Tageszusammenfassung - 09.01.2019

End-of-Day report

Timeframe: Dienstag 08-01-2019 18:00 - Mittwoch 09-01-2019 18:00 Handler: Robert Waldner Co-Handler: Dimitri Robl

News

Face Unlock: 42 von 110 Handys lassen sich mit Portrait-Fotos austricksen

Im Test einer NGO ließen sich alle Handys von Nokia und Sony mit Portrait-Fotos entsperren. Die Bilanz anderer Hersteller ist mit einer Ausnahme durchwachsen.

http://heise.de/-4269897


Gefälschte card complete Sicherheits-App enthält Schadsoftware

Internetnutzer/innen finden gefälschte card complete Nachrichten in ihrem Posteingang. Darin behaupten die kriminellen Versender/innen, dass eine Sicherheits-App am Mobiltelefon installiert werden muss, damit die Kreditkarte weiterhin genutzt werden kann. Die App darf nicht heruntergeladen werden, denn sie enthält Schadsoftware!

https://www.watchlist-internet.at/news/gefaelschte-card-complete-sicherheits-app-enthaelt-schadsoftware/

Vulnerabilities

Schneider Electric Zelio Soft 2

This advisory provides mitigation recommendations for a use after free vulnerability in Schneider Electrics Zelio Soft 2 programming platform.

https://ics-cert.us-cert.gov/advisories/ICSA-19-008-01


Schneider Electric IIoT Monitor

This advisory includes mitigations for path traversal, unrestricted upload of file with dangerous type, and XXE vulnerabilities in the Schneider Electric IIoT Monitor software.

https://ics-cert.us-cert.gov/advisories/ICSA-19-008-02


Intel Patches High-Severity Privilege-Escalation Bugs

Overall, the chip giant patched five vulnerabilities across an array of its products.

https://threatpost.com/intel-patches-privilege-escalation-bugs/140665/


Patchday: Fast nur "wichtige" Sicherheitsupdates für Windows & Co.

Microsoft kümmert sich um Software-Schwachstellen in unter anderem Windows. Nutzer sollten eine baldige Installation der Updates sicherstellen.

http://heise.de/-4269105


Security updates for Wednesday

Security updates have been issued by Arch Linux (elfutils, polkit, and tar), Debian (python-django and ruby-loofah), and Mageia (ansible, avidemux, coreutils, discount, nettle, openafs, opensc, and qtbase5).

https://lwn.net/Articles/776310/


Cisco Content Security Management Appliance Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sma-xss


Cisco ASR 900 Series Aggregation Services Router Software Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-asr900-dos


Cisco Webex Business Suite Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-webex-bs-xss


Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tms-xss


Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tcp


Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-pnc-stored-xss


Cisco IP Phone 8800 Series Arbitrary Script Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-phone-script-injection


Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jcf-im-xss


Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jabr-mac-permissions


Cisco Identity Services Engine Password Recovery Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ise-passwd


Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ise-multi-xss


Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ios-ssh-vrf


Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-fpwr-mc-dos


Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos


Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos


Cisco Unified Communications Manager Digest Credentials Disclosure Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cucm-creds-disclosr


Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent Software Redis Server Unauthenticated Access Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-redis


Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-graphite-access


Cisco Prime Infrastructure Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cpi-xss


Security Advisory - Two Vulnerabilities in Huawei PCManager Porduct

http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190109-01-pcmanager-en


Security Advisory - Use After Free Vulnerability on Several Smartphones

http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190109-01-smartphone-en


IBM Security Bulletin: IBM Integration Bus affected by an httpclient package in WAS internally Vulnerability(CVE-2012-5783)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-integration-bus-affected-by-an-httpclient-package-in-was-internally-vulnerabilitycve-2012-5783/