AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 2 óra 52 perc
2022. május 11.

ESB-2022.2281 - [RedHat] container-tools:3.0: CVSS (Max): 8.0.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2281 container-tools:3.0 security update 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: container-tools:3.0 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-1227 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:2143 Comment: CVSS (Max): 8.0 CVE-2022-1227 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: container-tools:3.0 security update Advisory ID: RHSA-2022:2143-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2143 Issue date: 2022-05-10 CVE Names: CVE-2022-1227 ===================================================================== 1. Summary: An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * psgo: Privilege escalation in 'podman top' (CVE-2022-1227) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2070368 - CVE-2022-1227 psgo: Privilege escalation in 'podman top' 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: buildah-1.19.9-3.module+el8.6.0+14874+64436299.src.rpm cockpit-podman-29-2.module+el8.6.0+14874+64436299.src.rpm conmon-2.0.26-1.module+el8.6.0+14874+64436299.src.rpm container-selinux-2.178.0-2.module+el8.6.0+14874+64436299.src.rpm containernetworking-plugins-0.9.1-1.module+el8.6.0+14874+64436299.src.rpm criu-3.15-1.module+el8.6.0+14874+64436299.src.rpm crun-0.18-3.module+el8.6.0+14874+64436299.src.rpm fuse-overlayfs-1.4.0-2.module+el8.6.0+14874+64436299.src.rpm libslirp-4.3.1-1.module+el8.6.0+14874+64436299.src.rpm oci-seccomp-bpf-hook-1.2.0-3.module+el8.6.0+14874+64436299.src.rpm podman-3.0.1-9.module+el8.6.0+14874+64436299.src.rpm runc-1.0.0-73.rc95.module+el8.6.0+14874+64436299.src.rpm skopeo-1.2.4-1.module+el8.6.0+14874+64436299.src.rpm slirp4netns-1.1.8-1.module+el8.6.0+14874+64436299.src.rpm toolbox-0.0.99.3-1.module+el8.6.0+14874+64436299.src.rpm udica-0.2.4-1.module+el8.6.0+14874+64436299.src.rpm aarch64: buildah-1.19.9-3.module+el8.6.0+14874+64436299.aarch64.rpm buildah-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.aarch64.rpm buildah-debugsource-1.19.9-3.module+el8.6.0+14874+64436299.aarch64.rpm buildah-tests-1.19.9-3.module+el8.6.0+14874+64436299.aarch64.rpm buildah-tests-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.aarch64.rpm conmon-2.0.26-1.module+el8.6.0+14874+64436299.aarch64.rpm conmon-debuginfo-2.0.26-1.module+el8.6.0+14874+64436299.aarch64.rpm conmon-debugsource-2.0.26-1.module+el8.6.0+14874+64436299.aarch64.rpm containernetworking-plugins-0.9.1-1.module+el8.6.0+14874+64436299.aarch64.rpm containernetworking-plugins-debuginfo-0.9.1-1.module+el8.6.0+14874+64436299.aarch64.rpm containernetworking-plugins-debugsource-0.9.1-1.module+el8.6.0+14874+64436299.aarch64.rpm containers-common-1.2.4-1.module+el8.6.0+14874+64436299.aarch64.rpm crit-3.15-1.module+el8.6.0+14874+64436299.aarch64.rpm criu-3.15-1.module+el8.6.0+14874+64436299.aarch64.rpm criu-debuginfo-3.15-1.module+el8.6.0+14874+64436299.aarch64.rpm criu-debugsource-3.15-1.module+el8.6.0+14874+64436299.aarch64.rpm crun-0.18-3.module+el8.6.0+14874+64436299.aarch64.rpm crun-debuginfo-0.18-3.module+el8.6.0+14874+64436299.aarch64.rpm crun-debugsource-0.18-3.module+el8.6.0+14874+64436299.aarch64.rpm fuse-overlayfs-1.4.0-2.module+el8.6.0+14874+64436299.aarch64.rpm fuse-overlayfs-debuginfo-1.4.0-2.module+el8.6.0+14874+64436299.aarch64.rpm fuse-overlayfs-debugsource-1.4.0-2.module+el8.6.0+14874+64436299.aarch64.rpm libslirp-4.3.1-1.module+el8.6.0+14874+64436299.aarch64.rpm libslirp-debuginfo-4.3.1-1.module+el8.6.0+14874+64436299.aarch64.rpm libslirp-debugsource-4.3.1-1.module+el8.6.0+14874+64436299.aarch64.rpm libslirp-devel-4.3.1-1.module+el8.6.0+14874+64436299.aarch64.rpm oci-seccomp-bpf-hook-1.2.0-3.module+el8.6.0+14874+64436299.aarch64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.6.0+14874+64436299.aarch64.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.6.0+14874+64436299.aarch64.rpm podman-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-catatonit-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-catatonit-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-debugsource-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-plugins-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-plugins-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-remote-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-remote-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm podman-tests-3.0.1-9.module+el8.6.0+14874+64436299.aarch64.rpm python3-criu-3.15-1.module+el8.6.0+14874+64436299.aarch64.rpm runc-1.0.0-73.rc95.module+el8.6.0+14874+64436299.aarch64.rpm runc-debuginfo-1.0.0-73.rc95.module+el8.6.0+14874+64436299.aarch64.rpm runc-debugsource-1.0.0-73.rc95.module+el8.6.0+14874+64436299.aarch64.rpm skopeo-1.2.4-1.module+el8.6.0+14874+64436299.aarch64.rpm skopeo-debuginfo-1.2.4-1.module+el8.6.0+14874+64436299.aarch64.rpm skopeo-debugsource-1.2.4-1.module+el8.6.0+14874+64436299.aarch64.rpm skopeo-tests-1.2.4-1.module+el8.6.0+14874+64436299.aarch64.rpm slirp4netns-1.1.8-1.module+el8.6.0+14874+64436299.aarch64.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.6.0+14874+64436299.aarch64.rpm slirp4netns-debugsource-1.1.8-1.module+el8.6.0+14874+64436299.aarch64.rpm toolbox-0.0.99.3-1.module+el8.6.0+14874+64436299.aarch64.rpm toolbox-debuginfo-0.0.99.3-1.module+el8.6.0+14874+64436299.aarch64.rpm toolbox-debugsource-0.0.99.3-1.module+el8.6.0+14874+64436299.aarch64.rpm toolbox-tests-0.0.99.3-1.module+el8.6.0+14874+64436299.aarch64.rpm noarch: cockpit-podman-29-2.module+el8.6.0+14874+64436299.noarch.rpm container-selinux-2.178.0-2.module+el8.6.0+14874+64436299.noarch.rpm podman-docker-3.0.1-9.module+el8.6.0+14874+64436299.noarch.rpm udica-0.2.4-1.module+el8.6.0+14874+64436299.noarch.rpm ppc64le: buildah-1.19.9-3.module+el8.6.0+14874+64436299.ppc64le.rpm buildah-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.ppc64le.rpm buildah-debugsource-1.19.9-3.module+el8.6.0+14874+64436299.ppc64le.rpm buildah-tests-1.19.9-3.module+el8.6.0+14874+64436299.ppc64le.rpm buildah-tests-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.ppc64le.rpm conmon-2.0.26-1.module+el8.6.0+14874+64436299.ppc64le.rpm conmon-debuginfo-2.0.26-1.module+el8.6.0+14874+64436299.ppc64le.rpm conmon-debugsource-2.0.26-1.module+el8.6.0+14874+64436299.ppc64le.rpm containernetworking-plugins-0.9.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm containernetworking-plugins-debuginfo-0.9.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm containernetworking-plugins-debugsource-0.9.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm containers-common-1.2.4-1.module+el8.6.0+14874+64436299.ppc64le.rpm crit-3.15-1.module+el8.6.0+14874+64436299.ppc64le.rpm criu-3.15-1.module+el8.6.0+14874+64436299.ppc64le.rpm criu-debuginfo-3.15-1.module+el8.6.0+14874+64436299.ppc64le.rpm criu-debugsource-3.15-1.module+el8.6.0+14874+64436299.ppc64le.rpm crun-0.18-3.module+el8.6.0+14874+64436299.ppc64le.rpm crun-debuginfo-0.18-3.module+el8.6.0+14874+64436299.ppc64le.rpm crun-debugsource-0.18-3.module+el8.6.0+14874+64436299.ppc64le.rpm fuse-overlayfs-1.4.0-2.module+el8.6.0+14874+64436299.ppc64le.rpm fuse-overlayfs-debuginfo-1.4.0-2.module+el8.6.0+14874+64436299.ppc64le.rpm fuse-overlayfs-debugsource-1.4.0-2.module+el8.6.0+14874+64436299.ppc64le.rpm libslirp-4.3.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm libslirp-debuginfo-4.3.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm libslirp-debugsource-4.3.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm libslirp-devel-4.3.1-1.module+el8.6.0+14874+64436299.ppc64le.rpm oci-seccomp-bpf-hook-1.2.0-3.module+el8.6.0+14874+64436299.ppc64le.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.6.0+14874+64436299.ppc64le.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.6.0+14874+64436299.ppc64le.rpm podman-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-catatonit-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-catatonit-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-debugsource-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-plugins-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-plugins-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-remote-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-remote-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm podman-tests-3.0.1-9.module+el8.6.0+14874+64436299.ppc64le.rpm python3-criu-3.15-1.module+el8.6.0+14874+64436299.ppc64le.rpm runc-1.0.0-73.rc95.module+el8.6.0+14874+64436299.ppc64le.rpm runc-debuginfo-1.0.0-73.rc95.module+el8.6.0+14874+64436299.ppc64le.rpm runc-debugsource-1.0.0-73.rc95.module+el8.6.0+14874+64436299.ppc64le.rpm skopeo-1.2.4-1.module+el8.6.0+14874+64436299.ppc64le.rpm skopeo-debuginfo-1.2.4-1.module+el8.6.0+14874+64436299.ppc64le.rpm skopeo-debugsource-1.2.4-1.module+el8.6.0+14874+64436299.ppc64le.rpm skopeo-tests-1.2.4-1.module+el8.6.0+14874+64436299.ppc64le.rpm slirp4netns-1.1.8-1.module+el8.6.0+14874+64436299.ppc64le.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.6.0+14874+64436299.ppc64le.rpm slirp4netns-debugsource-1.1.8-1.module+el8.6.0+14874+64436299.ppc64le.rpm toolbox-0.0.99.3-1.module+el8.6.0+14874+64436299.ppc64le.rpm toolbox-debuginfo-0.0.99.3-1.module+el8.6.0+14874+64436299.ppc64le.rpm toolbox-debugsource-0.0.99.3-1.module+el8.6.0+14874+64436299.ppc64le.rpm toolbox-tests-0.0.99.3-1.module+el8.6.0+14874+64436299.ppc64le.rpm s390x: buildah-1.19.9-3.module+el8.6.0+14874+64436299.s390x.rpm buildah-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.s390x.rpm buildah-debugsource-1.19.9-3.module+el8.6.0+14874+64436299.s390x.rpm buildah-tests-1.19.9-3.module+el8.6.0+14874+64436299.s390x.rpm buildah-tests-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.s390x.rpm conmon-2.0.26-1.module+el8.6.0+14874+64436299.s390x.rpm conmon-debuginfo-2.0.26-1.module+el8.6.0+14874+64436299.s390x.rpm conmon-debugsource-2.0.26-1.module+el8.6.0+14874+64436299.s390x.rpm containernetworking-plugins-0.9.1-1.module+el8.6.0+14874+64436299.s390x.rpm containernetworking-plugins-debuginfo-0.9.1-1.module+el8.6.0+14874+64436299.s390x.rpm containernetworking-plugins-debugsource-0.9.1-1.module+el8.6.0+14874+64436299.s390x.rpm containers-common-1.2.4-1.module+el8.6.0+14874+64436299.s390x.rpm crit-3.15-1.module+el8.6.0+14874+64436299.s390x.rpm criu-3.15-1.module+el8.6.0+14874+64436299.s390x.rpm criu-debuginfo-3.15-1.module+el8.6.0+14874+64436299.s390x.rpm criu-debugsource-3.15-1.module+el8.6.0+14874+64436299.s390x.rpm crun-0.18-3.module+el8.6.0+14874+64436299.s390x.rpm crun-debuginfo-0.18-3.module+el8.6.0+14874+64436299.s390x.rpm crun-debugsource-0.18-3.module+el8.6.0+14874+64436299.s390x.rpm fuse-overlayfs-1.4.0-2.module+el8.6.0+14874+64436299.s390x.rpm fuse-overlayfs-debuginfo-1.4.0-2.module+el8.6.0+14874+64436299.s390x.rpm fuse-overlayfs-debugsource-1.4.0-2.module+el8.6.0+14874+64436299.s390x.rpm libslirp-4.3.1-1.module+el8.6.0+14874+64436299.s390x.rpm libslirp-debuginfo-4.3.1-1.module+el8.6.0+14874+64436299.s390x.rpm libslirp-debugsource-4.3.1-1.module+el8.6.0+14874+64436299.s390x.rpm libslirp-devel-4.3.1-1.module+el8.6.0+14874+64436299.s390x.rpm oci-seccomp-bpf-hook-1.2.0-3.module+el8.6.0+14874+64436299.s390x.