End-of-Day report
Timeframe: Donnerstag 09-01-2020 18:00 - Freitag 10-01-2020 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
This is the first blog post in a three-part series that will detail how a vulnerability in iMessage can be exploited remotely without any user interaction on iOS 12.4 (fixed in iOS 12.4.1 in August 2019). It is essentially a more detailed version of my 36C3 talk from December 2019.
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging
Time to start 2020? No better time for writing about the TTD (Time Travel Debugging) feature from WinDBG.
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
Vulnerabilities
D-LINK Router: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten
Betroffene Systeme: D-LINK Router DCS-935L, D-LINK Router DCS-960L
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in D-LINK Routern ausnutzen, um die Kontrolle über das Gerät zu übernehmen.
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2020/01/warnmeldung_tw-t20-0007.html
VMSA-2020-0001 - VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability (CVE-2020-3940)
VMware Workspace ONE SDK and dependent mobile applications do not properly handle certificate verification failures if SSL Pinning has been enabled in the Workspace ONE UEM Console. VMware has evaluated the severity of this issue to be in the moderate severity range with a maximum CVSSv3 base score of 6.8.
https://www.vmware.com/security/advisories/VMSA-2020-0001.html
Security updates for Friday
Security updates have been issued by Debian (ldm and sa-exim), Mageia (firefox), openSUSE (chromium, firefox, and thunderbird), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork, firefox, log4j, nodejs10, nodejs12, and openssl-1_0_0), and Ubuntu (firefox).
https://lwn.net/Articles/809175/
Mattermost security update 5.18.1 / 5.17.3 / 5.16.5 / 5.9.8 (ESR) released
We have released a recommended security update via Mattermost Team Edition 5.18.1, 5.17.3, 5.16.5, 5.9.8 (ESR) and Mattermost Enterprise Edition 5.18.1, 5.17.3, 5.16.5, 5.9.8 (ESR). This security update addresses a high level vulnerability discovered during a security research review by Juho Nurminen.
https://mattermost.com/blog/mattermost-security-update-5-18-1-5-17-3-5-16-5-5-9-8-esr-released/