End-of-Day report
Timeframe: Freitag 13-12-2019 18:00 - Montag 16-12-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
PCI Point-to-Point Encryption Standard 3.0 released
The PCI Security Standards Council (PCI SSC) has updated the PCI Point-to-Point Encryption Standard (P2PE) and supporting program. PCI P2PE Version 3.0 simplifies the process for component and solution providers to validate their P2PE products for cardholder data protection efforts.
https://www.helpnetsecurity.com/2019/12/16/pci-point-to-point-encryption-standard/
Vulnerabilities
Javascript: Node-Pakete können Binärdateien unterjubeln
Eine Sicherheitslücke in den Paketmanangern für Node.js, NPM und Yarn, ermöglicht das Unterschieben und Manipulieren von Binärdateien auf dem Client-System. Updates stehen bereit.
https://www.golem.de/news/javascript-node-pakete-koennen-binaerdateien-unterjubeln-1912-145557-rss.html
2019-11-12: Cybersecurity Advisory - Automation Builder 2.2 (and earlier), Drive Application Builder 1.0
ABB is aware of public reports of a vulnerability in the product versions listed above.
This issue will be fixed by
· Version 2.3.0 of Automation Builder. The release of this version is expected for end of Q1 2020
· Version 1.1.0 of Drive Application Builder. The release of this version is expected for end of 2019
An attacker who successfully exploited this vulnerability could insert and run arbitrary JavaScript and/or ActiveX code.
https://search.abb.com/library/Download.aspx?DocumentID=3ADR010465&LanguageCode=en&DocumentPartId=&Action=Launch
Multiple Vulnerabilities in ABB PB610 PanelBuilder 600
ABB is aware of a private report of four vulnerabilities in PB610 Panel Builder 600, versions 2.8.0.424 and earlier, affecting the HMIStudio and HMISimulator components. The vulnerabilities are corrected in version 2.8.0.460.
http://www02.abb.com/GLOBAL/GAD/GAD01626.NSF/0/1520A33C30E2562EC12584D20058CC59?OpenDocument
Vulnerability Spotlight: Multiple vulnerabilities in WAGO PFC200
The WAGO PFC200 and PFC100 controllers contain multiple exploitable vulnerabilities. The PFC200 is one of WAGO-s programmable automation controllers that are used in many industries including automotive, rail, power engineering, manufacturing and building management. The vulnerabilities disclosed here all have their root cause within the protocol handling code of the I/O Check (iocheckd) configuration...
https://blog.talosintelligence.com/2019/12/vulnerability-spotlight-multiple.html
Security updates for Monday
Security updates have been issued by Debian (davical, intel-microcode, libpgf, php-horde, spamassassin, spip, and thunderbird), Mageia (clementine, dnsmasq, git, jasper, kdelibs4, kernel, libcroco, libgit2, libvirt, ncurses, openafs, proftpd, qbittorrent, signing-party, squid, and wireshark), openSUSE (java-1_8_0-openjdk and postgresql), Oracle (kernel), Red Hat (chromium-browser and openslp), and SUSE (kernel, libssh, and xen).
https://lwn.net/Articles/807412/
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-z-tpf/
Security Bulletin: API Connect is impacted by credential caching
https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-impacted-by-credential-caching/
Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-kubernetes-shipped-with-powerai-vision/
Security Bulletin: IBM MQ is vulnerable to a denial of service attack caused by an abend while processing messages. (CVE-2019-4560)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-a-denial-of-service-attack-caused-by-an-abend-while-processing-messages-cve-2019-4560/