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.6.0+14874+64436299.s390x.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.6.0+14874+64436299.s390x.rpm podman-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-catatonit-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-catatonit-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-debugsource-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-plugins-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-plugins-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-remote-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-remote-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm podman-tests-3.0.1-9.module+el8.6.0+14874+64436299.s390x.rpm python3-criu-3.15-1.module+el8.6.0+14874+64436299.s390x.rpm runc-1.0.0-73.rc95.module+el8.6.0+14874+64436299.s390x.rpm runc-debuginfo-1.0.0-73.rc95.module+el8.6.0+14874+64436299.s390x.rpm runc-debugsource-1.0.0-73.rc95.module+el8.6.0+14874+64436299.s390x.rpm skopeo-1.2.4-1.module+el8.6.0+14874+64436299.s390x.rpm skopeo-debuginfo-1.2.4-1.module+el8.6.0+14874+64436299.s390x.rpm skopeo-debugsource-1.2.4-1.module+el8.6.0+14874+64436299.s390x.rpm skopeo-tests-1.2.4-1.module+el8.6.0+14874+64436299.s390x.rpm slirp4netns-1.1.8-1.module+el8.6.0+14874+64436299.s390x.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.6.0+14874+64436299.s390x.rpm slirp4netns-debugsource-1.1.8-1.module+el8.6.0+14874+64436299.s390x.rpm toolbox-0.0.99.3-1.module+el8.6.0+14874+64436299.s390x.rpm toolbox-debuginfo-0.0.99.3-1.module+el8.6.0+14874+64436299.s390x.rpm toolbox-debugsource-0.0.99.3-1.module+el8.6.0+14874+64436299.s390x.rpm toolbox-tests-0.0.99.3-1.module+el8.6.0+14874+64436299.s390x.rpm x86_64: buildah-1.19.9-3.module+el8.6.0+14874+64436299.x86_64.rpm buildah-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.x86_64.rpm buildah-debugsource-1.19.9-3.module+el8.6.0+14874+64436299.x86_64.rpm buildah-tests-1.19.9-3.module+el8.6.0+14874+64436299.x86_64.rpm buildah-tests-debuginfo-1.19.9-3.module+el8.6.0+14874+64436299.x86_64.rpm conmon-2.0.26-1.module+el8.6.0+14874+64436299.x86_64.rpm conmon-debuginfo-2.0.26-1.module+el8.6.0+14874+64436299.x86_64.rpm conmon-debugsource-2.0.26-1.module+el8.6.0+14874+64436299.x86_64.rpm containernetworking-plugins-0.9.1-1.module+el8.6.0+14874+64436299.x86_64.rpm containernetworking-plugins-debuginfo-0.9.1-1.module+el8.6.0+14874+64436299.x86_64.rpm containernetworking-plugins-debugsource-0.9.1-1.module+el8.6.0+14874+64436299.x86_64.rpm containers-common-1.2.4-1.module+el8.6.0+14874+64436299.x86_64.rpm crit-3.15-1.module+el8.6.0+14874+64436299.x86_64.rpm criu-3.15-1.module+el8.6.0+14874+64436299.x86_64.rpm criu-debuginfo-3.15-1.module+el8.6.0+14874+64436299.x86_64.rpm criu-debugsource-3.15-1.module+el8.6.0+14874+64436299.x86_64.rpm crun-0.18-3.module+el8.6.0+14874+64436299.x86_64.rpm crun-debuginfo-0.18-3.module+el8.6.0+14874+64436299.x86_64.rpm crun-debugsource-0.18-3.module+el8.6.0+14874+64436299.x86_64.rpm fuse-overlayfs-1.4.0-2.module+el8.6.0+14874+64436299.x86_64.rpm fuse-overlayfs-debuginfo-1.4.0-2.module+el8.6.0+14874+64436299.x86_64.rpm fuse-overlayfs-debugsource-1.4.0-2.module+el8.6.0+14874+64436299.x86_64.rpm libslirp-4.3.1-1.module+el8.6.0+14874+64436299.x86_64.rpm libslirp-debuginfo-4.3.1-1.module+el8.6.0+14874+64436299.x86_64.rpm libslirp-debugsource-4.3.1-1.module+el8.6.0+14874+64436299.x86_64.rpm libslirp-devel-4.3.1-1.module+el8.6.0+14874+64436299.x86_64.rpm oci-seccomp-bpf-hook-1.2.0-3.module+el8.6.0+14874+64436299.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.6.0+14874+64436299.x86_64.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.6.0+14874+64436299.x86_64.rpm podman-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-catatonit-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-catatonit-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-debugsource-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-plugins-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-plugins-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-remote-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-remote-debuginfo-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm podman-tests-3.0.1-9.module+el8.6.0+14874+64436299.x86_64.rpm python3-criu-3.15-1.module+el8.6.0+14874+64436299.x86_64.rpm runc-1.0.0-73.rc95.module+el8.6.0+14874+64436299.x86_64.rpm runc-debuginfo-1.0.0-73.rc95.module+el8.6.0+14874+64436299.x86_64.rpm runc-debugsource-1.0.0-73.rc95.module+el8.6.0+14874+64436299.x86_64.rpm skopeo-1.2.4-1.module+el8.6.0+14874+64436299.x86_64.rpm skopeo-debuginfo-1.2.4-1.module+el8.6.0+14874+64436299.x86_64.rpm skopeo-debugsource-1.2.4-1.module+el8.6.0+14874+64436299.x86_64.rpm skopeo-tests-1.2.4-1.module+el8.6.0+14874+64436299.x86_64.rpm slirp4netns-1.1.8-1.module+el8.6.0+14874+64436299.x86_64.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.6.0+14874+64436299.x86_64.rpm slirp4netns-debugsource-1.1.8-1.module+el8.6.0+14874+64436299.x86_64.rpm toolbox-0.0.99.3-1.module+el8.6.0+14874+64436299.x86_64.rpm toolbox-debuginfo-0.0.99.3-1.module+el8.6.0+14874+64436299.x86_64.rpm toolbox-debugsource-0.0.99.3-1.module+el8.6.0+14874+64436299.x86_64.rpm toolbox-tests-0.0.99.3-1.module+el8.6.0+14874+64436299.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-1227 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYnrkZdzjgjWX9erEAQiXgA//Vsd0wHSxaYDFSKEQj7phdpoEQGb8plMs DXDfDIJzumt3nasAbbsedDOlRqqs7Kg5w4Pu+gMVq81cXQX6DrnTURZ88beEdbrh qp0mI9XgVk9nnhfRF9cBCQdmSWsFh6WDwYeoq51MUOkSxT68lpsa5+mrujEn5CIk xJUR2g7uhnR9oHXP6OS/zLuYNpKYm338kBD+NZ9x98PnpVX4WtRkNwwFn/pC1s/f pTvXqhbPA06ab93962SnfIgXGpXX3DsG7y+rRhkK8+vUzp8Zhp79ZgtnbTdCYMDv dr+mM7S/OuuhzLxQ1HuWPNvzZs23h54OaK0txcWC9lVTf2xPvyz2ePYVeJ4aH9tm OKtO8qCtUPe+RwelWQX5r3MwYxfYxRn/tWuleA1MUlaVvCrJfuVDuZI4t7Bnrse0 n3kvxhA923QXEoEy1RElwAvXyBoSXCNy3jMEwl7rPbiheX51YkPMGC/45k4JWz2o MMfCHxv9bB1iR6s7MeKc0KY+ZRray/8669SmTRChWRPxKBvP9mHah6XDSeHFnWbn IbzIAAwYkn7hSBVgYaT1J3B2SPzN6kDwYFzeRoO+6cSDtGEtpu0+itKkS3vvY3uJ Ny67REB21yt6/ZeYIpJUKtjGc+OYnLWFhfLQoii7Q7ptKjl9zkHMKHBJlB3NvIFj zg48Ig0ipog= =Cbba - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnunBckNZI30y1K9AQhHFQ/+LTPWnpuMKCmIx5fZ9yY7M6mDdGQuyNtG IxmPa7QZkx9bV9vg4tAdMUP6Ha+HTkJC3fax0hG4BNtbMq6T1BMh+SeQNABFMFXf 6/pJyyYJ1Be+2Tj9fsOn9Bi+5KFPJCznqTaALRVFeiEzYx6EAVLxejgUsdrAdglP Rhd5kWmjkZ9ZMg+nyeaYVkoUxkc4B+1qP7hLHNtaGyGhrA8VNzdvXHj9mFz7cRJz MswPxRzSkVA10fgk/DGDmEUBB8XJRV6FpvumvVg0VJBx4y9EAJkGo8UlLXe7r/1a 1dhnfCsLjuU6ULcLBgn1Yy0npSi7h/X36EcpPtHIzOp5hSwt260qEInfnZ81hQWH kh8ULYN+fGEZiSGkyLVgKbw8JSpUWWmzX6n8zQt+ACpqNZfXbsLPPnr9UKcky7RU zRxedfHfOepa1F8ggYzjs3M9LV8bEFVVMDjsVLFNOsQeWVV/e7RvUwc/aoGp34jN xwK90fviOL8CgfgQaOEFyuCuMLkDKttd9M/llwht5XekGTZnXcvSfpQSUda1MCQb Lldu6yUGwsXxZn6znSC1HHXzmUVlZvlo2YMznCyJhOSJbivuoGwlbKUKwNK61S/G 5JEOrYc6KCnB1vawjONPdGzHzoQscz3/8WtPLs+ZOvYdUex2ay3irbfqFhUeSwBc wZ166gvJeTs= =sF4M -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2280 - [Ubuntu] Cron: CVSS (Max): 6.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2280 USN-5259-3: Cron regression 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cron Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2019-9706 CVE-2019-9705 CVE-2019-9704 CVE-2017-9525 Original Bulletin: https://ubuntu.com/security/notices/USN-5259-3 Comment: CVSS (Max): 6.7 CVE-2017-9525 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5259-3: Cron regression 11 May 2022 USN-5259-1 and USN-5259-2 introduced a regression in Cron. Releases o Ubuntu 18.04 LTS o Ubuntu 16.04 ESM Packages o cron - process scheduling daemon Details USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. ( CVE-2017-9525 ) Florian Weimer discovered that Cron incorrectly handled certain memory operations during crontab file creation. An attacker could possibly use this issue to cause a denial of service. ( CVE-2019-9704 ) It was discovered that Cron incorrectly handled user input during crontab file creation. An attacker could possibly use this issue to cause a denial of service. ( CVE-2019-9705 ) It was discovered that Cron contained a use-after-free vulnerability in its force_rescan_user function. An attacker could possibly use this issue to cause a denial of service. ( CVE-2019-9706 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 o cron - 3.0pl1-128.1ubuntu1.2 Ubuntu 16.04 o cron - 3.0pl1-128ubuntu2+esm2 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2017-9525 o https://ubuntu.com/security/notices/USN-5259-2 o https://launchpad.net/bugs/1971895 Related notices o USN-5259-1 : cron o USN-5259-2 : cron - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnuj1ckNZI30y1K9AQjF8w/+Itvyk47jYOtkBndp15BF5bkjE4E8NLED rjZ2wysH9poWPQYcZ4qFA+CxR3cSORH0jFZpwwCPJu0tfx0mFM7v3SigWBWBC7V2 bTneGYpGXOWIJff2sfhjP9qdAgDiQAcNDtxtBSMdc50Sv979nL3UzmG9wc4Eq+um QjDuLI3c4CI1TNSz3oexlz8XNgz+F/MS32HBW6gFNg0vSQTo+pETO8ECPesQ9EQB eNbzHxnOJgOAFxvhlHYNibqtrsAjQ2K6sioL3nDRhzRp/1dheuLcHX6VdCAMMwA5 i3Xu9e5xhGOjhIcCP+h37h1rMTwWSYCtPakEZk7SrptrBfHieCGMCNZth4ro79YK 4F3e8VPocw7Sd/9ik5ryRPsQLtCfLgF8zYqkVdnqeFFFI/e6Pd0p1+tGtPSQ2fgX tZgWWI+FQQtDsyewwRiNzhvFAi7Jxfr+75ffLtXb9YohVOgEEIUoCGwnLbqmnf/u nL73ZalZLPCqYUNx0DgAvbom6F25uiYkuczVJRmEte3vaamtFg2Z+BLNNnkL1jh3 fTvou0M9VLNA575R6eQcMqzkJcADdShMWtQRAuOL4UqguvPqeb6xrgS7hkkW6PJZ JjNisrXWJ/VptisviwIDFXMVt/7XzhsfoF7uEvS5XAItFBZmTNUq4Tz4qbd8zVRZ UhtHXAuo0P4= =kn/n -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2279 - [Win][UNIX/Linux] Apache Tomcat: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2279 CVE-2022-29885 Apache Tomcat EncryptInterceptor 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apache