XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX Security Vulnerabilities

openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2022:10185-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10185-1 advisory. A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition,...

Server-side attacks, C&C in public clouds and other MDR cases we observed

Introduction This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the report is to inform our customers about techniques used by attackers. We hope that learning about the attacks that took place in the wild helps you.....

Security update for EternalTerminal (important)

An update that fixes four vulnerabilities is now available. Description: This update for EternalTerminal fixes the following issues: Update to 6.2.1: CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC socket (boo#1202435) CVE-2022-24950: Fixed privilege escalation to...

Security update for EternalTerminal (important)

An update that fixes four vulnerabilities is now available. Description: This update for EternalTerminal fixes the following issues: Update to 6.2.1: CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC socket (boo#1202435) CVE-2022-24950: Fixed privilege escalation to...

Security update for the Linux Kernel (important)

An update that solves 32 vulnerabilities, contains two features and has 84 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2016-3695: Fixed an issue inside the...

Leeloo Multipath Authorization Bypass / Symlink Attack

...

Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM...

CVE-2022-33217

Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...

CVE-2022-33217

Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...

Memory corruption

Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...

Security update for the Linux Kernel (important)

An update that solves 26 vulnerabilities, contains two features and has 89 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...

CVE-2022-33217

Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...

Uncommon infection and malware propagation methods

Introduction We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing. There will be exceptions, naturally, as we will encounter RCE vulnerabilities every now and then, or if the attacker is already on the network, they will use tools like...

CVE-2009-3527

Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory...

CVE-2009-3527

Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory...

CVE-2017-1000121

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple...

CVE-2017-1000122

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple...

CVE-2017-1000122

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple...

CVE-2017-1000122

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple...

CVE-2017-1000121

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple...

CVE-2017-1000121

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple...

CVE-2018-16546

Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by...

CVE-2012-4879

The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest...

CVE-2012-4879

The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest...

CVE-2012-3013

WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP...

CVE-2012-3013

WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP...

Attacking Encrypted HTTP Communications

TL;DR The Reolink RLC-520A PoE camera obfuscates its HTTP communication by encrypting the POST body data. This level of security does defend against opportunistic attackers but falls short when defending against persistent attackers. Introduction Different embedded devices have their own take on...

Security Bulletin: Vulnerabilities in Linux Kernel, OpenSSL, Golang Go, and Zlib may affect IBM Spectrum Protect Plus

Summary Linux Kernel, OpenSSL, Golang Go, and Zlib vulnerabilities such as obtaining sensitive information, execution of arbitrary code, denial of service, and bypassing security restrictions may affect IBM Spectrum Protect Plus. Vulnerability Details ** CVEID: CVE-2022-2097 DESCRIPTION:...

Security Bulletin: Vulnerabilities in Linux Kernel and OpenSSL may affect IBM Spectrum Copy Data Management

Summary Vulnerabilities in the Linux Kernel and OpenSSL such as elevation of privileges, execution of arbitrary code, denial of service, obtaining sensitive information, and buffer overflow may affect IBM Spectrum Copy Data Management. Vulnerability Details ** CVEID: CVE-2022-1729 DESCRIPTION:...

ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...

ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot

ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...

Security update for the Linux Kernel (important)

An update that solves 23 vulnerabilities, contains 5 features and has 88 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...

Security update for the Linux Kernel (important)

An update that solves 25 vulnerabilities, contains four features and has 91 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that...

Security update for the Linux Kernel (important)

An update that solves 15 vulnerabilities, contains one feature and has 61 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...

kernel security, bug fix, and enhancement update

[4.18.0-372.26.1.0.1_6.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict...

Exploit for Vulnerability in Google Android

Fluoride Bluetooth stack Building and running on AOSP...

Exploit for Use After Free in Google Android

Fluoride Bluetooth stack Building and running on AOSP...

Trojan.Win32.Autoit.fhj MVID-2022-0638 NULL DACL

...

CVE-2022-38701 IPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.

OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive...

Zero-day puts a dent in Chrome's mojo

On Friday, Google announced the release of a new version of its Chrome browser that includes a security fix for a zero-day tracked as CVE-2022-3075. As with previous announcements, technical details about the vulnerability won't be released until a certain number of Chrome users have already...

Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability

Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validation in Mojo, which refers to a collection of...

Security update for the Linux Kernel (important)

An update that solves 11 vulnerabilities and has 44 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. NOTE: This update has been retracted, as it has caused regressions on multiple machines types. The...

Security update for the Linux Kernel (important)

An update that solves 10 vulnerabilities, contains one feature and has 43 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901:...

Security update for the Linux Kernel (important)

An update that solves 11 vulnerabilities and has 49 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new...

ICPR Certificate Management

Request certificates via MS-ICPR (Active Directory Certificate Services). Depending on the certificate template's configuration the resulting certificate can be used for various operations such as authentication. PFX certificate files that are saved are encrypted with a blank password. This module....

Exploit for Path Traversal in Secureauth Impacket

CVE-2021-31800 - Impacket SMB Server Arbitrary file...