VMware Workstation, VMware Fusion Security Vulnerabilities

RCE to Sliver: IR Tales from the Field

Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source....

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...

Moderate Photon OS Security Update - PHSA-2024-5.0-0208

Updates of ['dbus'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-3.0-0727

Updates of ['bindutils'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-4.0-0565

Updates of ['linux', 'linux-aws', 'unbound', 'linux-secure', 'linux-rt'] packages of Photon OS have been...

CVE-2023-6138

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential...

CVE-2023-6138

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential...

Information disclosure

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential...

CVE-2023-6138

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID:...

CVE-2023-27975

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering...

CVE-2023-27975

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering...

Design/Logic Flaw

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering...

CVE-2023-27975

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering...

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and.....

Important Photon OS Security Update - PHSA-2024-5.0-0205

Updates of ['unbound'] packages of Photon OS have been...

RansomHouse am See

RansomHouse am See By Pham Duy Phuc, Max Kersten in collaboration with Noël Keijzer and Michaël Schrijver from Northwave · February 14, 2024 Ransom gangs make big bucks by extorting victims, which sadly isn’t new. Their lucrative business allows them not only to live off the stolen money, but also....

Important Photon OS Security Update - PHSA-2024-3.0-0726

Updates of ['unbound'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-5.0-0206

Updates of ['linux-secure', 'linux-rt', 'linux'] packages of Photon OS have been...

RHEL 7 : .NET 6.0 (RHSA-2024:0814)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0814 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Moderate Photon OS Security Update - PHSA-2024-5.0-0207

Updates of ['bluez'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-4.0-0564

Updates of ['postgresql14', 'postgresql13'] packages of Photon OS have been...

Fat Patch Tuesday, February 2024 Edition

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Boot arbitrary denial of service vulnerability ( CVE-2023-34055)

Summary Potential VMware Tanzu Spring Boot arbitrary denial of service vulnerability ( CVE-2023-34055) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details **...

(RHSA-2024:0797) Important: Satellite 6.14.2 Async Security Update

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard...

Update Rollup 70 for Azure Site Recovery -KB5034599

Update Rollup 70 for Azure Site Recovery -KB5034599 Important: 9.58 version for mobility agent and configuration server was made live for Classic VMware/Physical to Azure scenario, during the 9.57 deployment. This version has not been released for any other scenario. The download links have been...

Intel® PROSet/Wireless and Killer™ Wi-Fi Software February 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software, which might allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. ...

Unbreakable Enterprise kernel security update

[5.15.0-203.146.5.1] - Revert 'selftests/bpf: Test tail call counting with bpf2bpf and data on stack' (Samasth Norway Ananda) [Orabug: 36277693] - Revert 'tcp: fix excessive TLP and RACK timeouts from HZ rounding' (Sherry Yang) [Orabug: 36277684] [5.15.0-203.146.5] - i2c: core: Fix atomic xfer...

KB5034862: Servicing stack update for Windows Server 2016: February 13, 2024

KB5034862: Servicing stack update for Windows Server 2016: February 13, 2024 REMINDERWindows 10, version 1607 Mobile and Mobile Enterprise editions reached the end of support (EOS) on October 9, 2018. These editions will no longer be offered servicing stack updates.Windows 10, version 1607 IoT...

Important Photon OS Security Update - PHSA-2024-4.0-0563

Updates of ['bindutils'] packages of Photon OS have been...

Intel Thunderbolt DCH Drivers for Windows February 2024 Security Updates

Intel has informed HP of potential security vulnerabilities in some Intel® Thunderbolt™ Declarative Componentized Hardware (DCH) drivers for Windows, which might allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing software updates to mitigate these...

Physical bypass of certain HP TamperLock features

Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. Desktop Workstation mitigation...

HP Workstation BIOS Arbitrary Write Security Update

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability. HP has released updates to mitigate the...

Intel Virtual RAID on CPU (VROC) February 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Virtual RAID on CPU (VROC) software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

Important Photon OS Security Update - PHSA-2024-5.0-0204

Updates of ['bindutils'] packages of Photon OS have been...

AMD Processor Vulnerabilities

Bulletin ID: AMD-SB-7009 Potential Impact: Refer to the CVE Details section Severity: Refer to the CVE Details section Summary Researchers disclosed multiple potential vulnerabilities that may impact some AMD processors. AMD has assessed the researchers’ findings and is publishing CVEs and...

Important Photon OS Security Update - PHSA-2024-3.0-0725

Updates of ['linux-rt', 'linux', 'linux-aws', 'linux-esx', 'linux-secure'] packages of Photon OS have been...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in VMware Tanzu Spring Framework [CVE-2023-20861, CVE-2023-20860]

Summary Multiple vulnerabilities in VMware Tanzu Spring Framework used by InfoSphere Information Server were addressed. [CVE-2023-20861, CVE-2023-20860] Vulnerability Details ** CVEID: CVE-2023-20861 DESCRIPTION: **VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a...

Moderate Photon OS Security Update - PHSA-2024-3.0-0724

Updates of ['ansible'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-3.0-0723

Updates of ['linux-rt', 'yarn', 'linux', 'linux-aws', 'linux-esx', 'linux-secure'] packages of Photon OS have been...

Security Bulletin: Vulnerabilities in Axios, Node.js, VMWare tools, and Linux Kernel might affect IBM Storage Defender – Data Protect.

Summary IBM Storage Defender – Data Protect is vulnerable and that can result in denial of service attacks, cross-site scripting, execution of arbitrary code, gaining elevated privileges, low integrity and confidentiality impacts, and the ability to obtain sensitive information. The...

SUSE: Security Advisory (SUSE-SU-2024:0437-1)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2024-1145)

The remote host is missing an update for the Huawei...

Security Bulletin: IBM i Access Client Solutions is vulnerable to remote credential theft when NTLM is enabled on Windows workstations

Summary IBM i Access Client Solutions (ACS) is vulnerable to remote credential theft when NT LAN Manager (NTLM) is enabled on Windows workstations (CVE-2024-22318). Since IBM i Access Client solutions allows Universal Naming Convention (UNC) paths in its configuration files, if a path is modified.....

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score:.....

CentOS 8 : open-vm-tools (CESA-2023:7265)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7265 advisory. VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...

Moderate Photon OS Security Update - PHSA-2024-3.0-0722

Updates of ['squid', 'dbus'] packages of Photon OS have been...

Moderate Photon OS Security Update - PHSA-2024-5.0-0201

Updates of ['patch'] packages of Photon OS have been...

VMWare Aria Operations for Networks 6.x < 6.12 Multiple Vulnerabilities (VMSA-2024-0002)

According to its self-reported version, the instance of VMWare Aria Operations for Networks running on the remote web server is 6.x &lt; 6.12.0.1706185032. It is, therefore, affected by multiple vulnerabilities: Aria Operations for Networks contains a local privilege escalation vulnerability. A...

Important Photon OS Security Update - PHSA-2024-4.0-0562

Updates of ['ruby'] packages of Photon OS have been...