End-of-Day report
Timeframe: Dienstag 08-01-2019 18:00 - Mittwoch 09-01-2019 18:00
Handler: Robert Waldner
Co-Handler: Dimitri Robl
News
Face Unlock: 42 von 110 Handys lassen sich mit Portrait-Fotos austricksen
Im Test einer NGO ließen sich alle Handys von Nokia und Sony mit Portrait-Fotos entsperren. Die Bilanz anderer Hersteller ist mit einer Ausnahme durchwachsen.
http://heise.de/-4269897
Gefälschte card complete Sicherheits-App enthält Schadsoftware
Internetnutzer/innen finden gefälschte card complete Nachrichten in ihrem Posteingang. Darin behaupten die kriminellen Versender/innen, dass eine Sicherheits-App am Mobiltelefon installiert werden muss, damit die Kreditkarte weiterhin genutzt werden kann. Die App darf nicht heruntergeladen werden, denn sie enthält Schadsoftware!
https://www.watchlist-internet.at/news/gefaelschte-card-complete-sicherheits-app-enthaelt-schadsoftware/
Vulnerabilities
Schneider Electric Zelio Soft 2
This advisory provides mitigation recommendations for a use after free vulnerability in Schneider Electrics Zelio Soft 2 programming platform.
https://ics-cert.us-cert.gov/advisories/ICSA-19-008-01
Schneider Electric IIoT Monitor
This advisory includes mitigations for path traversal, unrestricted upload of file with dangerous type, and XXE vulnerabilities in the Schneider Electric IIoT Monitor software.
https://ics-cert.us-cert.gov/advisories/ICSA-19-008-02
Intel Patches High-Severity Privilege-Escalation Bugs
Overall, the chip giant patched five vulnerabilities across an array of its products.
https://threatpost.com/intel-patches-privilege-escalation-bugs/140665/
Patchday: Fast nur "wichtige" Sicherheitsupdates für Windows & Co.
Microsoft kümmert sich um Software-Schwachstellen in unter anderem Windows. Nutzer sollten eine baldige Installation der Updates sicherstellen.
http://heise.de/-4269105
Security updates for Wednesday
Security updates have been issued by Arch Linux (elfutils, polkit, and tar), Debian (python-django and ruby-loofah), and Mageia (ansible, avidemux, coreutils, discount, nettle, openafs, opensc, and qtbase5).
https://lwn.net/Articles/776310/
Cisco Content Security Management Appliance Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sma-xss
Cisco ASR 900 Series Aggregation Services Router Software Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-asr900-dos
Cisco Webex Business Suite Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-webex-bs-xss
Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tms-xss
Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tcp
Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-pnc-stored-xss
Cisco IP Phone 8800 Series Arbitrary Script Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-phone-script-injection
Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jcf-im-xss
Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jabr-mac-permissions
Cisco Identity Services Engine Password Recovery Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ise-passwd
Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ise-multi-xss
Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ios-ssh-vrf
Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-fpwr-mc-dos
Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos
Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos
Cisco Unified Communications Manager Digest Credentials Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cucm-creds-disclosr
Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent Software Redis Server Unauthenticated Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-redis
Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-graphite-access
Cisco Prime Infrastructure Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cpi-xss
Security Advisory - Two Vulnerabilities in Huawei PCManager Porduct
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190109-01-pcmanager-en
Security Advisory - Use After Free Vulnerability on Several Smartphones
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190109-01-smartphone-en
IBM Security Bulletin: IBM Integration Bus affected by an httpclient package in WAS internally Vulnerability(CVE-2012-5783)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-integration-bus-affected-by-an-httpclient-package-in-was-internally-vulnerabilitycve-2012-5783/