Wednesday, June 7, 2023
F5 Networks

K000134938 : Intel Processors vulnerability CVE-2022-38090

Security Advisory Description Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable ...
DHS

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series/iQ-F Series EtherNet/IP Modules and EtherNet/IP Configuration tool Vulnerabilities: Weak Password Requirements, Use of Hard-coded Password, Missing Password Field Masking, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of...
DHS

Delta Electronics CNCSoft-B DOPSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-B DOPSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to exploit a buffer overflow condition and remotely execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...
Have I Been Pwned

JD Group – 521,878 breached accounts

In May 2023, the South African retailer JD Group announced a data breach affecting a number of their online assets including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records...
F5 Networks

K31323265 : OpenSSL vulnerability CVE-2022-0778

Security Advisory Description The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is ...
F5 Networks

K000132943 : OpenSSL vulnerability CVE-2022-4304

Security Advisory Description A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher ...
F5 Networks

K000132635 : OpenSSL vulnerability CVE-2022-4450

Security Advisory Description The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the ...
F5 Networks

K000132946 : OpenSSL vulnerability CVE-2023-0215

Security Advisory Description The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, ...
F5 Networks

K000132941 : OpenSSL vulnerability CVE-2023-0286

Security Advisory Description There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public ...
F5 Networks

K83120834 : Diffie-Hellman key agreement protocol weaknesses CVE-2002-20001 & CVE-2022-40735

Security Advisory Description The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger ...
F5 Networks

K000132686 : TLS Triple Handshake Attack vulnerability

Security Advisory Description The original TLS protocol includes a weakness in master secret negotiation, potentially allowing the Triple Handshake Attack that is mitigated by the Extended Master ...
F5 Networks

K000134747 : PHP vulnerability CVE-2023-0568

Security Advisory Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with ...
F5 Networks

K000133753 : PHP vulnerability CVE-2023-0662

Security Advisory Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and ...
F5 Networks

K63597327 : Python Flask vulnerability CVE-2018-1000656

Security Advisory Description The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage ...
F5 Networks

K28622040 : Python vulnerability CVE-2019-9948

Security Advisory Description urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: ...
F5 Networks

K000130512 : SQLite vulnerability CVE-2022-35737

Security Advisory Description SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. (CVE-2022-35737)
F5 Networks

K000132352 : OpenAM Vulnerability CVE-2023-22320

Security Advisory Description OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22).
F5 Networks

K54450124 : NSS vulnerability CVE-2021-43527

Security Advisory Description NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures.
F5 Networks

K49902412 : nghttp vulnerability CVE-2018-1000168

Security Advisory Description nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation ...
F5 Networks

K63525027 : Memcached vulnerability CVE-2018-1000115

Security Advisory Description Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached ...
SC Magazine

Bad guys no longer: here’s how to keep data secure without restricting SaaS apps

CISOs often prohibit or limit the use of SaaS apps for security reasons, but there are other ways to safeguard sensitive data without saying no to all cloud apps.
The Hacker News

New PowerDrop Malware Targeting U.S. Aerospace Industry

An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an...

FBI warns of increasing use of AI-generated deepfakes in sextortion schemes

Enlarge The FBI on Monday warned of the increasing use of artificial intelligence to generate phony videos for use in sextortion schemes that attempt to harass minors and non-consulting...
SC Magazine

New Gigabyte BIOS updates for motherboard backdoor removal issued

Gigabyte has released BIOS updates aimed at removing a firmware backdoor discovered by Eclypsium in over 270 of its motherboard models, which could have been exploited to facilitate the deployment of a Windows binary that would then prompt payload...
SC Magazine

Georgia city mayor rejects dealings with BlackByte ransomware

Officials at the City of Augusta, Georgia, have been noted by Mayor Garnett Johnson to have not communicated with the BlackByte ransomware operation that took credit for a cyberattack against the city that commenced on May 21, according to...