Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/

Actualizaciones críticas en Oracle (octubre 2022)

Fecha de publicación: 19/10/2022
Identificador: INCIBE-2022-0977
Importancia: 5 - Crítica

Descripción:
Oracle ha publicado una actualización crítica con parches para corregir vulnerabilidades, que afectan a múltiples productos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-octubre-2022

CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration.

Video messaging company Zoom fixed a high-severity vulnerability, tracked as CVE-2022-28762, in Zoom Client for Meetings for macOS.

Zoom Client for Meetings for macOS (Standard and for IT Admin) is affected by a debugging port misconfiguration. The issue, tracked as CVE-2022-28762, received a CVSS severity score of 7.3. When the camera mode rendering context is enabled as part of the Zoom App Layers API by running specific Zoom Apps, a local debugging port is opened by the client. A local malicious user can exploit the debugging port to connect to and control the Apps running in the Zoom client.

https://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html

Dangerous hole in Apache Commons Text – like Log4Shell all over again.

https://nakedsecurity.sophos.com/2022/10/18/dangerous-hole-in-apache-commons-text-like-log4shell-all-over-again/

Microsoft fixes Windows TLS handshake failures in out-of-band updates.

Microsoft has issued an out-of-band (OOB) non-security update to address an issue triggering SSL/TLS handshake failures on client and server platforms.

On affected devices, users will see SEC_E_ILLEGAL_MESSAGE errors in applications when connections to servers experience issues.

"We address an issue that might affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections. These connections might have handshake failures," Microsoft explains.

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-tls-handshake-failures-in-out-of-band-updates/

Zoom for Mac patches sneaky “spy-on-me” bug – update now!

https://nakedsecurity.sophos.com/2022/10/18/zoom-for-mac-patches-sneaky-spy-on-me-bug-update-now/

Microsoft data breach exposes customers’ contact info, emails.

Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.

The company secured the server after being notified of the leak on September 24, 2022 by security researchers at threat intelligence firm SOCRadar.

"This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," the company revealed.

https://www.bleepingcomputer.com/news/security/microsoft-data-breach-exposes-customers-contact-info-emails/

Credenciales LDAP expuestas en Liferay

Fecha de publicación: 20/10/2022
Identificador: INCIBA-2022-0979
Importancia: 5 - Crítica

Recursos afectados:
La funcionalidad Test LDAP Users en Liferay Portal 7.0.0 a 7.4.3.4.

Descripción:
Se ha identificado una vulnerabilidad crítica que incluye credenciales del protocolo LDAP en la URL al paginar la lista de usuarios.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/credenciales-ldap-expuestas-liferay

Ejecución de código remoto en productos de F5

Fecha de publicación: 20/10/2022
Identificador: INCIBE-2022-0980
Importancia: 5 - Crítica

Recursos afectados:
El componente iControl REST en BIG-IP (WAF avanzado, ASM) en las versiones:
desde la 16.1.0 hasta 16.1.3;
desde la 15.1.0 hasta 15.1.6;
desde la 14.1.0 hasta 14.1.5;
desde la 13.1.0 hasta 13.1.5.

Descripción:
Existe una vulnerabilidad de ejecución de código remota en la interfaz de BIG-IP iControl REST cuando se suministra el módulo 5 BIG-IP Advanced WAF o BIG-IP ASM.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-codigo-remoto-productos-f5

Múltiples vulnerabilidades en Adobe iota All-In-One Security Kit

Fecha de publicación: 21/10/2022
Identificador: INCIBE-2022-0983
Importancia: 5 - Crítica

Recursos afectados:
Abode iota All-In-One Security Kit, versiones 6.9X y 6.9Z.