Tomcat Publisher: Apache Software Foundation Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-29885 Original Bulletin: https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- CVE-2022-29885 Apache Tomcat EncryptInterceptor Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.1.0-M1 to 10.1.0-M14 Apache Tomcat 10.0.0-M1 to 10.0.20 Apache Tomcat 9.0.13 to 9.0.62 Apache Tomcat 8.5.38 to 8.5.78 Description: The documentation for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. Mitigation: Users running clustering over an untrusted network who require full protection should switch to an alternative solution such as running the clustering communication over a VPN. History: 2022-05-10 Original advisory Credit: This issue was reported to the Apache Tomcat Security team by 4ra1n. References: [1] https://tomcat.apache.org/security-10.html [2] https://tomcat.apache.org/security-9.html [3] https://tomcat.apache.org/security-8.html - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnuZ5skNZI30y1K9AQhtKg//XQwHvoAV2PWp4b2k3ceEY+4LcgANwkke N/oye9YXR+K3Fu3wS9jb9rZqtcbiX7VFqzv8pSUjOqqoCD1ryjIPnIxSWuTEq+55 rNuDFnTVESAEGOgCMYvb+IvFUgLSroQCpLGHBc56qXzl+YT1i6NXstDzfvE8oBa7 42IepCh8aMlwxdkn+kl4YTw1qx1fQtm6w32qg1m/UllTl9lFLyLg0XblJHbRSbdM yWS9ktlgooGoRfgtzvRhaXgjtb4qBM/8+y+aPkkmqX2mQlY2edTwWKtSFDaUMV3w K8NAjDwwkVsbFcQoJeTlH2neOzBJslPKS/ZE/mcOt8hohkD8RTdpkERZKFsP1IY0 pbs9MOQdJ/BekDUR8VulH2tNFsFunful8sjKEf3CpkPKJhAQxDyP4y6rftPLZ/r+ x6gVtmW4VMrLqSc6O/i7CX+vBHAS9+vsqrkrt2LnBk+9pug1jObGRv1dtfJgAoDf atnyQ0UBTagJXUwdLVfhptT7cOkwae2aZ7xjf0IxWFOihZ08OSX9Cal05LTYsdRy Z/2cuM9ZsRCRUhz05xrj9aJfPLXE69ivV3L3FkfKPNwYsC9W6bCCziz128EyxOt/ 8AyAzWZECVQwMcvYTdjMLTrfjjnA90Lr85yJf9QIovKNAntryqO8aK4Y0MaMdGKQ 4Syh9wAHCFI= =6/dO -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2278 - [Win][Unix] Intel Processors: CVSS (Max): 7.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2278 IPU - Intel Boot Guard and Intel TXT Advisory 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-0004 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html Comment: CVSS (Max): 7.3 CVE-2022-0004 (CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00613 Advisory Category: Firmware Impact of vulnerability : Escalation of Privilege Severity rating : HIGH Original release: 05/10/2022 Last revised: 05/10/2022 Summary: A potential security vulnerability in Intel Boot Guard and Intel Trusted Execution Technology (TXT) for some Intel processors may allow escalation of privilege. Intel is releasing firmware updates and prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-0004 Description: Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel (R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVSS Base Score: 7.3 High CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N (Physical, unauthenticated) CVSS Base Score: 7.3 High CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N (Adjacent network, authenticated) Affected Products: 10th Gen Intel Core processor 11th Gen Intel Core processor 12th Gen Intel Core processor 8th Gen Intel Core processor Celeron processor 4000 series Celeron processor 6000 series Celeron processor J3000/N3000 series Celeron processor J4000/N4000 series Celeron processor N series Intel Atom processor P5000 series Intel Atom processor X E3900 series Intel Atom x6000E series Intel Pentium and Celeron N and J Series processors Intel 100 series chipset Intel 200 series chipset Intel 300 series chipset Intel 400 series chipset Intel 500 series chipset Intel C230 series chipset Intel C240 series chipset Intel C250 Series chipset Intel C420 chipset Intel C620 series chipset Intel C620A series chipset Intel Core i5 L16G7 and Intel Core i3 L13G4 Intel Pentium processor J4000/N4000 series Intel Pentium processor J5000/N5000 series Intel X299 chipset Intel Xeon D processor 2000 series Intel Xeon W processor 1300 series Pentium Gold processor series Pentium Gold processor series (G54XXU) Pentium Silver processor series Recommendations: Intel recommends updating Intel CSME to the latest version (see provided table). Intel also recommends following the previously published guidance on disabling the CPU Debug feature when Intel Boot Guard is enabled. Please consult this Intel Debug paper for more details. Intel also recommends disabling the BSP (Bootstrap Processor) INIT (DBI) bit to enable protections against an INIT bypassing the startup Authenticated Code Module (ACM). This setting change is available in the latest version of Intel CSME. Intel recommends that users of Intel CSME update to the latest version provided by the system manufacturer that addresses these issues. +-----------------------------------------------------+----------------------+ |Chipset/System on Chip/Multi Chip Package |Mitigated version or | | |higher | +-----------------------------------------------------+----------------------+ |Client Desktop and Mobile Platforms | +-----------------------------------------------------+----------------------+ |12 ^th Gen Intel Core processor |16.0.15 | +-----------------------------------------------------+----------------------+ |Intel 500 series chipset |15.0.40 | | | | |11 ^th Gen Intel Core processor | | | | | |Intel Xeon W processor 1300 series | | +-----------------------------------------------------+----------------------+ |Pentium Gold processor series |15.0.40 | | | | |Celeron processor 6000 series | | +-----------------------------------------------------+----------------------+ |Intel 400 series chipset |14.1.65 | +-----------------------------------------------------+----------------------+ |Pentium Silver processor series |13.50.20 | | | | |Celeron processor N series | | +-----------------------------------------------------+----------------------+ |10th Gen Intel Core processor |13.0.60 | +-----------------------------------------------------+----------------------+ |Intel Core i5 L16G7 and Intel Core i3 L13G4 |13.30.30 | +-----------------------------------------------------+----------------------+ |Intel 300 series chipset |12.0.90 | +-----------------------------------------------------+----------------------+ |Pentium Gold processor series (G54XXU) |12.0.90 | | | | |Celeron processor 4000 series | | +-----------------------------------------------------+----------------------+ |8 ^th Gen Intel Core processor |11.8.92 | +-----------------------------------------------------+----------------------+ |Intel 200 series chipset |11.8.92 | +-----------------------------------------------------+----------------------+ |Intel 100 series chipset |11.8.92 | +-----------------------------------------------------+----------------------+ |Expert Workstation and Scalable Server Platforms | +-----------------------------------------------------+----------------------+ |Intel C620A series chipset |Consult prescriptive | | |guidance | +-----------------------------------------------------+----------------------+ |Intel C620 series chipset |11.22.92 | +-----------------------------------------------------+----------------------+ |Entry Workstation Platforms | +-----------------------------------------------------+----------------------+ |Intel C250 Series chipset |15.0.40 | +-----------------------------------------------------+----------------------+ |Intel C240 series chipset |12.0.90 | +-----------------------------------------------------+----------------------+ |Intel C230 series chipset |11.8.92 | +-----------------------------------------------------+----------------------+ |Mainstream Workstation and High-End Desktop Platforms | +-----------------------------------------------------+----------------------+ |Intel C420 chipset |11.12.92 | | | | |Intel X299 chipset | | +-----------------------------------------------------+----------------------+ |Microserver Platforms | +-----------------------------------------------------+----------------------+ |Intel Atom processor P5000 series |Consult prescriptive | | |guidance | +-----------------------------------------------------+----------------------+ |Intel Xeon D processor 2000 series |Consult prescriptive | | |guidance | +-----------------------------------------------------+----------------------+ |Entry Desktop and Mobile Platforms | +-----------------------------------------------------+----------------------+ |Intel Atom processor X E3900 series |3.1.92 | | | | |Intel Pentium processor J4000/N4000 series | | | | | |Celeron processor J3000/N3000 series | | +-----------------------------------------------------+----------------------+ |Intel Pentium processor J5000/N5000 series |4.0.45 | | | | |Celeron processor J4000/N4000 series | | +-----------------------------------------------------+----------------------+ |Embedded Platforms | +-----------------------------------------------------+----------------------+ |Intel Atom x6000E series |15.40.20 | | | | |Intel Pentium and Celeron N and J Series processors | | +-----------------------------------------------------+----------------------+ Prescriptive guidance : Intel is not releasing updated Intel SPS firmware to disable the CPU debug feature on server products. Intel recommends users follow existing security best practices and alternate security controls, including: . Ensure physical security of server systems, and secure BMC access if BMC has adjacent-network JTAG access. Acknowledgements: The following issue was found internally by Intel employees. Intel would like to thank Ki W Yoon. Subsequently, this issue was reported by Mickey Shkatov. Intel would like to thank Mickey Shkatov from Eclypsium for reporting this issue. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnszYuNLKJtyKPYoAQjIAA//VceSLJXoWgKxV8zHzT8OJ/Xd9q2bq3hD 9JvqMyJ5jY4wFEhLoCsP31lilhGxZ5mp0E7qkzEWGx0Rkf7Gg+3kGaEuB8PIr7dd lZ2JPG1k68I4QfStXyBUhHP6gT2tyooLXfG1ASpt0JpPLmzAWz6KrneusCQJ45KP djo+PfijYD7/CkHaKOTz4OVZyWDGjGanxYX0Vt/hcI/4WmFOPqVSr4oSvYXtJ34L QIQXQuaObokGk7D+233px7kCIcYESKj05Y/JhV7PZqkLXkIdikG2sR3nGFpB/uix KpIheGtXUAsdTLdLnqTnOk585leyb7DikoIzuHYVB3/dQWmH60Tr4jkXumZD6mwe /rE/xKLXuDIY73rj6ONt/6ChsDitqp65G9donr5RWx3prwGgzbwVTEqXmoFh1IZ8 44upPgOG3r72Xe7GgP1ylbjsW4U9pscsMol8cTwfNZ9Eb7vvQafWmQPLTlF+FhV0 jABcdssAwPKUfv6/t+f02ENRkHCAx1EUBI2nSrf8uEObSZGZJm3oe8LDgMXLSz8L r3Akqwm+oGfjzoRA4ebn0wfi6171ziyJEfahVp1mxXh/Sh3tprdKj3uD/mYVl/CN 2bjnIdUpUu8x5h2N+QoneYMtr5qMuC8E0GiBx3SlBZE8e6lPjWxl7rz8h8cyIuRl IZm+8Iicrog= =72MZ -----END PGP SIGNATURE-----
2022. május 11.

