FEDORA-2023-8a135f6aa7

Packages in this update:

golang-1.19.11-1.fc37

Update description:

This update includes a security fix to the net/http package, as well as bug fixes to the compiler, cgo, the cover tool, the go command, the runtime, and the crypto/ecdsa, go/build, go/printer, net/mail, and text/template packages.

Read More

FEDORA-2023-eb60fcd505

Packages in this update:

golang-1.20.6-1.fc38

Update description:

This update includes a security fix to the net/http package, as well as bug fixes to the compiler, cgo, the cover tool, the go command, the runtime, and the crypto/ecdsa, go/build, go/printer, net/mail, and text/template packages.

Read More

The 3DPrint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will create an archive of any files or directories on the target server by tricking a logged in admin into submitting a form. Furthermore the created archive has a predictable location and name, allowing the attacker to download the file if they know the time at which the form was submitted, making it possible to leak sensitive files like the WordPress configuration containing database credentials and secrets.

Read More

A vulnerability has been discovered in Fortinet FortiOS and FortiProxy, which could allow for remote code execution. FortiOS is the Fortinet’s proprietary Operation System which is utilized across multiple product lines. FortiProxy is a secure web gateway that attempts to protects users against internet-borne attacks, and provides protection and visibility to the network against unauthorized access and threats. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

What is Rockwell Automation ControlLogix Communications Modules?

Rockwell Automation ControlLogix communications modules are devices from Rockwell Automation, a US-based automation technology company, and are used by various industry sectors including critical infrastructure to establish communication links between devices.

What is the Attack?

CVE-2023-3595 is an out-of-bounds write vulnerability that affects the vulnerable 1756 EN2* and 1756 EN3* series of Rockwell Automation ControlLogix EtherNet/IP communication modules. Successful exploitation of a vulnerable system via maliciously crafted Common Industrial Protocol (CIP) messages could allow an attacker to perform various actions such as manipulating the firmware of a module, adding new functionality to a module, flushing the module’s memory, forging traffic to and from the module, establishing persistence on the module, and potentially affecting the underlying industrial process, which could result in destructive or disruptive consequences. The vulnerability has a CVSS base score of 9.8 and is rated critical by Rockwell Automation.

CVE-2023-3596 is an out-of-bounds write vulnerability that affects the vulnerable 1756 EN4* series of Rockwell Automation ControlLogix EtherNet/IP communication modules. Successful exploitation of a vulnerable system via maliciously crafted CIP messages could result in a Denial of Service (DoS) condition. The vulnerability has a CVSS base score of 7.5 and is rated high by Rockwell Automation.

Why is this Significant?

This is significant because the Rockwell Automation advisory indicates that an unnamed threat actor reportedly owns the exploit for these vulnerabilities.
FortiGuard Labs advises owners of the vulnerable modules to update the firmware as soon as possible. CISA has also released an advisory to urge users to do the same.

What is the Vendor Solution?

Rockwell Automation has released new firmware that addresses the vulnerabilities.

For more information, please see the Appendix for a link to a Rockwell Automation advisory entitled “Remote Code Execution and Denial-of-Service Vulnerabilities in Select Communication Modules. Note that the advisory requires a valid login.

What FortiGuard Coverage is available?

FortiGuard Labs has released a new IPS signature ” Rockwell.Automation.ControlLogix.Remote.Code.Execution ” in response to CVE-2023-3595 and CVE-2023-3596.

Read More

What is VMware Aria Operations for Logs?

VMware Aria Operations for Logs (formerly known as vRealize Log Insight) is a log analysis and management tool used for troubleshooting and auditing.

What is the Attack?

CVE-2023-20864 a deserialization vulnerability in VMware Aria Operations for Logs that could allow an unauthenticated attacker with network access to execute arbitrary code as root. The vulnerability has a CVSS base score of 9.8 and is rated critical by VMware.

Why is this Significant?

This is significant because VMware confirmed that exploit code for CVE-2023-20864 has been made available. This is expected to lead to an increase in attacks.

FortiGuard Labs advises that the patch should be applied as soon as possible.

What is the Vendor Solution?

VMware released a patch for CVE-2023-20864 on April 20th, 2023.

For details, please refer to the link ” VMSA-2023-0007.1″ in the Appendix.

What FortiGuard Coverage is available?

FortiGuard Labs has a IPS signature ” VMware.AO.InternalClusterController.Insecure.Deserialization” in place for CVE-2023-20864.

Read More

A vulnerability has been discovered in Adobe Coldfusion which could allow for arbitrary code execution. Adobe ColdFusion is a commercial web-application development platform designed to build and deploy web applications. Successful exploitation of this vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More