Descripción:
Matt Wiseman, investigador de Cisco Talos, ha reportado varias vulnerabilidades, algunas de ellas críticas, en Abode iota All-In-One Security Kit, cuya explotación podría permitir a un atacante cambiar credenciales, inyectar código, modificar información sensible de configuración, apagar el sistema, divulgar información o causar una condición de denegación de servicio (DoS), entre otras acciones.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-adobe-iota-all-one-security-kit

Cisco Releases Security Update for Cisco Identity Services Engine

Cisco has released a security update to address vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review Cisco Advisory cisco-sa-ise-path-trav-Dz5dpzyM and apply the necessary updates.

https://www.cisa.gov/uscert/ncas/current-activity/2022/10/21/cisco-releases-security-update-cisco-identity-services-engine

Apple Fixes Exploited Zero-Day With iOS 16.1 Patch

Apple on Monday shipped a major iOS update with fixes at least 20 documented security defects, including a kernel flaw that’s already being actively exploited in the wild.

https://www.securityweek.com/apple-fixes-exploited-zero-day-ios-161-patch

Múltiples vulnerabilidades en Forma LMS

Fecha de publicación: 25/10/2022
Identificador: INCIBE-2022-0982
Importancia: 5 - Crítica

Recursos afectados:
Forma LMS, versión 3.1.0.

Solución:
Esta vulnerabilidad ha sido resuelta por Forma en LMS versión 3.2.1.

incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-forma-lms

VMSA-2022-0027

CVSSv3 Range: 5.3-9.8
Issue Date: 2022-10-25
Updated On:2022-10-25 (Initial Advisory)
CVE(s): CVE-2021-39144, CVE-2022-31678

Synopsis:
VMware Cloud Foundation updates address multiple vulnerabilities.

Description
VMware Cloud Foundation contains a remote code execution vulnerability via XStream open source library. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

https://www.vmware.com/security/advisories/VMSA-2022-0027.html

Microsoft fixes Windows vulnerable driver blocklist sync issue.

Microsoft says it addressed an issue preventing its vulnerable driver blocklist from being synced to systems running older Windows versions.

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-vulnerable-driver-blocklist-sync-issue/

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds.
• CVE-2022-3437
• CVE-2022-3592

https://www.cisa.gov/uscert/ncas/current-activity/2022/10/26/samba-releases-security-updates

Apple Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/10/26/apple-releases-security-updates-multiple-products

Múltiples vulnerabilidades en productos Aruba

Fecha de publicación: 26/10/2022
Identificador: INCIBE-2022-0991
Importancia: 5 - Crítica

Descripción:
Se han identificado 16 vulnerabilidades, una de ellas de severidad crítica, que afectan a productos Aruba (subsidiaria de HP), cuya explotación podría permitir a un atacante inyectar código, ejecutar código arbitrario de forma remota, modificar la secuencia de arranque, eliminar archivos arbitrarios, causar una condición de denegación de servicio, divulgar información sensible, desbordar el búfer o lectura de archivos arbitrarios.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-aruba-0

Vulnerabilidad en Cisco AnyConnect Secure Mobility Client para Windows

Fecha de publicación: 27/10/2022
Importancia: 4 - Alta

Recursos afectados:
Cisco AnyConnect Secure Mobility Client para Windows, versiones anteriores a 4.9.00086.

Descripción:
Cisco ha corregido una vulnerabilidad de severidad alta en el canal de comunicación entre procesos (IPC) de Cisco AnyConnect Secure Mobility Client para Windows.

https://www.incibe.es/protege-tu-empresa/avisos-seguridad/vulnerabilidad-cisco-anyconnect-secure-mobility-client-windows

OpenSSL to Patch First Critical Vulnerability Since 2016.

The OpenSSL Project has informed users that an upcoming update will patch a critical vulnerability in the open source cryptography and secure communication toolkit.

OpenSSL version 3.0.7 is scheduled for Tuesday, November 1, between 13:00 and 17:00 UTC. No details have been provided, but it has been described as a ‘security-fix release’ that will include a patch for a vulnerability rated ‘critical’.

The issue does not appear to impact OpenSSL versions prior to 3.0.

https://www.securityweek.com/openssl-patch-first-critical-vulnerability-2016

Windows 10 KB5018482 update released with nineteen improvements.

Microsoft has released the optional KB5018482 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2.

This update includes nineteen bug fixes and enhancements, including a fix for graphics issues in Direct3D 9 games and a bug that caused OS upgrades to fail.

The KB5018482 cumulative update preview is part of Microsoft's October 2022 monthly "C" update, allowing admins to test fixes coming in the November 2022 Patch Tuesday.

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5018482-update-released-with-nineteen-improvements/