ASB-2022.0125 - [Win][Mac] Microsoft Developer Tools: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0125 Microsoft Patch Tuesday update for Microsoft Developer Tools for May 2022 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft .NET Framework .NET .NET Core Microsoft Visual Studio Visual Studio Code Operating System: Windows macOS Resolution: Patch/Upgrade CVE Names: CVE-2022-30130 CVE-2022-30129 CVE-2022-29148 CVE-2022-29145 CVE-2022-29117 CVE-2022-23267 Comment: CVSS (Max): 8.8 CVE-2022-30129 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C OVERVIEW Microsoft has released its monthly security patch update for the month of May 2022. This update resolves 6 vulnerabilities across the following products: [1] .NET 5.0 .NET 6.0 .NET Core 3.1 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 Microsoft .NET Framework 3.5 AND 4.7.2 Microsoft .NET Framework 3.5 AND 4.8 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 Microsoft .NET Framework 4.8 Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) Microsoft Visual Studio 2022 version 17.0 Microsoft Visual Studio 2022 version 17.1 Visual Studio Code IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-23267 Denial of Service Important CVE-2022-29117 Denial of Service Important CVE-2022-29145 Denial of Service Important CVE-2022-29148 Remote Code Execution Important CVE-2022-30129 Remote Code Execution Important CVE-2022-30130 Denial of Service Low MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5013624, KB5013625, KB5013627, KB5013628, KB5013630 KB5013837, KB5013838, KB5013839, KB5013840, KB5013868 KB5013870, KB5013871, KB5013872, KB5013873, KB5013952 KB5014326, KB5014329 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsyReNLKJtyKPYoAQjjoQ//VD9/elo2vsIZeWvFzoY1i7u6GwZK2wFG yv2raxFmcuWcwFslVNl5ZOTZTyIJDvYtBLQBfMmHEt3A65MTSy3LnRGdZGdtBN4R QO+IH93AD3MQKUSC9ioOdOLaqZ9+N8pcsS0Pis/fdPmHwqT/rFFYd8rhE2aYkanx CXIeG5NRdKWqlUI0wG/7bHNSqa8/QXxe8iy0rpvWcG6eobKrblomyO7IVup4w3Gf wuDJlZwz6f8nPkHCJ6v5IkeswXcV/tDKQx/nqFxObM4h4M+pWQMQ9nl+N5LHNR1K FvtBnf6hUb108x2mYihUT4w3UUqfvL/kF2etTFXN4z0JZyhGCrfTsjtiBec6Q3w4 sHsli2ZLyoBRMV13QGvdNE60ZDVySQcAA2OQNLXX6cFv5+6XWUWqfCcmTmzKyWI9 QL0iXOVEuEh4yNIQXA2I013y9Fb2/+u4BjcJklkDzmR9WqX3QIQeHqeum9KKsMBy d+M+nGgxbSlfe5KRKsyATisH5NikzVUGxJ1pS6FKqa02b1CLNYA3v2xicdEiiyA6 lHM8E9QVDY4d9mDwyI8COGbUfbKE30DY1TOLhuj9EvQA+1/mlcasq/me6bobUTlC vUzfIb+OlLKh+MVqUgmFdA4GD5FYdu73NpF9QevyZRl2/GZYboZ3/iQLwtlavnW4 CqMoF+uFfss= =bI5p -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2277.2 - UPDATE [Win][Unix] Intel Processors: CVSS (Max): 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2277.2 2022.1 IPU - BIOS Advisory 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2021-33124 CVE-2021-33123 CVE-2021-33122 CVE-2021-33107 CVE-2021-33103 CVE-2021-0190 CVE-2021-0189 CVE-2021-0188 CVE-2021-0159 CVE-2021-0155 CVE-2021-0154 CVE-2021-0153 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html Revision History: May 11 2022: Formatting issue May 11 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00601 Advisory Category: Firmware Impact of vulnerability : Escalation of Privilege Severity rating : HIGH Original release: 05/10/2022 Last revised: 05/10/2022 Summary: Potential security vulnerabilities in the BIOS firmware or BIOS authenticated code module for some Intel Processors may allow escalation of privilege or information disclosure. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2021-0154 Description: Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0153 Description: Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33123 Description: Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0190 Description: Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33122 Description: Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.9 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H CVEID: CVE-2021-0189 Description: Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33124 Description: Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33103 Description: Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0159 Description: Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.4 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L CVEID: CVE-2021-0188 Description: Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 5.3 Medium CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N CVEID: CVE-2021-0155 Description: Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. CVSS Base Score: 4.4 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Product Collection |Vertical Segment |CPU ID |Platform ID |CVE ID | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0159, | |2nd Generation Intel Xeon Scalable Processors |Server |50657 |BF |CVE-2021-0189, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Xeon Processor D Family |Server |50654 |B7 |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-33103, | |Rocket Lake Xeon |Server, Workstation |A0671 |02 |CVE-2021-33122, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0159, | |3rd Generation Intel Xeon Scalable Processor Family |Server |5065B |5065B |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Core Processors with Intel Hybrid Technology |Mobile |806A1 |10 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | |10th Generation Intel Core Processor Family |Mobile |706E5 |80 |CVE-2021-33122 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | |Intel Pentium Silver N6000 Processor Family, Intel Celeron N4000 |Client |906C0 |01 | | |and N5000 Processor Families | | | | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-33103, | | | | | |CVE-2021-33107, | |9 ^th Generation Intel Core Processor Family |Client |A0671 |02 |CVE-2021-33122, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | |A0653 |01 | | |10th Generation Intel Core Processors |Client | | | | | | |A0655 |22 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | | | |806EC |94 | | | | | | | | | | |A0652 |20 |CVE-2021-33107, | | | | | |CVE-2021-33103, | | | |A0653 |22 |CVE-2021-33122, | | | | | |CVE-2021-33123, | |10th Generation Intel Core Processors |Client |A0655 |01 |CVE-2021-33124 | | | | | | | | | |A0655 |22 | | | | | | | | | | |A0660 |80 | | | | | | | | | | |A0661 |80 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | |D0 | | |8th Generation Intel Core Processors |Mobile |806EB 806EC| | | | | | |94 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | | | |906EA, | | | | | | |02 | | |8th Generation Intel Core Processors |Mobile Desktop |906EB, | | | | | | |22 | | | | |906ED | |CVE-2021-33107, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33123, | | | |806E9, |C0 |CVE-2021-33124 | | | | | | | | | |806EA, |C0 | | | | | | | | |7th Generation Intel Core Processors |Client |906E9, |2A | | | | | | | | | | |806E9, |10 | | | | | | | | | | |806EC |94 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Core X-series Processors |Desktop |906E9 |2A | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33107, | |Intel Xeon Processor W Family |Workstation |50654 |B7 |CVE-2021-33123, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33124 | |Intel Xeon Processor W Family |Workstation |50657 |BF | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | |Server | | |CVE-2021-0154, | |Intel Xeon Processor E Family | |906E, 906ED|22 |CVE-2021-0189, | | |Workstation | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | |Server | | | | |Intel Xeon Processor E3 v6 Family | |906E9 |2A |CVE-2021-0154, | | |Workstation | | |CVE-2021-0188, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-0189, | | |Server | | |CVE-2021-33123, | |Intel Xeon Processor E3 v5 Family | |506E3 |36 |CVE-2021-33124 | | |Workstation | | | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0154, | | | | | |CVE-2021-0155, | |Intel Xeon Processor E7 v4 Family |Workstation |406F1 |EF |CVE-2021-0189, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Xeon Processor D Family |Server |50665 |10 |CVE-2021-0154, | | | | | |CVE-2021-0155, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33123, | |Intel Xeon Processor D Family |Server |50662 |10 |CVE-2021-33124 | | | | | | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0153, | |Intel Xeon Processor E5 v4 Family | | | |CVE-2021-0154, | | |Server |406F1 |EF |CVE-2021-0155, | |Intel Core X-series Processors | | | |CVE-2021-0190, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ Recommendations: Intel recommends that users of listed Intel Processors update to the latest versions provided by the system manufacturer that addresses these issues. Acknowledgements: The following issues were found internally by Intel employees; CVE-2021-0153, CVE-2021-0154, CVE-2021-0155, CVE-2021-0159, CVE-2021-0188, CVE-2021-0189, CVE-2021-0190, CVE-2021-33103, and CVE-2021-33122. Intel would like to thank Jorge E. Gonzalez Diaz and Nicholas Armour. Intel would like to thank Hugo Magalhaes from Oracle (CVE-2021-33123, CVE-2021-33124) for reporting these issues. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsyo+NLKJtyKPYoAQgdVw/+Jz5K0k/mjJyf74pkDUTh0DIdjKoLiEED puWlhzrnhlI0ZuzZk3AelQES+bMo0mW3fWeEIjMg64Wi/RIo2lV2lLfeKH5qxFRT J1dXmdlwJYuicBiU25TK2aJKTbzM7SgI3vhvZOqnguRZfrhbFFz2jBRPkpSTcsV3 uQNfrik2pJjuNQfTGUmIWDsiisDlSv+vQdDm10HrU7ocWdXVJ+pZtOz2eDm1/3Jw 7vUYZ4ZJvNYDQ1eb2PmWZMdWXD/ANAYinzd6ZHzUSWkMkLb3/vAim1bgbV8IW79q lTL4qR4xwktU5EJTwfj/SrmxmnDXQvVlk8Y8dt+P1LD8IPLv6zHc6+oW8dpNt0tE z6rRX5zI9guzC9GNKhF/b1AQhc7GLpVtDDKhZXjr8YwgyeHM77VOttPZvRX6CRMb kbIXIyca5I1A+1b4KYc4A+9w/HWFsGcP/QorrsNnpnGzuX6+BcVKSU2lnBKoaon2 MeyzC4eb64BA5xeml1Z2kL3d+nUCx44W2vU22ueN2/ZFoyz3lFviau7au/hGaMpr nZf25/NyLyUgPvIK32dTKDP2A4V0wKse1ZB2Fi5ps6Zle8Kt888z8WGoKn42m96S X1F2y47B6DB2K9P8X6CLJE/WU/jZv1ngpZR0sTvi4Rn4Vb6PgJ7UC2b0nfNwE/Nj 5Tw49hGHheE= =JQXz -----END PGP SIGNATURE-----
2022. május 11.

ASB-2022.0124 - [Win] Microsoft Exchange Server: CVSS (Max): 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0124 Microsoft Patch Tuesday update for Microsoft Exchange Server for May 2022 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Exchange Server Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-21978 Comment: CVSS (Max): 8.2 CVE-2022-21978 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C OVERVIEW Microsoft has released its monthly security patch update for the month of May 2022. This update resolves 1 vulnerabilities across the following products: [1] Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2019 Cumulative Update 12 IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-21978 Elevation of Privilege Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5014260, KB5014261 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsyMONLKJtyKPYoAQhaBBAAhHihTMSR83Ag+ESpbOTyCtcWMWe1tQ6T SVwSVuP09Z7ZTz2FJjv32C2iwdIaGHP2bvrCDCykbuIstUUOeGW/fRHmr/s2v+MW hMqSuuZwsJquV1+vXJ6/otBBjeBwWTKIlSvxU0eBwiayuGFmLb4TwcqmuBKm8aTO ktQbkwz4AMXmUyyuIK+U059RbHqiFGvY/OmhuaeY/T3rs+a/NQExydffTw7Pgpo1 fIBM+q9+Cfh3dVAj2qA/cwWN0RE0/ougz7hJ68rGklJlm7JLbXrvP5YO8dGou4Aq UFI2NLfdnh4AJNwPRC8EV3b6OR/3RkawyH/4F4VtbLLoL/gJGO8jV3d0C+1X35Kc aNKbFnlN8nyrPJEGv/8Im3Vyrw5/+DAQBONb3tIU3QmI199xLGJvuOCIG0YX+S0b xTULQ5xPZ9J5W65CgILjeSVaWGimuWa7z+XkHjeOc+gjYCQeWZ1afK3JaNxU7MYn dUgnnh9TJbaeVb7bUo1wqLPC9qbA+X9RT5IAHwLYANomSFevD73IbG9UOhoUzepr dPhCVn3KJKs/lKrYa0y7DNmCby1s7v0oKnwr9GAs+zuyxSZQgdtMG4c8ONAAdoN8 PwiANJEQv7yZiYmdL1NxpPyp08oPDXKieqNNYUDRld99S6sLs51mOzLTNID588y5 E/8C0CZvD7I= =VQ17 -----END PGP SIGNATURE-----
2022. május 11.

