| title | date | draft | logo |
|---|---|---|---|
October 1, 2023 |
2023-10-01 00:00:00 +0545 |
false |
images/infosec/default.png |
{{< toc >}}
Cisco has issued a warning regarding an ongoing attempt to exploit a security vulnerability present in its IOS Software and IOS XE Software. If successful, this exploit could enable a remote attacker who has already authenticated themselves to execute code on the targeted systems from a remote location. The company has reported a weakness that has the potential to grant an authenticated, remote attacker with administrative control over either a group member or a key server the ability to execute arbitrary code on a vulnerable device or even trigger a system crash. It further noted that the issue is the result of insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature and it could be weaponized by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker.
IOS and IOS XE Software
https://thehackernews.com/2023/09/cisco-warns-of-vulnerability-in-ios-and.html
Check for security patches and updates provided by the vendor (in this case, Cisco) to address the vulnerability. Apply these patches as soon as they become available. This is often the most effective way to fix the issue.
CVE-2023-20109
Google rolled out fixes to address a new actively exploited zero-day in the Chrome browser. The vulnerability has been described as a "Heap-Based Buffer Overflow" in VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). The exploitation of this buffer overflow flaw can result in program crashes or execution of arbitrary code with the loss of availability and data integrity. This vulnerability has been tracked as CVE-2023-5217 after the Google's Threat Analysis Group discovered and reported on September. Futher details have not been disclosed other than to acknowledge that exploits for CVE-2023-5217 exists in the wild.
Google Chrome and Chromium based browsers(Microsoft Edge, Brave, Opera and Vilvadi)
https://thehackernews.com/2023/09/update-chrome-now-google-releases-patch.html
- To upgrade to Chrome version 117.0.5938.132 for Windows, macOS, and Linux
- Users of Chromium-based browsers are also advised to apply the fixes as and when they become available.
CVE-2023-5217
Cisco, a prominent player in the world of networking and cybersecurity, has issued a critical security advisory concerning multiple vulnerabilities in their Catalyst SD-WAN Manager, formerly known as Cisco SD-WAN vManage. These vulnerabilities could potentially open doors for cyber attackers to access affected systems or cause a significant (DoS) situation.
CVE-2023-20252: Cisco Catalyst SD-WAN Manager Unauthorized Access Vulnerability A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user.
CVE-2023-20253: Cisco Catalyst SD-WAN Manager Unauthorized Configuration Rollback Vulnerability A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with read-only privileges to bypass authorization and roll back controller configurations, which could then be deployed to the downstream routers.
CVE-2023-20034: Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability A vulnerability in the access control implementation for Elasticsearch that is used in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to access the Elasticsearch database of an affected system with the privileges of the Elasticsearch user.
CVE-2023-20254: Cisco Catalyst SD-WAN Manager Authorization Bypass Vulnerability A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.
CVE-2023-20262: Cisco Catalyst SD-WAN Manager Denial of Service Vulnerability A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected.
Cisco Catalyst SD-WAN Manager
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/cisco-wan-manager-vulnerabilities/amp/
Cisco has released free software updates that addresses these vulnerabilities. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels.
CVE-2023-20252, CVE-2023-20253, CVE-2023-20034, CVE-2023-20254, and CVE-2023-20262
Buffer Overflow vulnerability has been found in ZYXEL's ZYXEL-PMG2005-T20B device, which might lead to a denial-of-service scenario. Because the user-supplied input on their HTTP request was not properly sanitized, this circumstance exists.By submitting a specially written script to the uid argument in the cgi-bin/login.asp, a threat actor can exploit this vulnerability and finally trigger the DoS scenario. The severity of this issue, which has been given the CVE code CVE-2023-43314, is being examined. When the number of admin in the uid exceeds the maximum threshold of 50, the ZYXEL-PMG2005-T20B product develops this vulnerability, which causes the application to crash when processed in the backend. A SESSIONID parameter is also included to the HTTP request's COOKIE header in order to establish a functional session with the ZYXEL product. However, more investigation showed that, in accordance with the ZyXEL website, the ZYXEL-PMG2005-T20B product has achieved End-of-Life.
ZYXEL
https://gbhackers.com/zyxel-buffer-overflow-vulnerability/amp/
Employing "Trustifi" AI-Powered Email Security Solutions may protect your company from the most hazardous email threats of the present, including Email Tracking, Blocking, Modifying, Phishing, Account Takeover, Business Email Compromise, Malware & Ransomware.
CVE-2023-43314
A critical security vulnerability (CVE-2023-42793) in JetBrains TeamCity CI/CD software could be exploited by unauthenticated attackers to achieve remote code execution, potentially leading to source code theft, service secrets exposure, and supply chain compromise. The flaw has been patched in TeamCity version 2023.05.4, but it only affects on-premise versions. JetBrains recommends immediate upgrades and has released a security patch plugin for older versions. Additionally, two high-severity flaws in Atos Unify OpenScape products (CVE-2023-36618 and CVE-2023-36619) have been disclosed and patched, allowing attackers to execute commands and access configuration scripts. Sonar also highlighted critical XSS vulnerabilities in encrypted email solutions recently.
JetBrains TeamCity
https://thehackernews.com/2023/09/critical-jetbrains-teamcity-flaw-could.html
Upgrade TeamCity to versions 8.0