End-of-Day report
Timeframe: Montag 08-10-2018 18:00 - Dienstag 09-10-2018 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Millionen Xiongmai-Überwachungskameras durch Cloud-Feature unsicher (XMEye P2P Coud)
Über 9 Millionen IoT-Geräte des chinesischem OEM-Herstellers "Xiongmai" sind unsicher (selbst jene hinter einer Firewall), weil sie ein unsicheres Cloud-Feature namens "XMEye P2P cloud" standardmäßig aktiv haben.
https://www.sec-consult.com/blog/2018/10/millionen-xiongmai-ueberwachungskameras-durch-cloud-feature-unsicher-xmeye-p2p-coud/
Sicherheitsupdates: Kritische Lücken in Cisco DNA gefährden ganze Netzwerke
Cisco stellt Patches für verschiedene Produkte bereit und schließt damit viele Sicherheitslücken.
http://heise.de/-4184517
Oktober ist Europäischer Monat der Cyber-Sicherheit!
Auch diesen Oktober nimmt Österreich wieder an der EU-weiten Kampagne European Cyber Security Month (ECSM) teil. Im Fokus steht dabei die Bewusstseinsbildung für Risiken im Netz.
https://www.watchlist-internet.at/news/oktober-ist-europaeischer-monat-der-cyber-sicherheit/
Vulnerabilities
[20181005] - Core - CSRF hardening in com_installer
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12 Exploit type: CSRF Reported Date: 2018-September-26 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17858 Description Added additional CSRF hardening in com_installer actions in the backend. Affected Installs Joomla! CMS versions 2.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. Reported By: Raviraj A. Powar
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/nfI3_UnJIrM/755-20181005-core-csrf-hardening-in-com-installer.html
[20181004] - Core - ACL Violation in com_users for the admin verification
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 1.5.0 through 3.8.12 Exploit type: ACL Violation Reported Date: 2017-December-27 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17855 Description In case that an attacker gets access to the mail account of an user who can approve admin verifications in the registration process he can activate himself. Affected Installs Joomla! CMS versions 1.5.0 through 3.8.12 Solution Upgrade to version 3.8.13
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/qGhSucxwoZo/754-20181004-core-acl-violation-in-com-users-for-the-admin-verification.html
[20181003] - Core - Access level Violation in com_tags
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.1.0 through 3.8.12 Exploit type: ACL Violation Reported Date: 2018-June-20 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17857 Description Inadequate checks on the tags search fields can lead to an access level violation. Affected Installs Joomla! CMS versions 3.1.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre.
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/nIIfD6jUDgU/753-20181003-core-access-level-violation-in-com-tags.html
[20181002] - Core - Inadequate default access level for com_joomlaupdate
Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 2.5.4 through 3.8.12 Exploit type: Object Injection Reported Date: 2018-June-21 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17856 Description Joomla-s com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access com_joomlaupdate and trigger a code execution. Affected Installs Joomla! CMS versions 2.5.4 through 3.8.12
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/MptbHWIJjXM/752-20181002-core-inadequate-default-access-level-for-com-joomlaupdate.html
[20181001] - Core - Hardening com_contact contact form
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12 Exploit type: Incorrect Access Control Reported Date: 2018-September-17 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17859 Description Inadequate checks in com_contact could allowed mail submission in disabled forms. Affected Installs Joomla! CMS versions 2.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. Reported By: David Jardin (JSST)
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/lkwPYx4JflE/751-20181001-core-hardening-com-contact-contact-form.html
SAP Security Patch Day - October 2018
On 9th of October 2018, SAP Security Patch Day saw the release of 11 Security Notes. Additionally, there were 4 updates to previously released security notes.
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095
SSA-347726: Denial-of-Service Vulnerability in SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open Controller
Versions of SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200 SP Open Controller are affected by a denial-of-service vulnerability. An attacker with network access to the PLC can cause a Denial-of-Service condition on the network stack.
https://cert-portal.siemens.com/productcert/txt/ssa-347726.txt
SSA-254686: Foreshadow / L1 Terminal Fault Vulnerabilities in Industrial Products
Security researchers published information on vulnerabilities known as Foreshadow and L1 Terminal Fault (L1TF). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
https://cert-portal.siemens.com/productcert/txt/ssa-254686.txt
SSA-464260: TLS ROBOT vulnerability in SCALANCE W1750D
The latest update for SCALANCE W1750D addresses a vulnerability known as _ROBOT Attack_. The vulnerability could allow an attacker to decrypt TLS traffic. Siemens provides a firmware update and recommends users to update to the new version.
https://cert-portal.siemens.com/productcert/txt/ssa-464260.txt
SSA-493830: Privilege Escalation in ROX II
The latest update for ROX II fixes two vulnerabilities. One vulnerability could allow an attacker with a low-privileged user account to execute arbitrary commands. The other vulnerability could allow an attacker with a low-privileged user account to escalate his privileges.
https://cert-portal.siemens.com/productcert/txt/ssa-493830.txt
SSA-507847: Cross-Site Request Forgery Vulnerability in SIMATIC S7-1200 CPU Family
The latest firmware update for S7-1200 CPU family version 4 fixes a Cross-Site Request Forgery vulnerability. Siemens recommends to update affected devices as soon as possible.
https://cert-portal.siemens.com/productcert/txt/ssa-507847.txt
Security updates for Tuesday
Security updates have been issued by Arch Linux (git), Debian (kernel, samba, and tinc), Fedora (kernel-headers), Oracle (firefox), Red Hat (firefox and qemu-kvm-rhev), Scientific Linux (firefox), SUSE (java-1_8_0-ibm, kubernetes-salt, velum, libxml2, and postgresql10), and Ubuntu (libxkbcommon).
https://lwn.net/Articles/767948/
iCloud for Windows 7.7
https://support.apple.com/kb/HT209141
iOS 12.0.1
https://support.apple.com/kb/HT209162
Zimbra Collaboration Suite: Eine Schwachstelle ermöglicht das Darstellen falscher Informationen
https://adv-archiv.dfn-cert.de/adv/2018-2038/
IBM Security Bulletin: IBM Netcool/OMNIbus Probe DSL Factory Framework is affected by Apache Camel-s Core vulnerability
https://www-01.ibm.com/support/docview.wss?uid=ibm10731893
IBM Security Bulletin: Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler
http://www.ibm.com/support/docview.wss?uid=ibm10734305
Remote Code Execution via XMeye P2P Cloud in Xiongmai IP Cameras, NVRs and DVRs
https://www.sec-consult.com/en/blog/advisories/vulnerabilities-xiongmai-ip-cameras-nvrs-dvrs-cve-2018-17915-cve-2018-17917-cve-2018-17919/