ASB-2022.0123 - [Win] Microsoft Office, Microsoft Office Services and Web Apps: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0123 Microsoft Patch Tuesday update for Microsoft Office, Microsoft Office Services and Web Apps for May 2022 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft 365 Apps for Enterprise Microsoft Excel Microsoft Excel Microsoft Office Microsoft Publisher Microsoft SharePoint Microsoft Word Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-29110 CVE-2022-29109 CVE-2022-29108 CVE-2022-29107 Comment: CVSS (Max): 8.8 CVE-2022-29108 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C OVERVIEW Microsoft has released its monthly security patch update for the month of May 2022. This update resolves 4 vulnerabilities across the following products: [1] Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office Online Server Microsoft Office Web Apps Server 2013 Service Pack 1 Microsoft Publisher 2013 Service Pack 1 (32-bit editions) Microsoft Publisher 2013 Service Pack 1 (64-bit editions) Microsoft Publisher 2016 (32-bit edition) Microsoft Publisher 2016 (64-bit edition) Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 Microsoft SharePoint Server Subscription Edition Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-29107 Security Feature Bypass Important CVE-2022-29108 Remote Code Execution Important CVE-2022-29109 Remote Code Execution Important CVE-2022-29110 Remote Code Execution Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB4484347, KB4493152, KB5002184, KB5002187, KB5002194 KB5002195, KB5002196, KB5002199, KB5002203, KB5002204 KB5002205, KB5002207 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsyBONLKJtyKPYoAQhx6RAAqXGWvQ52uCOidwkyuSPi0JP7AcaORU0z ap1z8j+vKGc9rfeMP0tWmbzJbV4xGouT7TN9b2V+eAPjk2Crs/cRcoPaDSsS1Mtc 91mpoEC7DKy3A/XUWVL3F3PUHca4C9AGtgVM9T5i8IDaUm/XbYIfyipetSiqmhHu HYHuUqPe2oLyXarnndTxDvcb6aKr3CSvXB9ONbS603Tr9G3/n0AlBKzvntqsHvUE 7Hv7BdjyRlOqbOi6yoShxU2kFHdA1flbiQBm5ozg7spngkiAI7dy0f6O7wodgQxy /xLkiLI9lIsLxwLYw6DwS02oWybw4NT/O2mym2t+3WFMrxW9SrMxSJnIt9J0d9GO zlcEMpopBbPOSdNHayUfZ8FY2E9nJmuILNPqCNrxRmX/mHlbEoL2x9uM92WbklGj av5uNleYaGifrwPXIIuMb7YKWOz6QvqvkvGhvllW9AFJQcJGsZEAzSbeppRKkPV/ WiP9AGqqcFLa54ZMCs6a0MEYgCtCkFclNNa5ki4iA662jw02vVwNlIdL+HjHsm86 agKBemFhhR4cXSRIt4okPojzWyCXtrjtP8kPyww6D4Wmk9Wc44GE31AiyjQNMT20 RgY4BM9qBQ7/IBp+Fkf67zbD2z98uodSpG1CAIybdRawyfL+PckM+VGxVk9nZx7L Kf7o8lmy8hg= =y4pu -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2276 - [Appliance] Mitsubishi Electric MELSOFT GT OPC UA: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2276 Mitsubishi Electric MELSOFT GT OPC UA 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mitsubishi Electric MELSOFT GT OPC UA Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2021-23840 CVE-2021-3712 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-130-06 Comment: CVSS (Max): 7.5 CVE-2021-23840 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-130-06) Mitsubishi Electric MELSOFT GT OPC UA Original release date: May 10, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.5 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Mitsubishi Electric o Equipment: MELSOFT GT OPC UA Client o Vulnerabilities: Out-of-bounds Read, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to send specially crafted messages, resulting in information disclosure or a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products and version combinations using OPC UA Client Connections are affected: o MELSOFT GT OPC UA Client: Versions 1.00A to 1.02C o GT SoftGOT2000: Versions 1.215Z to 1.270G 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS READ CWE-125 The affected product is vulnerable due to an out-of-bounds read, which may allow an attacker to send specially crafted messages to disclose information on memory or cause a denial-of-service condition. CVE-2021-3712 has been assigned to this vulnerability. A CVSS v3 base score of 7.4 has been assigned; the CVSS vector string is ( AV:N/AC:H/PR:N/UI:N/S:U/C:H/ I:N/A:H ). 3.2.2 INTEGER OVERFLOW OR WRAPAROUND CWE-190 The affected product is vulnerable due to an integer overflow, which may allow an attacker to cause a denial-of-service condition. CVE-2021-23840 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:N/ I:N/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Japan 3.4 RESEARCHER Mitsubishi Electric reported these vulnerabilities to CISA. 4. MITIGATIONS Mitsubishi Electric recommends users update software to the latest versions below. Users will need to contact a Mitsubishi representative to obtain the updates: o MELSOFT GT OPC UA Client: Update to 1.03D or later o GT SoftGOT2000: Update to 1.275M or later Mitsubishi Electric recommends users take the following mitigations to minimize the risk of exploiting these vulnerabilities: o When connecting the products to the Internet, use a virtual private network (VPN, etc.) to prevent spoofing and sniffing. o Use the products within the LAN and block access from untrusted networks and hosts. o Update the OPC UA server to the latest version. o Install antivirus software. o Restrict physical access to computers and network equipment that use the affected products. CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsIiuNLKJtyKPYoAQgaSQ//TbfiyT9Lze+gzwoq1AYQ5cWiYrT0dcGL 7mcBlFzMVYhcalyZuTd+TSAoOpbfL97qlAcHD9PbIUIwib/IuGALXVhUQPytjdah lkiijltrsJisQgAiyYaZsFjdc3NXXFDQo3HVPwuFNVg959VPrfq6xX8mUKvgS+Kw hkzKN6j84KotnSjQws0/PP6V4O8t17gt103NPdFhuXgQT+l5eyItjYJBAVTbkxfG 9EuArBuoun4jxsVW7KpMOAat6effvnnLLQnW6ygZF4tiGS2TXctplKg+ayLRFEA7 Mz+ILs6rBLki13mW6R8mdM8M7KcQeHXDok6+izm2lJyan8hFbQnMunIEdnzT4VAg 7htV3+adGHOquCfaaetsWcGmJ51oiHBIVFrRaUi4wiUvfSrGhWVaGeeqG/tWdiwp 2oK8/yqLfRdSNAaJL9limVjayhyjbKzNFWySY2l/NIIvXX95GEZGz/TcWE3daXxX moHVQ/WROCvVf7SU604UNzswiTMTQu+QXCmT/OpyiMlAZbjPVFllLmgdRdMEfve8 aLjpN0q24qKADQGwYWE9tkth0ed2V9vmFjku/fhAJbRRU9GMeOF0yLzaTyEyinkM DozkfkDGmZCTte28HCbNicwCPsKgS4Tkp+inByRJkDYJ6tocL3C1+dgvrtW3+ajW EOg+7/gA1HY= =o3wC -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2275 - [Appliance] AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere: CVSS (Max): 7.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2275 ICS Advisory (ICSA-22-130-05) AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-1467 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-130-05 Comment: CVSS (Max): 7.4 CVE-2022-1467 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-130-05) AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere Original release date: May 10, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.4 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: AVEVA o Equipment: AVEVA InTouch Access Anywhere and AVEVA Plant SCADA Access Anywhere o Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to escape from the context of the streamed application into the OS and launch arbitrary OS commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS AVEVA reports this vulnerability affects the following HMI products: o AVEVA InTouch Access Anywhere: All versions o AVEVA Plant SCADA Access Anywhere (formerly known as AVEVA Citect Anywhere and Schneider Electric Citect Anywhere): All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 EXPOSURE OF RESOURCE TO WRONG SPHERE CWE-668 Windows OS can be configured to overlay a "language bar" on top of any application. When this OS functionality is enabled, the OS language bar UI will be viewable in the browser alongside the InTouch Access Anywhere and Plant SCADA Access Anywhere applications. It is possible to manipulate the Windows OS language bar to launch an OS command prompt, resulting in a context-escape from application into OS. CVE-2022-1467 has been assigned to this vulnerability. A CVSS v3 base score of 7.4 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:C/ C:L/I:L/A:L ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater Systems o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: United Kingdom 3.4 RESEARCHER Giovanni Delvecchio from Aceaspa reported this vulnerability to AVEVA. 4. MITIGATIONS AVEVA recommends the following mitigations: o Disable the Windows language bar on the server machine hosting InTouch Access Anywhere and Plant SCADA Access Anywhere applications unless it is required. o Create unique user accounts with minimal privileges dedicated only to remote access of InTouch Access Anywhere and Plant SCADA Access Anywhere applications. o Utilize OS group policy objects (GPOs) to further restrict what those unique user accounts are allowed to do. o Restrict access based on Microsoft's recommended block list . For more information on this vulnerability, including security updates, please see security bulletin AVEVA-2022-001 CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: o Ensure the least-privilege user principle is followed. o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target this vulnerability. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsIg+NLKJtyKPYoAQjdVxAAjzbz8tiKE+8aCVBggyQJRflS3ApCmXjI Q0OCsed19dLEQLivfx94SRHR7WATZpifwUoOQyeDNbJstRl0FoRwgsfubjnugMfO c0R+STfrKy1rAfCIjAK2mgwTvp1trmKpUB/ddVBVYDoyGugwV3x3VGMLFLHk280S YpXv0pMsbyLY+wPRhhZIskEfXHQd46/FQJp8WtPpsfuz3f69YcBmry6jSXlvVuaN wAXtA3kcDWqtpuL6Tr8X6GYc5foK9ufeSncyPC9XhUs4qJwTXPhR/BXEM84r6Ia5 B/AXo1FUpGf8h96s6CQOd+yVhZvhpMyaJV2vGVSHNlDCmckGAQi3m0nviKmd9Apk XXfWkuEx4qWMoL6cFyXQnnZwr52QmE4RHDiOfYriTO+nO8SWVr9157srpI3G461d QHLsbwMmWq1BqCLWjTfpMY9iGw6XqgUXXEdxxgeqx+b3jl2i+NV0gmIrKYopY/1X jl4NBtVwUkK9X1GXh0oARnxfaCq/hj+KvNecOkBwVSCnDXR/kfC1pMQUCg8M9lQq kY5l+t5Ayny2StrGU5Nyix+QJjyv312NuyFF9nD2SUsTQuO86KCax3gUmLRSgW2M 5oG2Lse6WS9SbV5o8EEU949xmIBmjqwYqZf9a8H6E+JxYpo76UaY5syDsbKmH0xg xWwaQ9yYaRg= =/Yt9 -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2274 - [Appliance] Eaton Intelligent Power Manager: CVSS (Max): 5.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2274 ICS Advisory (ICSA-22-130-04) Eaton Intelligent Power Manager 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Eaton Intelligent Power Manager Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2021-23282 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-130-04 Comment: CVSS (Max): 5.2 CVE-2021-23282 (CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-130-04) Eaton Intelligent Power Manager Original release date: May 10, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 5.2 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Eaton o Equipment: Intelligent Power Manager (IPM) v1 o Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code using untrusted data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Eaton IPM, a power management platform, are affected: o Eaton Intelligent Power Manager (IPM) v1: All versions prior to v1.70 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected product is vulnerable to a reflected cross-site scripting vulnerability due to insufficient validation of input from certain resources by the IPM software. An attacker would need access to the local subnet and an administrator interaction to compromise the system. CVE-2021-23282 has been assigned to this vulnerability. A CVSS v3 base score of 5.2 has been calculated; the CVSS vector string is ( AV:A/AC:L/PR:H/UI:N/S:U/ C:N/I:L/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Ireland 3.4 RESEARCHER Michael Heinzl reported this vulnerability to CISA. 4. MITIGATIONS Eaton recommends users upgrade to the latest version of Intelligent Power Manager: o Eaton IPM: Update to v1.70 Eaton recommends users follow the security best practices and configure the logical access mechanisms provided in IPM to safeguard the application from unauthorized access. IPM provides various types of administrative, operational, and configuration privilege levels. Use the available access control mechanisms properly to ensure system and application access is restricted to legitimate users only. Ensure users are restricted to only the privilege levels necessary to complete their job roles/functions. o Restrict exposure to external networks for all control system devices and/ or systems and ensure they are not directly accessible from the open Internet. o Deploy control system networks and remote devices behind barrier devices (e.g., firewalls, data diodes) and isolate them from business networks. o Remote access to control system networks should be made available on a strict need-to-use basis. Remote access should use secure methods, such as virtual private networks (VPNs), updated to the most current version available. o Regularly update software and applications to the latest versions available, as applicable. o Enable audit logs on all devices and applications. o Disable/deactivate unused communication channels, TCP/UDP ports and services (e.g., SNMP, FTP, BootP, DHCP, etc.) on networked devices. o Create security zones for devices with common security requirements using barrier devices (e.g., firewalls, data diodes). o Change default passwords following initial startup. Use complex secure passwords or passphrases. o Perform regular security assessments and risk analysis of networked control systems. For additional information, please visit Eaton's cybersecurity website . CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target this vulnerability. