CISA and Partners Release Advisory on Ghost (Cring) Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI and Multi-State Information Sharing and Analysis Center MS-ISAC—released a joint Cybersecurity Advisory, StopRansomware: Ghost Cring Ransomware. This advisory provides network defenders with indicators of compromise IOCs,...

Sera 1.2 - Local Privilege Escalation Password Disclosure

Sera 1.2 - Local Privilege Escalation Password Disclosure Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at:...

Sera 1.2 Local Root / Password Disclosure

Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at: /Library/Preferences/no.ignitum.SeraOSX.plist This makes root privilege...

Cisco Wireless LAN Controller IPv6 IAPP WIPS Report Vulnerability

A vulnerability in the Internet Access Point Protocol IAPP module of the Cisco Wireless LAN Controller WLC could allow an unauthenticated, remote attacker to cause network traffic to be forwarded to an unexpected destination network. The vulnerability is due to improper input validation of the IP...

Cisco TelePresence Video Communication Server Expressway Access Vulnerability

A vulnerability in of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, remote attacker to falsely register their Mobile and Remote Access MRA endpoint. The vulnerability is due to insufficient validation of the registering phone line. An attacker coul...

Cisco Unified Communications Manager root Shell Access Local Privilege Escalation Vulnerability

A vulnerability in the local read file of the Cisco Unified Communications Manager could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user if the attacker has already obtained sensitive information from the system. The vulnerability ...

Cisco Small Business SPA300 and SPA500 Series IP Phones Local Code Execution Vulnerability

A vulnerability in the Cisco Small Business SPA300 and SPA500 Series IP Phones could allow an unauthenticated, local attacker to access the debug shell and file system of the affected device. The vulnerability is due to insufficient authentication implementation in the debug console interface. An...

Cisco Unified Communications Manager CAPF Unauthenticated Blind SQL Injection Vulnerability

A vulnerability in the Certificate Authority Proxy Function CAPF of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to impact the integrity of the system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate...

Cisco Unified Computing System Software KVM Encryption Vulnerability

A vulnerability in Cisco Unified Computing System software KVM could allow an unauthenticated, remote attacker to intercept a KVM connection to spoof a host or decrypt keyboard and mouse events on an encrypted channel. The vulnerability is due to a hard coded SSL certificate. An attacker could...

Cisco Unified Presence Memory Exhaustion Vulnerability

A vulnerability in the web framework of Cisco Unified Presence could allow an unauthenticated, remote attacker to cause an increase in memory utilization. The vulnerability is due to improper handling of memory allocation when the affected system is flooded with malformed TCP packets. An attacker...