Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library
The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode.
The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on Friday.
https://thehackernews.com/2023/04/researchers-discover-critical-remote.html
The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode.
The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on Friday.
https://thehackernews.com/2023/04/researchers-discover-critical-remote.html
Apple issues emergency patches for spyware-style 0-day exploits – update now!
Apple just issued a short, sharp series of security fixes for Macs, iPhones and iPads.
https://nakedsecurity.sophos.com/2023/04/08/apple-issues-emergency-patches-for-spyware-style-0-day-exploits-update-now/
Apple just issued a short, sharp series of security fixes for Macs, iPhones and iPads.
https://nakedsecurity.sophos.com/2023/04/08/apple-issues-emergency-patches-for-spyware-style-0-day-exploits-update-now/
Sophos News
Naked Security – Sophos News
MSI hit in cyberattack, warns against installing knock-off firmware
1.5TB of databases, source code, BIOS tools said to be stolen
Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack.
https://www.theregister.com/2023/04/07/msi_cyberattack_bios/
1.5TB of databases, source code, BIOS tools said to be stolen
Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack.
https://www.theregister.com/2023/04/07/msi_cyberattack_bios/
The Register
MSI hit in cyberattack, warns against installing knock-off firmware
1.5TB of databases, source code, BIOS tools said to be stolen
Múltiples vulnerabilidades en productos HP LaserJet Pro
Fecha de publicación: 10/04/2023
Identificador: INCIBE-2023-0129
Importancia: 4 - Alta
Descripción:
Los equipos de DEVCORE Research Team y Neodyme, en colaboración con Trend Micro ZDI, han reportado 3 vulnerabilidades de severidad alta en impresoras LaserJet Pro de HP.
Solución:
Actualizar el firmware de los productos afectados a la versión 002_2310A o superiores.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hp-laserjet-pro
Fecha de publicación: 10/04/2023
Identificador: INCIBE-2023-0129
Importancia: 4 - Alta
Descripción:
Los equipos de DEVCORE Research Team y Neodyme, en colaboración con Trend Micro ZDI, han reportado 3 vulnerabilidades de severidad alta en impresoras LaserJet Pro de HP.
Solución:
Actualizar el firmware de los productos afectados a la versión 002_2310A o superiores.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hp-laserjet-pro
www.incibe.es
Múltiples vulnerabilidades en productos HP LaserJet Pro
Los equipos de DEVCORE Research Team y Neodyme, en colaboración con Trend Micro ZDI, han reportado 3 v
Múltiples vulnerabilidades en productos de Cisco
Fecha de publicación: 10/04/2023
Identificador: INCIBE-2023-0130
Importancia: 4 - Alta
Recursos afectados:
Cisco EPNM, Cisco ISE y Cisco Prime Infrastructure.
Routers VPN WAN Gigabit Dual RV320 y RV325 de Cisco Small Business.
Cisco Secure Network Analytics: Secure Network Analytics Manager, Secure Network Analytics Virtual Manager y Stealthwatch Management Console 2200.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-86
Fecha de publicación: 10/04/2023
Identificador: INCIBE-2023-0130
Importancia: 4 - Alta
Recursos afectados:
Cisco EPNM, Cisco ISE y Cisco Prime Infrastructure.
Routers VPN WAN Gigabit Dual RV320 y RV325 de Cisco Small Business.
Cisco Secure Network Analytics: Secure Network Analytics Manager, Secure Network Analytics Virtual Manager y Stealthwatch Management Console 2200.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-86
INCIBE-CERT
Múltiples vulnerabilidades en productos de Cisco
Cisco ha detectado 5 vulnerabilidades de severidad alta que podrían permitir: a un atacante local autenticado, salir del shell restringido y obtener privilegios de root en el sistema operativo
Fortinet Releases April 2023 Vulnerability Advisories
Release DateApril 11, 2023
Fortinet has released its April 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/news-events/alerts/2023/04/11/fortinet-releases-april-2023-vulnerability-advisories
Release DateApril 11, 2023
Fortinet has released its April 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/news-events/alerts/2023/04/11/fortinet-releases-april-2023-vulnerability-advisories
Microsoft Releases April 2023 Security Updates
https://msrc.microsoft.com/update-guide/releaseNote/2023-Apr
https://msrc.microsoft.com/update-guide/releaseNote/2023-Apr
Actualización de seguridad de SAP de abril de 2023
Fecha de publicación: 12/04/2023
Identificador: Inicbe-2023-0136
Importancia: 5 - Crítica
Recursos afectados:
SAP Diagnostics Agent (OSCommand Bridge and EventLogServiceCollector), versión 720.