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsIfeNLKJtyKPYoAQi1HhAAo8XmDbDs64suCwZTqFf/KeSUxwvwtSnF QNPdqL3u27AjoeCbOc4r2MOfg/OXGD6f49ThTBa4GcE/FOAn3Q4fy3Ws2FI27PLn 8cjNaZCMr962imCW+BRNTYy17h5RZGqVHlYHdhsMYlKIYdljaj0Hgu12GeGfOEmQ ukgN4wP6XwdOFV5NoxWhHa/M7QWl2U0PT2LamgqGKbllCXthl0JSTp7F6fkGnU7r I/0qRvYDPACKItioBdHgR9YuCKjJQdtW4YIF+97+dHcu3BFCke/1im285Lc4S53v jjPaxF97+X7kF+hzvgLqOoydWP5pn7ycK+1gmojRTzWiXG9s0EYQgosSBbNRgt1S pt9ttVYAWR+Hu5NxmF6yj0b/Iu4lHVULDjKgSsoPQaXU1Rr5mLFTF2Byw6N5qFiw nUqaKGJitanmIRl5LB60NbMvI7eY82nnSC9CHiACnDF3uQDGjdImobRDMAK8VOfM C47KWADPEUMu7r+Fy4T3yQtkVT1zUxEEf2URYJPj5aTbfhMLtTDqfakli23wmKqH RAHG46e1KXFgLWXhaF9EAwnRzSzX7xBVTbGX8Qs/8bUp8ekIrMWX3xw9gPUTeGs+ 7zebu1WA1jpe49nPghLE1AbVZP/4a7ANOYn1W6hyPzTVzCgZtP0FtqBq+NdsQnxw fyq3t1lyU0c= =Sih+ -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2273 - [Appliance] Eaton Intelligent Power Manager Infrastructure: CVSS (Max): 5.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2273 Advisory (icsa-22-130-03) Eaton Intelligent Power Manager Infrastructure 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Eaton Intelligent Power Manager Infrastructure Publisher: ICS-CERT Operating System: Network Appliance Resolution: Mitigation CVE Names: CVE-2021-23286 CVE-2021-23285 CVE-2021-23284 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-130-03 Comment: CVSS (Max): 5.7 CVE-2021-23284 (CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-130-03) Eaton Intelligent Power Manager Infrastructure Original release date: May 10, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 5.7 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Eaton o Equipment: Intelligent Power Manager Infrastructure o Vulnerabilities: Cross-site Scripting, Reflected Cross-site Scripting, Improper Neutralization of Formula in a CSV File 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code using untrusted data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Eaton Intelligent power monitoring products are affected: o Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure): All versions including v1.5.0 plus205 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected product has reached its End of Life, it is vulnerable to a stored cross-site scripting vulnerability due to insufficient validation of input from certain resources by the IPM Infrastructure software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. CVE-2021-23284 has been assigned to this vulnerability. A CVSS v3 base score of 5.7 has been calculated; the CVSS vector string is ( AV:A/AC:L/PR:H/UI:N/S:U/ C:L/I:L/A:H ). 3.2.2 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected product has reached its End of Life, it is vulnerable to a reflected cross-site scripting vulnerability due to insufficient validation of input from certain resources by the IPM Infrastructure software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. CVE-2021-23285 has been assigned to this vulnerability. A CVSS v3 base score of 3.1 has been calculated; the CVSS vector string is ( AV:A/AC:H/PR:H/UI:N/S:U/ C:L/I:L/A:N ). 3.2.3 IMPROPER NEUTRALIZATION OF FORMULA ELEMENTS IN A CSV FILE CWE-1236 The affected product has reached its End of Life, it is vulnerable to a CSV Formula Injection. The vulnerability exists due to improper sanitization of imported CSV files. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. CVE-2021-23286 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is ( AV:A/AC:L/PR:H/UI:R/S:U/ C:L/I:L/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Ireland 3.4 RESEARCHER Michael Heinzl reported these vulnerabilities to CISA. 4. MITIGATIONS The product has reached its End Of Life, the notification has been posted at: Lifecycle Notification . The transition to IPM Monitor Edition is in progress. Refer the Product page for further details. Until the transition is complete, Eaton recommends the below guidelines should be followed. o To prevent the exploitation of the issues and safeguard the software from malicious entities, ensure access to the system is provided to the known users and the credentials are secured. Eaton recommends users follow the security best practices and configure the logical access mechanisms provided in IPM to safeguard the application from unauthorized access. IPM provides various types of administrative, operational, configuration privilege levels. Use the available access control mechanisms properly to ensure system and application access is restricted to legitimate users only. Ensure users are restricted to only the privilege levels necessary to complete their job roles/functions. o Restrict exposure to external networks for all control system devices and/ or systems and ensure they are not directly accessible from the open Internet. o Deploy control system networks and remote devices behind barrier devices (e.g. firewalls, data diodes) and isolate them from business networks. o Remote access to control system networks should be made available on a strict need-to-use basis. Remote access should use secure methods, such as virtual private networks (VPNs), updated to the most current version available. o Regularly update software and applications to latest versions available, as applicable. o Enable audit logs on all devices and applications. o Disable/deactivate unused communication channels, TCP/UDP ports and services (e.g., SNMP, FTP, BootP, DHCP, etc.) on networked devices. o Create security zones for devices with common security requirements using barrier devices (e.g., firewalls, data diodes). o Change default passwords following initial startup. Use complex secure passwords or passphrases. o Perform regular security assessments and risk analysis of networked control systems. For additional information, please visit Eaton's cybersecurity website . CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsIdeNLKJtyKPYoAQiL1RAAgh8p8PMODqUjUbrSIVVrlp4rTxTRJOdn CejusapYCySTQ9CaNWoLTX//NI/92kQZfj1vz1iMEEofQdRxNWQb2f2dXNKceAlz RM3h+ymYoruNsigZaGOsGoMmWQTeNVG78t8hMvWu4Pavd3hkY8cj8ULtZM20MSwI zUGd1G+Tx+Z0VsGdWyOo75S3/JNeTVUmTYCroy0T8gSfo3ChJje7HrEM/hCOxeJP ivVH8Q4I0fqrGSg4j7OhPcOZfnD1OuwlE+OphdOb+DCZ1gK5u9I/I7B70DZmV34s 5bA8Anab43Pdo5AF53CkcdfaauyGNInzOVjkV2GdL0krJROor5vhtEiTZ+6Qpw4i FZ8Km+uHn2RGvvqaYo18zLXkYRk2sjAUi3bIg14uE05/fgstFwLJCt/zECWcqcy2 RCydHfMpmA8TEO54p4BuXxlJekEPwFAsJASCHJ6h3afM4AF4gjp4Ij67ZqSK4aSu i4QkfP6Z95xDdejzJYUelECxZYeVQNIv6K+wDv9W8OVUap9/Y3LZxZGYocL2uWUl PFSQ5lU30z9DVA3ABeg9c1t++JmDziSwLJaXKB5XWJPeikDD0vzLaKNs/S3pIs3C rWtypBCgeT/DsZoZCVaby1bjjPEncowfpxSQj8OXFbPqUIMCtKrRgitCTXYbNt1l KegIg4k5UcY= =2+UC -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2272 - Eaton Intelligent Power Protector: CVSS (Max): 5.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2272 ICS Advisory (ICSA-22-130-02) Eaton Intelligent Power Protector 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Eaton Intelligent Power Protector Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2021-23283 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-130-02 Comment: CVSS (Max): 5.4 CVE-2021-23283 (CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-130-02) Eaton Intelligent Power Protector Original release date: May 10, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 5.2 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Eaton o Equipment: Intelligent Power Protector (IPP) o Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code using untrusted data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Eaton IPP, a power protection platform, are affected: o Eaton Intelligent Power Protector (IPP): All versions prior to v1.69 release 166 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected product is vulnerable to a cross-site scripting vulnerability due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software. CVE-2021-23283 has been assigned to this vulnerability. A CVSS v3 base score of 5.2 has been calculated; the CVSS vector string is ( AV:A/AC:L/PR:H/UI:N/S:U/ C:N/I:L/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Ireland 3.4 RESEARCHER Michael Heinzl reported this vulnerability to CISA. 4. MITIGATIONS Eaton recommends users upgrade to the latest version of its software, Eaton IPP v1.69 Eaton recommends users follow the security best practices and configure the logical access mechanisms provided in IPP to safeguard the application from unauthorized access. Use the available access control mechanisms properly to ensure system and application access is restricted to legitimate users only. Ensure users are restricted to only the privilege levels necessary to complete their job roles/functions. o Restrict exposure to external networks for all control system devices and/ or systems and ensure they are not directly accessible from the Internet. o Deploy control system networks and remote devices behind barrier devices (e.g., firewalls, data diodes) and isolate them from business networks. o Remote access to control system networks should be made available on a strict need-to-use basis. Remote access should use secure methods, such as virtual private networks (VPNs), updated to the most current version available. o Regularly update software and applications to latest versions available, as applicable. o Enable audit logs on all devices and applications. o Disable/deactivate unused communication channels, TCP/UDP ports and services (e.g., SNMP, FTP, BootP, DHCP, etc.) on networked devices. o Create security zones for devices with common security requirements using barrier devices (e.g., firewalls, data diodes). o Change default passwords following initial startup. Use complex secure passwords or passphrases. o Perform regular security assessments and risk analysis of networked control systems. For additional information, please visit Eaton's cybersecurity website . CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target this vulnerability. