Múltiples vulnerabilidades en productos VMware

Fecha de publicación: 03/08/2022
Identificador: INCIBE-2022-0864
Importancia: 5 - Crítica

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-27

Cisco Small Business RV Series Routers Vulnerabilities

Advisory ID: cisco-sa-sb-mult-vuln-CbVp4SUR
First Published: 2022 August 3 16:00 GMT
CVSS Score: Base 9.8

Vulnerable Products
CVE-2022-20827 and CVE-2022-20841 affect the following Cisco products:
RV160 VPN Routers
RV160W Wireless-AC VPN Routers
RV260 VPN Routers
RV260P VPN Routers with PoE
RV260W Wireless-AC VPN Routers
RV340 Dual WAN Gigabit VPN Routers
RV340W Dual WAN Gigabit Wireless-AC VPN Routers
RV345 Dual WAN Gigabit VPN Routers
RV345P Dual WAN Gigabit POE VPN Routers

CVE-2022-20842 affects the following Cisco products:
RV340 Dual WAN Gigabit VPN Routers
RV340W Dual WAN Gigabit Wireless-AC VPN Routers
RV345 Dual WAN Gigabit VPN Routers
RV345P Dual WAN Gigabit POE VPN Routers

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR

Ejecución remota de código en DrayTek Vigor Routers

Fecha de publicación: 04/08/2022
Identificador: INCIBE-2022-0867
Importancia: 5 - Crítica

Detalle:
La interfaz de gestión web de los dispositivos vulnerables de DrayTek está afectada por un desbordamiento de búfer en la página de inicio de sesión en /cgi-bin/wlogin.cgi. Un atacante puede suministrar un nombre de usuario y/o una contraseña especialmente diseñados como cadenas codificadas en base64, dentro de los campos 'aa' y 'ab' de la página de inicio de sesión, provocando un error lógico en la verificación del tamaño de estas cadenas codificadas, lo que podría suponer el compromiso total del dispositivo o al acceso, no autorizado, a los recursos internos. Se ha asignado el identificador CVE-2022-32548 para esta vulnerabilidad.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-codigo-draytek-vigor-routers

F5 Releases Security Updates

Original release date: August 04, 2022

F5 has released security updates to address vulnerabilities in multiple products. A privileged attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.cisa.gov/uscert/ncas/current-activity/2022/08/04/f5-releases-security-updates

Large-Scale Phishing Attacks Targeting Microsoft Enterprise Email Services.

Security researchers from ThreatLabz have uncovered a new strain of a large-scale phishing campaign using adversary-in-the-middle (AiTM) techniques along with several evasion tactics.

According to an advisory published by the company on Tuesday, similar AiTM phishing techniques were used in a separate phishing campaign described by Microsoft last month.

Now, ThreatLabz revealed that using intelligence gathered from the Zscaler cloud, it observed an increase in the use of advanced phishing kits in a large-scale campaign in June.

https://www.infosecurity-magazine.com/news/phishing-attacks-microsoft/

https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/

Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution.

Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post.

Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilities in ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition or arbitrary code execution. Alyac is an antivirus software developed for Microsoft Windows machines.

TALOS-2022-1452 (CVE-2022-21147) is a vulnerability that exists in a specific Alyac module that, eventually, leads to a crash of Alyac’s scanning process, which effectively neutralizes the antivirus scan.

https://blog.talosintelligence.com/2022/05/vuln-spotlight-alyac-est.html

Jenkins security: Unpatched XSS, CSRF bugs included in latest plugin advisory.

https://portswigger.net/daily-swig/jenkins-security-unpatched-xss-csrf-bugs-included-in-latest-plugin-advisory

August 5, 2022

An incident impacting some accounts and private information on Twitter

https://privacy.twitter.com/en/blog/2022/an-issue-affecting-some-anonymous-accounts

RHBA-2022:5874 - Bug Fix Advisory

Issued:2022-08-09

OpenShift Container Platform 4.10.26 packages update

Affected Products
Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
Red Hat OpenShift Container Platform 4.10 for RHEL 7 x86_64
Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

https://access.redhat.com/errata/RHBA-2022:5874

VMSA-2022-0021.1

CVSSv3 Range: 4.7-9.8
Issue Date: 2022-08-02
Updated On: 2022-08-09

Impacted Products
VMware Workspace ONE Access (Access)
VMware Workspace ONE Access Connector (Access Connector)
VMware Identity Manager (vIDM)
VMware Identity Manager Connector (vIDM Connector)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager

https://www.vmware.com/security/advisories/VMSA-2022-0021.html

VMSA-2022-0022

CVSSv3 Range: 5.6-7.2
Issue Date: 2022-08-09
Updated On: 2022-08-09 (Initial Advisory)
CVE(s): CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675

Synopsis:
VMware vRealize Operations contains multiple vulnerabilities

https://www.vmware.com/security/advisories/VMSA-2022-0022.html

VMSA-2022-0023

CVSSv3 Range: 5.7
Issue Date: 2022-08-09
Updated On: 2022-08-09 (Initial Advisory)
CVE(s): CVE-2022-22983

Synopsis:
VMware Workstation update addresses an unprotected storage of credentials vulnerability (CVE-2022-22983)

Known Attack Vectors

A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation.

https://www.vmware.com/security/advisories/VMSA-2022-0023.html

Adobe Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/08/09/adobe-releases-security-updates-multiple-products

Microsoft Releases August 2022 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug

Palo Alto Networks Releases Security Update for PAN-OS

https://www.cisa.gov/uscert/ncas/current-activity/2022/08/05/palo-alto-networks-releases-security-update-pan-os

Cisco Talos shares insights related to recent cyber attack on Cisco

[...]
During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.
[...]

https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html

Hotfix XS71ECU2077 - For XenServer 7.1 Cumulative Update 2

https://support.citrix.com/article/CTX462418/hotfix-xs71ecu2077-for-xenserver-71-cumulative-update-2

Citrix Hypervisor Security Bulletin for CVE-2022-33745
Security

https://support.citrix.com/article/CTX463455/citrix-hypervisor-security-bulletin-for-cve202233745

Open AMT Cloud Toolkit Advisory

Advisory Category: Software
Impact of vulnerability: Escalation of Privilege
Severity rating: CRITICAL

Affected Products:
Open AMT Cloud Toolkit software maintained by Intel® before versions 2.0.2 and 2.2.2.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00694.html

Intel® Data Center Manager Advisory

Intel ID: INTEL-SA-00662
Advisory Category: Software
Impact of vulnerability: Escalation of Privilege, Denial of Service
Severity rating: CRITICAL

Affected Products:
Intel® Data Center Manager software before version 4.1.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html

SAP Security Patch Day –August2022

https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10