SAP BusinessObjects Business Intelligence Platform (Promotion Management, versiones 420 y 430.
SAP NetWeaver (BI CONT ADDON), versiones 707, 737, 747 y 757.
El resto de productos afectados se pueden consultar en SAP Security Patch Day – Abril 2023.
Descripción:
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-abril-2023
Fecha de publicación: 12/04/2023
Identificador: Inicbe-2023-0136
Importancia: 5 - Crítica
Recursos afectados:
SAP Diagnostics Agent (OSCommand Bridge and EventLogServiceCollector), versión 720.
SAP BusinessObjects Business Intelligence Platform (Promotion Management, versiones 420 y 430.
SAP NetWeaver (BI CONT ADDON), versiones 707, 737, 747 y 757.
El resto de productos afectados se pueden consultar en SAP Security Patch Day – Abril 2023.
Descripción:
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-abril-2023
INCIBE-CERT
Actualización de seguridad de SAP de abril de 2023
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.
Adobe Releases Security Updates for Multiple Products
Release DateApril 11, 2023
https://www.cisa.gov/news-events/alerts/2023/04/11/adobe-releases-security-updates-multiple-products
Release DateApril 11, 2023
https://www.cisa.gov/news-events/alerts/2023/04/11/adobe-releases-security-updates-multiple-products
Juniper Networks Releases Security Updates
Release DateApril 13, 2023
Juniper Networks has released security updates to address vulnerabilities affecting Junos OS, Paragon Active Assurance (PAA), and Juniper Secure Analytics (JSA) Series. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/news-events/alerts/2023/04/13/juniper-networks-releases-security-updates
Release DateApril 13, 2023
Juniper Networks has released security updates to address vulnerabilities affecting Junos OS, Paragon Active Assurance (PAA), and Juniper Secure Analytics (JSA) Series. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/news-events/alerts/2023/04/13/juniper-networks-releases-security-updates
Chromium: CVE-2023-2033 Type Confusion in V8
CVE-2023-2033
Security Vulnerability
Released: Apr 15, 2023
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2033
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html
CVE-2023-2033
Security Vulnerability
Released: Apr 15, 2023
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2033
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html
Chrome Releases
Stable Channel Update for Desktop
The Stable and extended stable channel has been updated to 112.0.5615.121 for Windows Mac and Linux which will roll out over the coming...
Múltiples vulnerabilidades en Control de Ciber
Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0145
Importancia: 4 - Alta
Recursos afectados:
Control de Ciber, versión 1.650.
Descripción:
INCIBE ha coordinado la publicación de 3 vulnerabilidades en el aplicativo Control de Ciber, que han sido descubiertas por Sergio Apellániz.
A estas vulnerabilidades se les han asignado los códigos: CVE-2022-4896, CVE-2022-48474 y CVE-2022-48475.
Para las 3 vulnerabilidades, se ha calculado una puntuación base CVSS v3.1 de 7,3, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:N/UI:N/S:U/C:L/N:N/A:H.
Solución:
No hay solución identificada por el momento.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-control-ciber
Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0145
Importancia: 4 - Alta
Recursos afectados:
Control de Ciber, versión 1.650.
Descripción:
INCIBE ha coordinado la publicación de 3 vulnerabilidades en el aplicativo Control de Ciber, que han sido descubiertas por Sergio Apellániz.
A estas vulnerabilidades se les han asignado los códigos: CVE-2022-4896, CVE-2022-48474 y CVE-2022-48475.
Para las 3 vulnerabilidades, se ha calculado una puntuación base CVSS v3.1 de 7,3, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:N/UI:N/S:U/C:L/N:N/A:H.
Solución:
No hay solución identificada por el momento.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-control-ciber
Actualizaciones críticas en Oracle (abril 2023)
Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0144
Importancia: 5 - Crítica
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-abril-2023
Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0144
Importancia: 5 - Crítica
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-abril-2023
Múltiples vulnerabilidades en VMware Aria Operations for Logs
Fecha de publicación: 21/04/2023
Identificador: INCIBE-2023-0150
Importancia: 5 - Crítica
Recursos afectados:
VMware Aria Operations for Logs, versiones:
8.10.2;
8.10;
8.8.x;
8.6.x;
4.x.
