Actualización de seguridad de SAP de abril de 2023

Fecha de publicación: 12/04/2023
Identificador: Inicbe-2023-0136
Importancia: 5 - Crítica

Recursos afectados:
SAP Diagnostics Agent (OSCommand Bridge and EventLogServiceCollector), versión 720.
SAP BusinessObjects Business Intelligence Platform (Promotion Management, versiones 420 y 430.
SAP NetWeaver (BI CONT ADDON), versiones 707, 737, 747 y 757.
El resto de productos afectados se pueden consultar en SAP Security Patch Day – Abril 2023.

Descripción:
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-abril-2023

Adobe Releases Security Updates for Multiple Products

Release DateApril 11, 2023

https://www.cisa.gov/news-events/alerts/2023/04/11/adobe-releases-security-updates-multiple-products

Juniper Networks Releases Security Updates
Release DateApril 13, 2023

Juniper Networks has released security updates to address vulnerabilities affecting Junos OS, Paragon Active Assurance (PAA), and Juniper Secure Analytics (JSA) Series. An attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.cisa.gov/news-events/alerts/2023/04/13/juniper-networks-releases-security-updates

Chromium: CVE-2023-2033 Type Confusion in V8
CVE-2023-2033
Security Vulnerability
Released: Apr 15, 2023

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2033
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html

Múltiples vulnerabilidades en Control de Ciber

Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0145
Importancia: 4 - Alta

Recursos afectados:
Control de Ciber, versión 1.650.

Descripción:
INCIBE ha coordinado la publicación de 3 vulnerabilidades en el aplicativo Control de Ciber, que han sido descubiertas por Sergio Apellániz.

A estas vulnerabilidades se les han asignado los códigos: CVE-2022-4896, CVE-2022-48474 y CVE-2022-48475.

Para las 3 vulnerabilidades, se ha calculado una puntuación base CVSS v3.1 de 7,3, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:N/UI:N/S:U/C:L/N:N/A:H.

Solución:
No hay solución identificada por el momento.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-control-ciber

Actualizaciones críticas en Oracle (abril 2023)

Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0144
Importancia: 5 - Crítica

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-abril-2023

Múltiples vulnerabilidades en VMware Aria Operations for Logs

Fecha de publicación: 21/04/2023
Identificador: INCIBE-2023-0150
Importancia: 5 - Crítica

Recursos afectados:
VMware Aria Operations for Logs, versiones:
8.10.2;
8.10;
8.8.x;
8.6.x;
4.x.

Descripción:
Diversos investigadores han reportado 2 vulnerabilidades, 1 crítica y 1 alta, que afectan Aria Operations for Logs de VMware, cuya explotación podría permitir a un atacante ejecutar código/comandos arbitrarios como root.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-vmware-aria-operations-logs

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

Release DateApril 21, 2023

Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Drupal security advisory SA-CORE-2023-005 for more information and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/04/21/drupal-releases-security-advisory-address-vulnerability-drupal-core

Oracle Releases Security Updates

Release DateApril 21, 2023

Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for April 2023 to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.cisa.gov/news-events/alerts/2023/04/21/oracle-releases-security-updates

VMSA-2023-0008

CVSSv3 Range:7.3-9.3
Issue Date:2023-04-25

CVE(s):
CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872

Synopsis:
VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872)

https://www.vmware.com/security/advisories/VMSA-2023-0008.html

Apple’s first Rapid Security Response patch fails to install on iPhones

Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones.

https://www.bleepingcomputer.com/news/apple/apples-first-rapid-security-response-patch-fails-to-install-on-iphones/

Elastic Security Labs discovers the LOBSHOT malware

An analysis of LOBSHOT, an hVNC malware family spreading through Google Ads.

https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware

Android’s May 2023 security patch prevents downgrades to infinitely old system app versions

You can no longer downgrade system apps beyond the pre-installed version

https://www.androidpolice.com/android-may-2023-security-patch-no-downgrades-infinitely-old-system-app-versions/

FG-IR-22-297

Date May 3, 2023
Severity High
CVSSv3 Score 7.6

Impact Execute unauthorized code or commands
CVE ID CVE-2023-27999

Affected Products
FortiADC : 7.2.0, 7.1.1, 7.1.0

https://www.fortiguard.com/psirt/FG-IR-22-297

May 2023 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2023-May

USN-6063-1: Ceph vulnerabilities
9 May 2023

Several security issues were fixed in Ceph.

Releases
Ubuntu 22.10 Ubuntu
22.04 LTS Ubuntu
20.04 LTS Ubuntu
18.04 ESM

https://ubuntu.com/security/notices/USN-6063-1

Actualización de seguridad de SAP de mayo de 2023

Fecha de publicación: 10/05/2023
Importancia: 5 - Crítica

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-mayo-de-2023

Múltiples vulnerabilidades en productos de Aruba

Fecha de publicación: 10/05/2023
Importancia: 5 - Crítica

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-de-aruba

New Linux kernel NetFilter flaw gives attackers root privileges

A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.

The CVE-2023-32233 identifier has been reserved for the vulnerability, but a severity level is yet to be determined.

https://www.bleepingcomputer.com/news/security/new-linux-kernel-netfilter-flaw-gives-attackers-root-privileges/

BPFDoor Malware Evolves – Stealthy Sniffing Backdoor Ups Its Game

What is BPFdoor?

BPFdoor is a Linux-specific, low-profile, passive backdoor intended to maintain a persistent, long-term foothold in already-breached networks and environments and functions primarily to ensure an attacker can re-enter an infected system over an extended period of time, post-compromise.

https://www.deepinstinct.com/blog/bpfdoor-malware-evolves-stealthy-sniffing-backdoor-ups-its-game