End-of-Day report
Timeframe: Freitag 31-07-2020 18:00 - Montag 03-08-2020 18:00
Handler: Dimitri Robl
Co-Handler: Robert Waldner
News
Warnung vor Sicherheitslücke in Abus-Alarmanlagen
Aufgrund einer neuen Sicherheitslücke ist es möglich, die Alarmanlage aus der Ferne zu deaktivieren.
https://futurezone.at/produkte/abus-alarmanlagen-warnung-vor-sicherheitsluecke/400989986
The core of Apple is PPL: Breaking the XNU kernels kernel
This bypass was reported as Project Zero issue 2035 and fixed in iOS 13.6; you can find a POC that demonstrates how to map arbitrary physical addresses into EL0 there.
https://googleprojectzero.blogspot.com/2020/07/the-core-of-apple-is-ppl-breaking-xnu.html
Emotet is back- and where are we?
A couple weeks ago, Emotet sprang back to life. The first new spam messages started flowing after a five month hiatus.
https://team-cymru.com/2020/07/31/emotet-is-back-and-where-are-we/
TCC-Absicherung in macOS "komplett geknackt"
Einem Sicherheitsexperten ist es gelungen, Apples eigentlich drakonische "Entitlement Checks" zu umgehen. Das Problem wurde gepatcht.
https://heise.de/-4860891
Meetup fixes security flaws which could have allowed hackers to take over groups
Researchers at Checkmarx detail "Holy Grail" of two vulnerabilities, now patched.
https://www.zdnet.com/article/meetup-fixes-security-flaws-which-could-have-allowed-hackers-to-take-over-groups/#ftag=RSSbaffb68
Vulnerabilities
Drupal: Group - Critical - Information Disclosure - SA-CONTRIB-2020-030
Security risk: Critical 15-25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:ALL
This vulnerability is mitigated by the fact that the victim must have the GroupNode plugin installed on their website and have no other hook_node_grants() implementations on their website aside from the one that was recently removed by Group. If you do not use the GroupNode plugin or still have hook_node_grants() implementing modules enabled, your site may not be affected.
Solution: Install the latest version
https://www.drupal.org/sa-contrib-2020-030
Security updates for Friday
Security updates have been issued by Debian (grub2 and mercurial), Fedora (chromium, firefox, and freerdp), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox, grub2, and kernel), and SUSE (ghostscript and targetcli-fb).
https://lwn.net/Articles/827697/
Security updates for Monday
Security updates have been issued by Arch Linux (ffmpeg, libjcat, mbedtls, tcpreplay, and wireshark-cli), Debian (ark, evolution-data-server, libjpeg-turbo, libopenmpt, libpam-radius-auth, libphp-phpmailer, libssh, ruby-zip, thunderbird, and transmission), Fedora (chromium, clamav, claws-mail, evolution-data-server, freerdp, glibc, java-latest-openjdk, nspr, and nss), Gentoo (libsndfile, pycrypto, python, snmptt, thunderbird, and webkit-gtk), Mageia (botan2, chocolate-doom, cloud-init, dnsmasq, freerdp/remmina, gssdp/gupnp java-1.8.0-openjdk, matio, microcode, nasm, openjpeg2, pcre2, php-phpmailer, redis, roundcubemail, ruby-rack, thunderbird, virtualbox, xerces-c), openSUSE (claws-mail, ldb, libraw), Oracle (firefox), Red Hat (bind, grub2, grub2, grub2, grub2, grub2, kernel-rt, libvncserver, nss, and, nspr, qemu-kvm-rhev), Scientific Linux (firefox), Slackware (thunderbird), SUSE (claws-mail, ldb, libraw, firefox, kernel, kernel, targetcli-fb).
https://lwn.net/Articles/827920/
Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential Cross-Site Scripting (Reflected) vulnerability (CVE-2020-4560)
https://www.ibm.com/blogs/psirt/security-bulletin-financial-transaction-manager-for-high-value-payments-is-affected-by-a-potential-cross-site-scripting-reflected-vulnerability-cve-2020-4560/
Security Bulletin: Watson Machine Learning Service is impacted by security vulnerabilities in OpenJDK 11
https://www.ibm.com/blogs/psirt/security-bulletin-watson-machine-learning-service-is-impacted-by-security-vulnerabilities-in-openjdk-11/
Security Bulletin: IBM i2 Analysts' Notebook and IBM i2 Analysts' Notebook Premium Memory vulnerabilities
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-i2-analysts-notebook-and-ibm-i2-analysts-notebook-premium-memory-vulnerabilities/
Security Bulletin: Apr 2020 : Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway
https://www.ibm.com/blogs/psirt/security-bulletin-apr-2020-multiple-vulnerabilities-in-ibm-java-runtime-affect-cics-transaction-gateway/
Security Bulletin: WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4534)
https://www.ibm.com/blogs/psirt/security-bulletin-websphere-application-server-is-vulnerable-to-a-remote-code-execution-vulnerability-cve-2020-4534/
Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential SQL Injection CVE-2020-4328
https://www.ibm.com/blogs/psirt/security-bulletin-financial-transaction-manager-for-high-value-payments-is-affected-by-a-potential-sql-injection-cve-2020-4328/
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-aix-3/