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsISuNLKJtyKPYoAQjpDA//XS+OJDt9CGI2yh1dWCt85BGk5EcQPAc2 iqLd7/jkLgBsMjsoISFrZeUWWFI/p8q4jlt5AF5XR15hrhAmFi/tj5fU+KFuvXOS 8bSdE8tvcjq+KXNsiJ/gOM4FVKRiCygmzTeiZjYH5SFGYZOwa+NLnZOQ7ky7ITdT i8oOfbq6MvZtt7/EtQt92u03UWip5df0tG3M2pUVy0uScLzaWKn3Cf8acRNEOvW7 1GcppS8aGCcZW13wBsusRBaGctn8wu1zQEJUiLMIVcPJCKEyhsHk4KDHDdOJVJDH TynpBAdGUUhm8dV/O4Ai2z/qXEekPFCc9EDfvRAQqNaygeK1M7y0sDEe5XjFr0F0 xb1Ob+81I6zWFrWvV4e26clF+oSxhAdqJb8AfLsSls11V/EvcVSFZFrc5x4khQfc NrgX3X/whsxMcQCfVp1Dy2YAu0/flsH0nA3NHCNc81RdSAuz0eGKh7NgVxfVAdBy wRpgKz0J3Fwe1ezVUUIjLzYub8knssJdM2rPe6M0OYVaSdvjm5+HXz+2hY3DhwYf OgyAR3UB1EYv5W47PaUsGD8e8i+5dZhnnkHW3lPS5nrxs3LKetG0z2c3v7lT04SA Npw6Vu3cLtN+hV9qwK+cav3h4ox6TVESYTf5p0j/0JxgjTi+3ac7D6RjElke58Uy qfDogp9DnLc= =VyBA -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2271 - [Appliance] Adminer in Industrial Products: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2271 ICS Advisory (ICSA-22-130-01) Adminer in Industrial Products 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adminer in Industrial Products Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2021-43008 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-130-01 Comment: CVSS (Max): 7.5 CVE-2021-43008 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-130-01) Adminer in Industrial Products Original release date: May 10, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.5 o ATTENTION: Exploitable remotely/low attack complexity/public exploits are available o Vendor: Adminer o Equipment: Adminer o Vulnerability: Files or Directories Accessible to External Parties 2. RISK EVALUATION Successful exploitation of this vulnerability could allow reading of database credentials and loss of sensitive information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Adminer, a database management tool, are affected: o Adminer: Versions 1.112.0 to 4.6.2 3.2 VULNERABILITY OVERVIEW 3.2.1 FILES AND DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES CWE-552 The affected product is vulnerable to a MySQL database issue that allows an attacker to read database files. This may allow an attacker to read database credentials and steal data. CVE-2021-43008 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/ C:H/I:N/A:N ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Czech Republic 3.4 RESEARCHER Mosin from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc., reported this vulnerability to CISA. 4. MITIGATIONS Adminer has fixed this vulnerability and recommends users upgrade to Version 4.6.3 or later . See the following links for more information and mitigations on ICS devices that use Adminer: o Advantech R-SeeNet (Windows Installation of R-SeeNet is only affected, upgrade to Version 2.4.19 or later) CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsIRONLKJtyKPYoAQgHAA//fNnlF+/W58T+fgf8XWGOY/BRkKuBzyBg lah5g4deQsPEVhb8bJ9gmYEO9jCKAQX4RqPSxjAdUtPn0PKgSbRrQvm1xD4Bud5U Bs3p7gXYL69OpFIR5SqFckacWBT/tUeYxMwYC0EwV/qFkqvLiO7VqAOFKVMU6sMT UtOgTH3blT3INPMDAq1sBJaPbjjSgZC2+h/2CYwJeMkWPkniDpatZmDv3X8cBNnQ kWzDNsImSpSpJ6WLVPs9OG6RYWaqneJ99qr8M6x8maXPR2P9dehulHKEFsTHTcOf tiVQGpzKqDS4rAZMucKVfjZN3DF3DYd8Ux4rKmr+OA0JiYvEa3qzZ9JTetdwClZU jmOzAs0KIrl+9Uun8z72balMJldznj5pazAFHsdjCkd5cbud/7wBmtAqjs/6gtTJ TwCk4K7eZei8fTU8uVDeEutUbNRgJ1Mg1QhFSme1H64gL5KBpe+8kVyeL0DdjKml uCZ/RUKffl8+fY1T5mSJBzKh4xzlpczfs7EHhDwke49pWNyzXQobisIpZKtWRaYH WwLbviZ6pB7GlWZSj7SH8ApgRQSYOed10s6gGcMVmEhKcEqWh5SHsJmTTqShY3Xh XFRDJ2SrXNZNPzYvm4f3iwGT3wfNoK7LQDd+Y4jvVH2mwWwOd31TbuDHMirWK5wP cHLFfCRfYjw= =+Onx -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2270 - [Debian] mutt: CVSS (Max): 5.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2270 mutt security update 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: mutt Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-1328 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/05/msg00010.html Comment: CVSS (Max): 5.3 CVE-2022-1328 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2999-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Utkarsh Gupta May 11, 2022 https://wiki.debian.org/LTS - - ----------------------------------------------------------------------- Package : mutt Version : 1.7.2-1+deb9u6 CVE ID : CVE-2022-1328 Debian Bug : 1009734 It was discovered that Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, incorrectly handled certain input. An attacker could possibly use this issue to cause a crash, or expose sensitive information. For Debian 9 stretch, this problem has been fixed in version 1.7.2-1+deb9u6. We recommend that you upgrade your mutt packages. For the detailed security status of mutt please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mutt Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmJ63BMACgkQgj6WdgbD S5ZXkw//WJqpSwrZXGMwM9vs6ic9OKqtCJiifbvPmyWEBICzKTpPnn3MVtlaKqSQ 1hHkPpLYdi6Z9a+DnUNau7MjmhMC8J1b8kbYaJUvIttNezytDC1nwCXYzLAxH27P g8uLGPT6TxAxpUI/l76QCu8Bu/Bkobk9+pw+M0nXpwL3wd75z3pCX9H11oLHxsyf 6RbY1rjYVvW/Zqky7T4WFTm0R1trXizYHgzdRLRBund1rt9sbJjLvk1JLju/0iM8 usjYIywb8iMVfTMaVYqBGqmPo3ClsMhFJwLda9Z/b+Yrhn9VASDxWQjec+P0anys VQdT6CBKS9wtK/3mmaiulrF4k0mdbVGntLO4F8qg6Q8Dxn5Wqzd62Gsy4WxDDwnt UQAkZEo031l5fS1ogDor4J5UjcXXrpEJTGdC1oRM6bctp6QZPLkwQ12gcDeL5fLA MZVWfIJ4lj4vsJ8a6w2tCBaWI/A8BJsyMpw+Uu+J9dYlwRMOhVbv9Y39IKg6LFit cp9AE5mI8zi7TccfOg25/u1LBoIQSVT/WODDbzJKnT/hKxad2yUGEeeGML2hx2RW mf6J1QREChVM2yfbnN+wTcuU+Qn8qyeNnbli0tjyXHQHUhL1ikYeKnImCnMtiTc7 NWcscBnErpoc/bVmxhLA6VmZlYa7zi6NeO632leWlZLP3ZLFTkY= =72K5 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsIOeNLKJtyKPYoAQgg0Q/+P9jOlve3z6l+a0tkfWGq8D85MvxN9Nhn DCE2x/LH8scRd6eB6t8haUjIzEIY3ftXA6e3mJokdjiJiBpIt16kd3i9Yf5hvGcs jON7kfk2fE1lskRMstJSvDRt55rPNTBcViOIjXnMaUcD0Vnqjgn6KFUbDlw0ZCXs urPK8j5hq5UPodoan6tAbqH/wkElgmv4BQAhbT5e7tiGaC67/zCO2Dqne88TlZXa Q+hu84z1iSJ53jUup1zIRazezMPsFUhfnYljDBFc8UUwNSycjSxHHxMmUclMM0gi ZLvf67wWrlpwJlt2/RDWflj0Kt5W3VzZPwMF8zYUlLAArsJFO8DRjEor9aBqAueu /ERjtRNgqE/PZAMq6ULTtdown4EJ17SWIXWyVp34WWhD1ld9mamfFApTMKRkbez9 mfJHl9WQtyKXrEbzSX40tBK2kMkYQ9iiqlgOfDNfWv3hu0jHGK45UvbM0XR8sIoP Wrp/2yt7dYx9lG1lVWzLC3Xti3h3a12uXoaZ2TOrWXgJnaiAqVYmx8eCe78/SpHf uqYsGA9XFodu4Au/G1gdFDsAxOeoU4ergiU2O23V42gftWsnl1vQe5EYTkUentKB MskIkMsbWtaB5TS9LvytIb7g/sdaO/HJnJljXfmE7oOIk4oqHY/5USiuR98fgHIF JB4FJ0afGSM= =piVZ -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2269 - [Debian] kicad: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2269 kicad security update 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kicad Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-23947 CVE-2022-23946 CVE-2022-23804 CVE-2022-23803 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/05/msg00009.html Comment: CVSS (Max): 7.8 CVE-2022-23947 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2998-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Stefano Rivera May 09, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : kicad Version : 4.0.5+dfsg1-4+deb9u1 CVE ID : CVE-2022-23803 CVE-2022-23804 CVE-2022-23946 CVE-2022-23947 KiCad is a suite of programs for the creation of printed circuit boards. It includes a schematic editor, a PCB layout tool, support tools and a 3D viewer to display a finished & fully populated PCB. Several buffer-overflows were discovered in the Gerber Viewer and excellon file parser, that could lead to code execution when opening a maliciously-crafted file. CVE-2022-23803 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA. CVE-2022-23804 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA. CVE-2022-23946 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA. CVE-2022-23947 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA. For Debian 9 stretch, these problems have been fixed in version 4.0.5+dfsg1-4+deb9u1. We recommend that you upgrade your kicad packages. For the detailed security status of kicad please refer to its security tracker page at: https://security-tracker.debian.org/tracker/kicad Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYnnJRQAKCRBHew2wJjpU 2IdDAQC1iFYdRhi7DMC4dX3y9uO54LZGV9041O2Prtpgkl6+8wD+Pmr2HLEEIZs8 IIx+802Je+bRFuQfVVboarCAGZZkcw8= - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsILONLKJtyKPYoAQhqdg//Vm7o6K0vk3cHdvQwThNJDz4KAV2UCe7K xNu7zsYKqKQ+CBcx6137LrTVKjkUk+0dgH3rNfKlQvT+XHjuhp+fs54/efpMzyXX d/+Gktvj/t8vg2gQTZTcGdzNeh+/TN4/ah4FOXRUI9xYeDdiOPbZYpmxtsKgJNd3 wlHiA5lAxmi4w9LdK739a02SVfZIAnJiHjsTYf9sZgJlmZeUH1ar6KSxr+WmKl9E in8piRnP+27Tsh/dt/nZrzdNsjOjLp70jMLFXYmPH6+H1qoPxKOHW1fOl3x62yUB GEWjRyeTArvFTIR17VMv7cHkVC2rGfB2bW6Q5nS9G8pbeD8w1KZNNi0TyaoJW+ca FP4wSDTkwf2vtjrU7gEvAIdHFk/BceS+5OSWtUZq5WVT5RLhmIcI9kw2wKRHoiu9 RY/RtU5PP1ac1XcmQUQclHSQ6fdHhNrdyXv9UygaKAyuSpnN2pxCuZ/aCKRL5yLD DqEEeKCa695tc+1HcKD3TJrsAYS3hNt6iSL8mdHAu3K46GhBLxi296IjVYUrIFR1 eRtFtvQALqLsFC7+xEFJfCK3ZmZyHOttzmjldyyWbAqqp2g3eWPywVZYAomZh78T jp36Ebc02aNjjZrqsYsRfds74hl2q7lPLHmz53qBiImvr5cxXU89yn3p2BFEGnLK fc5pJxKeol0= =wsxQ -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2268 - [Win] Intel Manageability Commander: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2268 Intel Manageability Commander Advisory 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Manageability Commander Publisher: Intel Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2021-0126 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00519.html Comment: CVSS (Max): 5.5 CVE-2021-0126 (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00519 Advisory Category: Software Impact of vulnerability : Escalation of Privilege Severity rating : MEDIUM Original release: 05/10/2022 Last revised: 05/10/2022 View all Show less Summary: A potential security vulnerability in the Intel Manageability Commander may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-0126 Description: Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. CVSS Base Score: 5.5 Medium CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: Intel Manageability Commander before version 2.2. Recommendations: Intel recommends updating Intel Manageability Commander to version 2.2 or later. Updates are available for download at this location: https://www.intel.com/content/www/us/en/download/18796/ intel-manageability-commander.html Acknowledgements: This issue was found internally by Intel. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release View all Show less - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsH7+NLKJtyKPYoAQhCaRAAmoutE5pVi5D7NgrHgNVfjp4C2Bgf9xuy c822SFifQEs0hhrSfCX0l1PrnAMirGclfypONFYg3SCIk6Vh+4WNp+RgwIR1eJE5 y217AL6x4mSqzXtvx4AeWlKDmd5M9ldcVEzxrnu+z2SrYbbtX3o3Qqj4QjGdUqla HA9+c8mbzZEC5IxANsDbC57FwLKnXqVGinKJ8c3w9AaNxXzGNQJT6Gs409I2H7RT h17xTsn9Nkb85O0vaE2q+uIUHLhuiTbIbObd9N59Qk3nYPyyLpIGYs9K4YyWoFcO EXrTFMrvG//eC0GyhnaNOZQNV25e/I9ZcnMCd2EJij5tLMh0f+HVU1q0hcUWnCxk Gl7g+niGplKdyUe0K3+wEaTueSepN7Aoj0BWIUjoZyb7IChStBEVeFnnV8QTk9uJ bVpLR9883irLXR63NOqDPeWq318fCw4OY940db+Y/gJMu/6mOl1jq7YyMfpDDddJ sQ1VZWwTKJakw3UI9/sQNmYlNPA2+Mnf+9wDA6L4tG9asC1oI/ObVuPscg3voNAU WgxVI6zDL+Vs9CpVVWKGZWq8yUPaU6yZ5iEKZAnhh2ZN2/tYPP2fj6abCtq9nRwt FV1oFQQbLqyHjzoTmaoQFLJ7l9nQx6cuklWxEmJQ3ikvf6tZyI14OZSwTSTU5rJB lGXhIaH6X90= =Oo65 -----END PGP SIGNATURE-----
2022. május 11.

ESB-2022.2267.3 - UPDATE [Linux] Intel In-Band Manageability: CVSS (Max): 7.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2267.3 Intel In-Band Manageability Advisory 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel In-Band Manageability Publisher: Intel Operating System: Linux variants Resolution: Patch/Upgrade CVE Names: CVE-2021-33108 CVE-2021-0194 CVE-2021-0193 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00549.html Comment: CVSS (Max): 7.2 CVE-2021-0193 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Revision History: May 11 2022: Re-formatted text May 11 2022: Updated CVSS Source and OS May 11 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00549 Advisory Category: Software Impact of vulnerability : Escalation of Privilege Severity rating : HIGH Original release: 05/10/2022 Last revised: 05/10/2022 Summary: Potential security vulnerabilities in the Intel In-Band Manageability software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2021-0193 Description: Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. CVSS Base Score: 7.2 HIGH CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVEID: CVE-2021-33108 Description: Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access. CVSS Base Score: 6.7 MEDIUM CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVEID: CVE-2021-0194 Description: Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. CVSS Base Score: 6.5 MEDIUM CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Affected Products: Intel In-Band Manageability before version 2.13.0. Recommendations: Updates are available for download at this location: https://www.intel.com/ content/www/us/en/developer/tools/in-band-manageability/documentation.html Acknowledgements: These issues were found internally by Intel. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsKJ+NLKJtyKPYoAQhXOA/9Eut1yVOQ1fDxkRFmaAnpM28FpzEBvsjn I8TAuIqswsa+XKsqIhr5tH8shKZMS7+ailX4IzsVd9kXxDJnBv1WozbTyX0wMjf5 /1GogFyOGSOXbgaIHiNhUOslsTIWRAylXC8bcvgVBgf6GoF4ZAK3vjKSVcJOw6CK 1b/h4q506Q83hRs+Ea94+ujgTfZOULaYIiIQJ3sLAwQ94SrlerbB+x/geCUlXQG+ wpELqyQ8+eLzvkqEB+5kukCE4DC6EGQZ817TCDY17ywxRGyHoYGevdGCSkXzSCz6 3o0At/+6SX9ohRt0tiYCGTJmDvFvCzGAH45BGHd9jvbF+Z7DaZg8ji/7MMxJeJ38 H2RwutAqf4Wf0rKEH/oggeVZh2nLdwxL/l10KBJSfuwnM3ZblmjWEiR/lJCPEwCr Bo1fDJxIADGtDZhdDvxCHrGS9dLC8J7VXMetEvgf2V2kPtdx9m+b4+Whicvj1vYG ALuWKjlynkAn3Peu72IfMIXUyDmNttUrLdWWxnK6+b4QvtzTVXAfjIYOmF2YiNoV iY5GWtx7tuiuB5f9PyGPJF5HUmzJtma3S9FHUeiQIcXybvXMKRyv0c0dKYYjZRVU e7YBSZ5DUEc7hj3TfdbSf0+lGKEBFBWGh0ABGPXhKkirOFbmqfJNh9e/eEvAyttO Wq8VcPkqF4o= =Lz/l -----END PGP SIGNATURE-----
2022. május 11.