Descripción:
Diversos investigadores han reportado 2 vulnerabilidades, 1 crítica y 1 alta, que afectan Aria Operations for Logs de VMware, cuya explotación podría permitir a un atacante ejecutar código/comandos arbitrarios como root.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-vmware-aria-operations-logs
Fecha de publicación: 21/04/2023
Identificador: INCIBE-2023-0150
Importancia: 5 - Crítica
Recursos afectados:
VMware Aria Operations for Logs, versiones:
8.10.2;
8.10;
8.8.x;
8.6.x;
4.x.
Descripción:
Diversos investigadores han reportado 2 vulnerabilidades, 1 crítica y 1 alta, que afectan Aria Operations for Logs de VMware, cuya explotación podría permitir a un atacante ejecutar código/comandos arbitrarios como root.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-vmware-aria-operations-logs
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Release DateApril 21, 2023
Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review Drupal security advisory SA-CORE-2023-005 for more information and apply the necessary updates.
https://www.cisa.gov/news-events/alerts/2023/04/21/drupal-releases-security-advisory-address-vulnerability-drupal-core
Release DateApril 21, 2023
Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review Drupal security advisory SA-CORE-2023-005 for more information and apply the necessary updates.
https://www.cisa.gov/news-events/alerts/2023/04/21/drupal-releases-security-advisory-address-vulnerability-drupal-core
Oracle Releases Security Updates
Release DateApril 21, 2023
Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for April 2023 to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/news-events/alerts/2023/04/21/oracle-releases-security-updates
Release DateApril 21, 2023
Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for April 2023 to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.cisa.gov/news-events/alerts/2023/04/21/oracle-releases-security-updates
VMSA-2023-0008
CVSSv3 Range:7.3-9.3
Issue Date:2023-04-25
CVE(s):
CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872
Synopsis:
VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872)
https://www.vmware.com/security/advisories/VMSA-2023-0008.html
CVSSv3 Range:7.3-9.3
Issue Date:2023-04-25
CVE(s):
CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872
Synopsis:
VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872)
https://www.vmware.com/security/advisories/VMSA-2023-0008.html
Apple’s first Rapid Security Response patch fails to install on iPhones
Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones.
https://www.bleepingcomputer.com/news/apple/apples-first-rapid-security-response-patch-fails-to-install-on-iphones/
Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones.
https://www.bleepingcomputer.com/news/apple/apples-first-rapid-security-response-patch-fails-to-install-on-iphones/
BleepingComputer
Apple’s first Rapid Security Response patch fails to install on iPhones
Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones.
Elastic Security Labs discovers the LOBSHOT malware
An analysis of LOBSHOT, an hVNC malware family spreading through Google Ads.
https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware
An analysis of LOBSHOT, an hVNC malware family spreading through Google Ads.
https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware
www.elastic.co
Elastic Security Labs discovers the LOBSHOT malware — Elastic Security Labs
Elastic Security Labs is naming a new malware family, LOBSHOT. LOBSHOT propagates and infiltrates targeted networks through Google Ads and hVNC sessions to deploy backdoors masquerading as legitimate application installers.
Android’s May 2023 security patch prevents downgrades to infinitely old system app versions
You can no longer downgrade system apps beyond the pre-installed version
https://www.androidpolice.com/android-may-2023-security-patch-no-downgrades-infinitely-old-system-app-versions/
You can no longer downgrade system apps beyond the pre-installed version
https://www.androidpolice.com/android-may-2023-security-patch-no-downgrades-infinitely-old-system-app-versions/
Android Police
Android’s May 2023 security patch prevents downgrades to infinitely old system app versions
May’s security patch fixes a potential security issue
FG-IR-22-297
Date May 3, 2023
Severity High
CVSSv3 Score 7.6
Impact Execute unauthorized code or commands
CVE ID CVE-2023-27999
Affected Products
FortiADC : 7.2.0, 7.1.1, 7.1.0
https://www.fortiguard.com/psirt/FG-IR-22-297
Date May 3, 2023
Severity High
CVSSv3 Score 7.6
Impact Execute unauthorized code or commands
CVE ID CVE-2023-27999
Affected Products
FortiADC : 7.2.0, 7.1.1, 7.1.0
https://www.fortiguard.com/psirt/FG-IR-22-297
FortiGuard Labs
PSIRT | FortiGuard Labs
None