Security News
Ideally, Google wouldn't split the monthly updates apart in this fashion, but would provide a single, unified set of patches and expect all vendors of Android devices to get up-to-date as soon as possible. As the company admits in its bulletins, there are "Two security patch levels so that Android partners have the flexibility to fix a subset of vulnerabilities that are similar across all Android devices more quickly."
A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "Used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an adversary to execute arbitrary commands on the underlying system.
Cybersecurity researchers have detailed as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba and Avaya network switches that could be abused to gain remote access to enterprise networks and steal valuable information. The new set of flaws, dubbed TLStorm 2.0, renders Aruba and Avaya network switches vulnerable to remote code execution vulnerabilities, enabling an adversary to commandeer the devices, move laterally across the network, and exfiltrate sensitive data.
Five critical remote code execution vulnerabilities in millions Aruba and Avaya devices can be exploited by cybercriminals to take full control of network switches commonly used in airports, hospitals, and hotels, according to Armis researchers. The flaws affect about 10 million devices across HPE's Aruba and Extreme Networks' Avaya switching portfolio, and have severity scores ranging from 9.0 to 9.8 out of 10.
Russia's invasion on Ukraine has put a spotlight on threats to critical infrastructure, which thus far have been mostly physical, impacting water treatment, electricity, and nuclear plants. These threats to critical infrastructure may seem distant, but the involvement of the FBI shows they are not.
Users of Synology and QNAP network-attached storage devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an open-source implemention of the Apple Filing Protocol that allows Unix-like operating systems to serve file servers for Macs.Network-attached storage devices are usually used by small-to-medium businesses and home users for storing and sharing files and backups.
Synology has warned customers that some of its network-attached storage appliances are exposed to attacks exploiting multiple critical Netatalk vulnerabilities. "Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager and Synology Router Manager," Synology said.
Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage appliances until it fixes multiple critical Netatalk vulnerabilities. On QNAP NAS devices, AFP allows macOS systems to access data on the NAS. According to QNAP, it's still used because it "Supports many unique macOS attributes that are not supported by other protocols."
Advanced hackers are actively exploiting a critical remote code execution vulnerability, CVE-2022-22954, that affects in VMware Workspace ONE Access.The issue was addressed in a security update 20 days ago along with two more RCEs - CVE-2022-22957 and CVE-2022-22958 that also affect VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager.
A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim's wallet. "In other words, attackers could gain full control over the victim's wallets."