Tageszusammenfassung - 16.12.2019

End-of-Day report

Timeframe: Freitag 13-12-2019 18:00 - Montag 16-12-2019 18:00 Handler: Robert Waldner Co-Handler: n/a

News

PCI Point-to-Point Encryption Standard 3.0 released

The PCI Security Standards Council (PCI SSC) has updated the PCI Point-to-Point Encryption Standard (P2PE) and supporting program. PCI P2PE Version 3.0 simplifies the process for component and solution providers to validate their P2PE products for cardholder data protection efforts.

https://www.helpnetsecurity.com/2019/12/16/pci-point-to-point-encryption-standard/

Vulnerabilities

Javascript: Node-Pakete können Binärdateien unterjubeln

Eine Sicherheitslücke in den Paketmanangern für Node.js, NPM und Yarn, ermöglicht das Unterschieben und Manipulieren von Binärdateien auf dem Client-System. Updates stehen bereit.

https://www.golem.de/news/javascript-node-pakete-koennen-binaerdateien-unterjubeln-1912-145557-rss.html


2019-11-12: Cybersecurity Advisory - Automation Builder 2.2 (and earlier), Drive Application Builder 1.0

ABB is aware of public reports of a vulnerability in the product versions listed above. This issue will be fixed by · Version 2.3.0 of Automation Builder. The release of this version is expected for end of Q1 2020 · Version 1.1.0 of Drive Application Builder. The release of this version is expected for end of 2019 An attacker who successfully exploited this vulnerability could insert and run arbitrary JavaScript and/or ActiveX code.

https://search.abb.com/library/Download.aspx?DocumentID=3ADR010465&LanguageCode=en&DocumentPartId=&Action=Launch


Multiple Vulnerabilities in ABB PB610 PanelBuilder 600

ABB is aware of a private report of four vulnerabilities in PB610 Panel Builder 600, versions 2.8.0.424 and earlier, affecting the HMIStudio and HMISimulator components. The vulnerabilities are corrected in version 2.8.0.460.

http://www02.abb.com/GLOBAL/GAD/GAD01626.NSF/0/1520A33C30E2562EC12584D20058CC59?OpenDocument


Vulnerability Spotlight: Multiple vulnerabilities in WAGO PFC200

The WAGO PFC200 and PFC100 controllers contain multiple exploitable vulnerabilities. The PFC200 is one of WAGO-s programmable automation controllers that are used in many industries including automotive, rail, power engineering, manufacturing and building management. The vulnerabilities disclosed here all have their root cause within the protocol handling code of the I/O Check (iocheckd) configuration...

https://blog.talosintelligence.com/2019/12/vulnerability-spotlight-multiple.html


Security updates for Monday

Security updates have been issued by Debian (davical, intel-microcode, libpgf, php-horde, spamassassin, spip, and thunderbird), Mageia (clementine, dnsmasq, git, jasper, kdelibs4, kernel, libcroco, libgit2, libvirt, ncurses, openafs, proftpd, qbittorrent, signing-party, squid, and wireshark), openSUSE (java-1_8_0-openjdk and postgresql), Oracle (kernel), Red Hat (chromium-browser and openslp), and SUSE (kernel, libssh, and xen).

https://lwn.net/Articles/807412/


Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-z-tpf/


Security Bulletin: API Connect is impacted by credential caching

https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-impacted-by-credential-caching/


Security Bulletin: A security vulnerability has been identified in Kubernetes shipped with PowerAI Vision

https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-kubernetes-shipped-with-powerai-vision/


Security Bulletin: IBM MQ is vulnerable to a denial of service attack caused by an abend while processing messages. (CVE-2019-4560)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-a-denial-of-service-attack-caused-by-an-abend-while-processing-messages-cve-2019-4560/