New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack —...

CVE-2019-5137

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13...

CVE-2019-5137

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13...

Hardcoded credentials

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13...

CVE-2019-5137

The Moxa AWK-3131A Series (firmware 1.13) ServiceAgent uses a hard-coded cryptographic key, enabling decryption of network traffic to/from the device. CVE-2019-5137 (CVSSv3 7.5) details the root cause and impact (confidentiality HIGH). A vendor patch is available; apply the security update from M...

CVE-2019-4557

IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206...

CVE-2019-4557

IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206...

CVE-2019-4557

IBM QRadar Advisor With Watson App for IBM QRadar SIEM (versions 1.1–2.5) is affected by CVE-2019-4557 due to the use of weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information stored in the app. The IBM security bulletin (A4C6...): rem...

Cisco Web Security Appliance Decryption Policy Bypass Vulnerability (cisco-sa-20190206-wsa-bypass)

According to its self-reported version, Cisco Web Security Appliance WSA is affected by a decryption policy bypass vulnerability. An unauthenticated, remote attacker can bypass a configured drop policy and allow unauthorized traffic onto the network. Please see the included Cisco BIDs and Cisco...

Amazon Linux AMI : openssl (ALAS-2020-1344)

The version of openssl installed on the remote host is prior to 1.0.2k-16.151. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1344 advisory. In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker,...

Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key

Summary The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. Tested Versions Moxa AWK-3131A Firmware version 1.13 Product URLs...

DLLPasswordFilterImplant - DLL Password Filter Implant With Exfiltration Capabilities

DLLPasswordFilterImplant is a custom password filter DLL that allows the capture of a user's credentials. Each password change event on a domain will trigger the registered DLL in order to exfiltrate the username and new password value prior successfully changing it in the Active Directory AD. Fo...

Return Of Bleichenbacher's Oracle Threat

ROBOT is the return of a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server. Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: The details are pretty heavily documented on robotattack.org, so no need to...

Authentication flaw

TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the...

CVE-2019-4540

IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...

CVE-2019-4540

IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...

Windows Gather TeamViewer Passwords

This module will find and decrypt stored TeamViewer passwords This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework @blurbdust based this code off of...

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-12404)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen...

CVE-2019-4639

IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1063)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...