Chromium: CVE-2023-2033 Type Confusion in V8
CVE-2023-2033
Security Vulnerability
Released: Apr 15, 2023

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2033
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html

Múltiples vulnerabilidades en Control de Ciber

Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0145
Importancia: 4 - Alta

Recursos afectados:
Control de Ciber, versión 1.650.

Descripción:
INCIBE ha coordinado la publicación de 3 vulnerabilidades en el aplicativo Control de Ciber, que han sido descubiertas por Sergio Apellániz.

A estas vulnerabilidades se les han asignado los códigos: CVE-2022-4896, CVE-2022-48474 y CVE-2022-48475.

Para las 3 vulnerabilidades, se ha calculado una puntuación base CVSS v3.1 de 7,3, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:N/UI:N/S:U/C:L/N:N/A:H.

Solución:
No hay solución identificada por el momento.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-control-ciber

Actualizaciones críticas en Oracle (abril 2023)

Fecha de publicación: 19/04/2023
Identificador: INCIBE-2023-0144
Importancia: 5 - Crítica

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-abril-2023

Múltiples vulnerabilidades en VMware Aria Operations for Logs

Fecha de publicación: 21/04/2023
Identificador: INCIBE-2023-0150
Importancia: 5 - Crítica

Recursos afectados:
VMware Aria Operations for Logs, versiones:
8.10.2;
8.10;
8.8.x;
8.6.x;
4.x.

Descripción:
Diversos investigadores han reportado 2 vulnerabilidades, 1 crítica y 1 alta, que afectan Aria Operations for Logs de VMware, cuya explotación podría permitir a un atacante ejecutar código/comandos arbitrarios como root.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-vmware-aria-operations-logs

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

Release DateApril 21, 2023

Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Drupal security advisory SA-CORE-2023-005 for more information and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/04/21/drupal-releases-security-advisory-address-vulnerability-drupal-core

Oracle Releases Security Updates

Release DateApril 21, 2023

Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for April 2023 to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.cisa.gov/news-events/alerts/2023/04/21/oracle-releases-security-updates

VMSA-2023-0008

CVSSv3 Range:7.3-9.3
Issue Date:2023-04-25

CVE(s):
CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872

Synopsis:
VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872)

https://www.vmware.com/security/advisories/VMSA-2023-0008.html

Apple’s first Rapid Security Response patch fails to install on iPhones

Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones.

https://www.bleepingcomputer.com/news/apple/apples-first-rapid-security-response-patch-fails-to-install-on-iphones/

Elastic Security Labs discovers the LOBSHOT malware

An analysis of LOBSHOT, an hVNC malware family spreading through Google Ads.

https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware

Android’s May 2023 security patch prevents downgrades to infinitely old system app versions

You can no longer downgrade system apps beyond the pre-installed version

https://www.androidpolice.com/android-may-2023-security-patch-no-downgrades-infinitely-old-system-app-versions/

FG-IR-22-297

Date May 3, 2023
Severity High
CVSSv3 Score 7.6

Impact Execute unauthorized code or commands
CVE ID CVE-2023-27999

Affected Products
FortiADC : 7.2.0, 7.1.1, 7.1.0

https://www.fortiguard.com/psirt/FG-IR-22-297

May 2023 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2023-May

USN-6063-1: Ceph vulnerabilities
9 May 2023

Several security issues were fixed in Ceph.

Releases
Ubuntu 22.10 Ubuntu
22.04 LTS Ubuntu
20.04 LTS Ubuntu
18.04 ESM

https://ubuntu.com/security/notices/USN-6063-1

Actualización de seguridad de SAP de mayo de 2023

Fecha de publicación: 10/05/2023
Importancia: 5 - Crítica

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-mayo-de-2023

Múltiples vulnerabilidades en productos de Aruba

Fecha de publicación: 10/05/2023
Importancia: 5 - Crítica

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-de-aruba

New Linux kernel NetFilter flaw gives attackers root privileges

A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.

The CVE-2023-32233 identifier has been reserved for the vulnerability, but a severity level is yet to be determined.

https://www.bleepingcomputer.com/news/security/new-linux-kernel-netfilter-flaw-gives-attackers-root-privileges/

BPFDoor Malware Evolves – Stealthy Sniffing Backdoor Ups Its Game

What is BPFdoor?

BPFdoor is a Linux-specific, low-profile, passive backdoor intended to maintain a persistent, long-term foothold in already-breached networks and environments and functions primarily to ensure an attacker can re-enter an infected system over an extended period of time, post-compromise.

https://www.deepinstinct.com/blog/bpfdoor-malware-evolves-stealthy-sniffing-backdoor-ups-its-game

Chaining Five Vulnerabilities to Exploit Netgear Nighthawk RAX30 Routers at Pwn2Own Toronto 2022

The Internet of Things (IoT) has become an increasingly popular target for cyber attacks in recent years because these devices are often poorly secured and can be easily compromised. To highlight the vulnerabilities of IoT devices and encourage better security practices from manufacturers, the Zero Day Initiative (ZDI) organized a Pwn2Own competition last fall in Toronto that focused on hacking into IoT devices such as printers, network-attached storage (NAS) devices, routers, and smart speakers. This competition brought together experienced hackers to demonstrate their skills in finding and exploiting vulnerabilities in these devices.

https://claroty.com/team82/research/chaining-five-vulnerabilities-to-exploit-netgear-nighthawk-rax30-routers-at-pwn2own-toronto-2022

Múltiples vulnerabilidades detectadas en diferentes productos Autodesk

Fecha de publicación: 15/05/2023

Descripción
Autodesk ha publicado varias vulnerabilidades en sus productos. Estas podrían ser explotadas por un atacante malintencionado pudiendo lograr privilegios de administrador que no le corresponden para llevar a cabo acciones ilegítimas. Estas vulnerabilidades de importancia alta son de tipo: escritura y lectura fuera de límites, desbordamiento de datos, corrupción de memoria y escalada de privilegios.

https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-detectadas-en-diferentes-productos-autodesk

Actualización de seguridad 6.2.1 para WordPress

Fecha de publicación: 17/05/2023
Importancia: 4 - Alta

Recursos Afectados:
WordPress, versiones anteriores a 6.2.1.

Descripción
Se ha publicado la última versión de WordPress que contiene correcciones de seguridad.

Solución
Actualizar a la versión 6.2.1 desde la página web de WordPress o en el panel de control hacer clicc en "Actualizaciones" y luego en "Actualizar ahora".

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-621-para-wordpress