ASB-2022.0122 - ALERT [Win] Windows: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0122 Microsoft Patch Tuesday update for Microsoft Extended Security Update (ESU) products for May 2022 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Windows 7 Windows Server 2008 R2 Windows Server 2008 Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-29141 CVE-2022-29139 CVE-2022-29137 CVE-2022-29132 CVE-2022-29130 CVE-2022-29129 CVE-2022-29128 CVE-2022-29127 CVE-2022-29121 CVE-2022-29115 CVE-2022-29112 CVE-2022-29105 CVE-2022-29103 CVE-2022-26937 CVE-2022-26936 CVE-2022-26935 CVE-2022-26934 CVE-2022-26931 CVE-2022-26926 CVE-2022-26925 CVE-2022-23270 CVE-2022-22019 CVE-2022-22015 CVE-2022-22014 CVE-2022-22013 CVE-2022-22012 CVE-2022-22011 CVE-2022-21972 Comment: CVSS (Max): 9.8 CVE-2022-29130 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Microsoft reports CVE-2022-26925 being actively exploited OVERVIEW Microsoft has released its monthly security patch update for the month of May 2022. This update resolves 28 vulnerabilities across the following products: [1] Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-21972 Remote Code Execution Critical CVE-2022-22011 Information Disclosure Important CVE-2022-22012 Remote Code Execution Important CVE-2022-22013 Remote Code Execution Important CVE-2022-22014 Remote Code Execution Important CVE-2022-22015 Information Disclosure Important CVE-2022-22019 Remote Code Execution Important CVE-2022-23270 Remote Code Execution Critical CVE-2022-26925 Spoofing Important CVE-2022-26926 Remote Code Execution Important CVE-2022-26931 Elevation of Privilege Critical CVE-2022-26934 Information Disclosure Important CVE-2022-26935 Information Disclosure Important CVE-2022-26936 Information Disclosure Important CVE-2022-26937 Remote Code Execution Critical CVE-2022-29103 Elevation of Privilege Important CVE-2022-29105 Remote Code Execution Important CVE-2022-29112 Information Disclosure Important CVE-2022-29115 Remote Code Execution Important CVE-2022-29121 Denial of Service Important CVE-2022-29127 Security Feature Bypass Important CVE-2022-29128 Remote Code Execution Important CVE-2022-29129 Remote Code Execution Important CVE-2022-29130 Remote Code Execution Important CVE-2022-29132 Elevation of Privilege Important CVE-2022-29137 Remote Code Execution Important CVE-2022-29139 Remote Code Execution Important CVE-2022-29141 Remote Code Execution Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5013999, KB5014006, KB5014010, KB5014012 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsE1uNLKJtyKPYoAQgLCw/8CuCVS3jbd3vhG+/JJukuT4iB4KaC71Uv UUn6nek/y7W9BrlXCkUPFcxjxdxj8yf/4JsfIuMTYWvWeRgi/I4g/x5dn1GEByS+ ftXyWD+GtdfLZ5XymuUeoUdSvNKTED2bCfpK5JwzcmzXNdyeGo8Ss2x9AbxzOWcT n5yGqXl/8gjiXxjwQeHsbAxkxtJoltq8aBcSVctFrXt+UcHbnfCpxt/6n+1F+RFd nca3rD91wyX3Juttd+wl6wXLTVZ70inEIg3HaPaUH75Or7Ux7FlqV2JUghNHOeO+ +Zro+5Qz4Ok9j07TZWw62NMRcmKRrqXsZ9csZmx8IugHh1nIrFPgad0VSIY8kS+U nCipK6edhHmXn5s6nFhA7r+kGrNtDgzobNRKxcd1eUuc3ycOitFrcfKfXmBqKYaq cIRozW/AsDZumoeFL2BEOs36ACj2LtQWpgXdUX71OKBVy6SgtWZ8l8pKS/GS6zeu Z5d0+CY3epy1xZD+Mc727ARi3aHfsvgNc4uyjNpmgfAMFE140gQzSh1yHP8cmW83 zZ+u/vlduI1KYguzJXzYpvy2weLIVVkLKBYpP6fD8/Z+ZbAAcGWQ53vm59BiZ9zL qJN8F+sZSD+42XhCXQ6iNgjH1EGYoMEtpnascCp7K+3y64uP1r8wXoJG08LQydHq bNRut4Evhp4= =1l/f -----END PGP SIGNATURE-----
2022. május 11.

ASB-2022.0121 - ALERT [Win] Windows: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0121 Microsoft Patch Tuesday update for Microsoft Windows for May 2022 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Windows 10 Windows 11 Windows 8.1 Windows RT 8.1 Windows Server Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-29151 CVE-2022-29150 CVE-2022-29142 CVE-2022-29141 CVE-2022-29140 CVE-2022-29139 CVE-2022-29138 CVE-2022-29137 CVE-2022-29135 CVE-2022-29134 CVE-2022-29133 CVE-2022-29132 CVE-2022-29131 CVE-2022-29130 CVE-2022-29129 CVE-2022-29128 CVE-2022-29127 CVE-2022-29126 CVE-2022-29125 CVE-2022-29123 CVE-2022-29122 CVE-2022-29121 CVE-2022-29120 CVE-2022-29116 CVE-2022-29115 CVE-2022-29114 CVE-2022-29113 CVE-2022-29112 CVE-2022-29106 CVE-2022-29105 CVE-2022-29104 CVE-2022-29103 CVE-2022-29102 CVE-2022-26940 CVE-2022-26939 CVE-2022-26938 CVE-2022-26937 CVE-2022-26936 CVE-2022-26935 CVE-2022-26934 CVE-2022-26933 CVE-2022-26932 CVE-2022-26931 CVE-2022-26930 CVE-2022-26927 CVE-2022-26926 CVE-2022-26925 CVE-2022-26923 CVE-2022-26913 CVE-2022-24466 CVE-2022-23279 CVE-2022-23270 CVE-2022-22713 CVE-2022-22019 CVE-2022-22017 CVE-2022-22016 CVE-2022-22015 CVE-2022-22014 CVE-2022-22013 CVE-2022-22012 CVE-2022-22011 CVE-2022-21972 Comment: CVSS (Max): 9.8 CVE-2022-29130 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Microsoft reports CVE-2022-26925 being actively exploited OVERVIEW Microsoft has released its monthly security patch update for the month of May 2022. This update resolves 62 vulnerabilities across the following products: [1] Remote Desktop client Windows 10 Windows 11 Windows 8.1 Windows RT 8.1 Windows Server Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-21972 Remote Code Execution Critical CVE-2022-22011 Information Disclosure Important CVE-2022-22012 Remote Code Execution Important CVE-2022-22013 Remote Code Execution Important CVE-2022-22014 Remote Code Execution Important CVE-2022-22015 Information Disclosure Important CVE-2022-22016 Elevation of Privilege Important CVE-2022-22017 Remote Code Execution Critical CVE-2022-22019 Remote Code Execution Important CVE-2022-22713 Denial of Service Important CVE-2022-23270 Remote Code Execution Critical CVE-2022-23279 Elevation of Privilege Important CVE-2022-24466 Security Feature Bypass Important CVE-2022-26913 Security Feature Bypass Important CVE-2022-26923 Elevation of Privilege Critical CVE-2022-26925 Spoofing Important CVE-2022-26926 Remote Code Execution Important CVE-2022-26927 Remote Code Execution Important CVE-2022-26930 Information Disclosure Important CVE-2022-26931 Elevation of Privilege Critical CVE-2022-26932 Elevation of Privilege Important CVE-2022-26933 Information Disclosure Important CVE-2022-26934 Information Disclosure Important CVE-2022-26935 Information Disclosure Important CVE-2022-26936 Information Disclosure Important CVE-2022-26937 Remote Code Execution Critical CVE-2022-26938 Elevation of Privilege Important CVE-2022-26939 Elevation of Privilege Important CVE-2022-26940 Information Disclosure Important CVE-2022-29102 Information Disclosure Important CVE-2022-29103 Elevation of Privilege Important CVE-2022-29104 Elevation of Privilege Important CVE-2022-29105 Remote Code Execution Important CVE-2022-29106 Elevation of Privilege Important CVE-2022-29112 Information Disclosure Important CVE-2022-29113 Elevation of Privilege Important CVE-2022-29114 Information Disclosure Important CVE-2022-29115 Remote Code Execution Important CVE-2022-29116 Information Disclosure Important CVE-2022-29120 Information Disclosure Important CVE-2022-29121 Denial of Service Important CVE-2022-29122 Information Disclosure Important CVE-2022-29123 Information Disclosure Important CVE-2022-29125 Elevation of Privilege Important CVE-2022-29126 Elevation of Privilege Important CVE-2022-29127 Security Feature Bypass Important CVE-2022-29128 Remote Code Execution Important CVE-2022-29129 Remote Code Execution Important CVE-2022-29130 Remote Code Execution Important CVE-2022-29131 Remote Code Execution Important CVE-2022-29132 Elevation of Privilege Important CVE-2022-29133 Elevation of Privilege Important CVE-2022-29134 Information Disclosure Important CVE-2022-29135 Elevation of Privilege Important CVE-2022-29137 Remote Code Execution Important CVE-2022-29138 Elevation of Privilege Important CVE-2022-29139 Remote Code Execution Important CVE-2022-29140 Information Disclosure Important CVE-2022-29141 Remote Code Execution Important CVE-2022-29142 Elevation of Privilege Important CVE-2022-29150 Elevation of Privilege Important CVE-2022-29151 Elevation of Privilege Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5013941, KB5013942, KB5013943, KB5013944, KB5013945 KB5013952, KB5013963, KB5014001, KB5014011, KB5014017 KB5014018, KB5014025 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsE0ONLKJtyKPYoAQi5VBAAqDegNbx8ZR0OHAytqoy6IT1hqBzoCT2N ymoMUQlXAh3BvnPa+t0dvAXhcSYpIlOr9xdnhldrbEQLwz5IWSO6AW4QT9PgmDJe +nSExBRsSScwltB6w457zie7LKbGtspX7zl7TLL0J+m1QQ3efW+CewCIATxU7SJ7 73Txpsf9Mbn/5/JJF5MM48TwlT1K4HHJOdzZ/ZM7Mw3sxCRPXp0UiVDwjU/oLa4S KO3BrY2Uo7rvPtztarNeeSw8mk4N0pwPnTGJcl2gw4ZLkAa3M8L742DP89F5IpZZ wEN+oW0h0muJ6D0E5EnHK8YnEne052d8eqg8FMrwCPZiJgBZWVVtsqimj2ThHHCv jAWsduyDFjjY/1ZJBUrhdZDQKtRsg3lrAZkitsCmBgyiiPVVc75Uh1t4yK9XDYDQ lDInk4q8kHEAZNC1oZ4cnjbXRW/RoCjne9cwEOyynLGHyI4YVlK43K+LciWiqLek Frj37gyLegkftYJy/GTYi3HF9w2U9yIfjFGr6TovOpecFZAAbyhCKHP2hwe9oUUd 0/2507m6W6I2Pwt/vBXF2seBhVaYenUdJf9sZw7uw1OY4tFGSLGJV9L76ZkISkhz YpTC3hA1ASsv1d9W9SORDEJmSpGLD1UWggYtfNMLER9av++gVdNgVpo92VlXATW+ kPOE/3c/YRM= =SuUa -----END PGP SIGNATURE-----