End-of-Day report
Timeframe: Montag 07-10-2019 18:00 - Dienstag 08-10-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
D-Link Home Routers Open to Remote Takeover Will Remain Unpatched
CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device.
https://threatpost.com/d-link-home-routers-unpatched/148941/
Kriminelle versenden gefälschte Apple Rechnung
Kriminelle fälschen App Store Rechnungen und senden diese wahllos an zahlreiche E-Mail-Adressen. Angeblich wurden Spiele im Wert von rund 80 Euro per Kreditkarte gekauft. Für die Stornierung und Rückerstattung des Betrages haben besorgte EmpfängerInnen die Möglichkeit, einem Link zu folgen. Ignorieren Sie diese Rechnung und klicken Sie nicht auf den Link, denn dieser führt zu einer Phishing-Seite. Im schlimmsten Fall wird Ihr Computer mit Schadsoftware infiziert.
https://www.watchlist-internet.at/news/kriminelle-versenden-gefaelschte-apple-rechnung/
Zero-day published for old Joomla CMS versions
Proof-of-concept code available online; trivial to exploit.
https://www.zdnet.com/article/zero-day-published-for-old-joomla-cms-versions/
Vulnerabilities
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/10/08/apple-releases-security-updates
Patchday: Google schließt zahlreiche kritische Android-Lücken
Zum Oktober-Patchday hat Google unter anderem die kürzlich von Project Zero veröffentlichte kritische Sicherheitslücke in Pixel 1 und 2 beseitigt.
https://heise.de/-4548538
Security updates for Tuesday
Security updates have been issued by Debian (openjpeg2, openssh, and xen), openSUSE (dovecot23, jasper, libseccomp, lxc, putty, and singularity), Red Hat (bind, kernel, polkit, python, and wget), and Ubuntu (unbound).
https://lwn.net/Articles/801692/
SAP Security Patch Day - October 2019
[...] On 8th of October 2019, SAP Security Patch Day saw the release of 7 Security Notes. There is 1 update to previously released Patch Day [...]
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
All In One WP Security & Firewall <= 4.4.1 - Open Redirect & Hidden Login Page Exposure
https://wpvulndb.com/vulnerabilities/9898
SSA-608355: Processor Vulnerabilities Affecting SIMATIC WinAC RTX (F) 2010
https://cert-portal.siemens.com/productcert/txt/ssa-608355.txt
SSA-878278: Denial-of-Service Vulnerability in SIMATIC WinAC RTX (F) 2010
https://cert-portal.siemens.com/productcert/txt/ssa-878278.txt
SSA-984700: Password Storage Vulnerability in SIMATIC IT UADM
https://cert-portal.siemens.com/productcert/txt/ssa-984700.txt
SSA-473245: Denial-of-Service Vulnerability in Profinet Devices
https://cert-portal.siemens.com/productcert/txt/ssa-473245.txt
SSA-349422: Denial-of-Service in Industrial Real-Time (IRT) Devices
https://cert-portal.siemens.com/productcert/txt/ssa-349422.txt
IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js- in IBM Cloud
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-affect-ibm-sdk-for-node-js-in-ibm-cloud-4/
IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where the local attacker can obtain root privilege by injecting parameters into setuid files (CVE-2019-4558)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-where-the-local-attacker-can-obtain-root-privilege-by-injecting-parameters-into-setuid-files-cve-2019-4558/
IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to Information Disclosure (CVE-2019-4512)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-information-disclosure-cve-2019-4512/
Bash vulnerability CVE-2012-6711
https://support.f5.com/csp/article/K05122252
Linux kernel vulnerability CVE-2019-15505
https://support.f5.com/csp/article/K28222050