the host node and take over all other nodes in the cluster.

The privilege-escalation bug is only exploitable on Linux containers, though it is present in Windows container environments as well, Microsoft said in an advisory Tuesday.

https://www.darkreading.com/remote-workforce/patch-now-linux-container-escape-flaw-azure-service-fabric

https://www.theregister.com/2022/06/29/azure_service_fabric_cve_2022_30137/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30137

Routers de diversos fabricantes objetivos del nuevo malware ZuoRAT

https://unaaldia.hispasec.com/2022/07/routers-de-diversos-fabricantes-objetivos-del-nuevo-malware-zuorat.html

Tens of Jenkins plugins are affected by zero-day vulnerabilities.

Jenkins security team disclosed tens of flaws affecting 29 plugins for the Jenkins automation server, most of them are yet to be patched.

https://securityaffairs.co/wordpress/132836/security/jenkins-plugins-zero-day-flaws.html

Vulnerabilidad de inyección SQL a través de Django

Fecha de publicación: 05/07/2022
Identificador: INCIBE-2022-0821
Importancia: 4 - Alta

Recursos afectados:
Rama principal de Django,
Django 4.1 (actualmente en estado beta),
Django 4.0,
Django 3.2.

Descripción:
El investigador Takuto Yoshikai, de Aeye Security Lab, ha informado de una posible vulnerabilidad de inyección SQL en Django, un conocido framework de desarrollo web basado en Python. Un atacante podría aprovechar esta vulnerabilidad para efectuar ataques de inyección SQL en páginas web desarrolladas con este framework.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-sql-traves-django

OpenSSL Releases Security Update
Original release date: July 06, 2022

OpenSSL has released a security update to address a vulnerability affecting OpenSSL 3.0.4. An attacker could exploit this vulnerability to take control of an affected system.

https://www.cisa.gov/uscert/ncas/current-activity/2022/07/06/openssl-releases-security-update

https://www.openssl.org/news/secadv/20220705.txt

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

https://www.cisa.gov/uscert/ncas/current-activity/2022/07/07/cisco-releases-security-updates-multiple-products

Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

CVE-2022-29149

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-29149

Vulnerabilidad 0day de credenciales en texto claro en Vinchin Backup and Recovery

Fecha de publicación: 11/07/2022
Identificador: INCIBE-2022-0827
Importancia: 5 - Crítica

Recursos afectados:
Vinchin Backup and Recovery.

Descripción:
Esjay ha descubierto una vulnerabilidad 0day crítica, publicada por ZDI de Trend Micro, en Backup and Recovery de Vinchin, que podría permitir a un atacante remoto omitir la autenticación del producto afectado.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-0day-credenciales-texto-claro-vinchin-backup-and

VMSA-2022-0019

CVSSv3 Range: 3.9
Issue Date: 2022-07-12

CVE(s):
CVE-2022-31654, CVE-2022-31655

Synopsis:
VMware vRealize Log Insight contains multiple stored cross-site scripting vulnerabilities

https://www.vmware.com/security/advisories/VMSA-2022-0019.html

VMSA-2021-0025.2
CVSSv3 Range: 7.1
Issue Date: 2021-11-10
CVE(s): CVE-2021-22048

Synopsis:
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

https://www.vmware.com/security/advisories/VMSA-2021-0025.html

VMSA-2022-0018

CVSSv3 Range: 5.3
Issue Date: 2022-07-12
CVE(s):CVE-2022-22982

Synopsis:
VMware vCenter Server updates address a server-side request forgery vulnerability (CVE-2022-22982)

https://www.vmware.com/security/advisories/VMSA-2022-0018.html

VMSA-2022-0020

CVSSv3 Range: 5.6
Issue Date: 2022-07-12
CVE(s): CVE-2022-29901, CVE-2022-28693, CVE-2022-23816, CVE-2022-23825

Synopsis:
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities

https://www.vmware.com/security/advisories/VMSA-2022-0020.html

Microsoft July 2022 Patch Tuesday fixes exploited zero-day, 84 flaws

The number of bugs in each vulnerability category is listed below:
52 Elevation of Privilege Vulnerabilities
4 Security Feature Bypass Vulnerabilities
12 Remote Code Execution Vulnerabilities
11 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2022-patch-tuesday-fixes-exploited-zero-day-84-flaws/

SAP Security Patch Day –July2022

https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10

Citrix Hypervisor Security Bulletin for CVE-2022-23816 and CVE-2022-23825

https://support.citrix.com/article/CTX461397/citrix-hypervisor-security-bulletin-for-cve202223816-and-cve202223825

July 2022 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2022-Jul