FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2022-41080 (Microsoft Exchange Server Elevation of Privilege Vulnerability) and CVE-2023-21674 (Microsoft Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability) to their Known Exploited Vulnerabilities catalog on January 10, 2023. The catalog list vulnerabilities that are being actively exploited in the wild and require federal agencies to apply patches by the due date.Why is this Significant?This is significant because CVE-2022-41080 (Microsoft Exchange Server Elevation of Privilege Vulnerability) and CVE-2023-21674 (Microsoft Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability) both on CISA’s Known Exploited Vulnerabilities Catalog are being actively exploited in the wild. As such, patches should be applied to both vulnerabilities as soon as possible.Successful exploitation of CVE-2022-41080 allows attackers to elevate privileges and perform malicious activities. The vulnerability has a CVSS score of 8.8.CVE-2023-21674 can be leveraged for a browser sandbox escape to gain SYSTEM privileges in vulnerable systems. The vulnerability has a CVSS score of 8.8.Has the Vendor Released a Patch for CVE-2022-41080 and CVE-2023-21674?Yes. Patches for CVE-2022-41080 and CVE-2023-21674 are available.What is the Status of Protection?FortiGuard Labs have the following IPS protection in place for CVE-2022-41080 and CVE-2023-21674:CVE-2022-41080MS.Exchange.Server.OWA.Remote.Code.Execution (default action is set to “pass”)CVE-2023-21674Microsoft Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability (default action is set to “pass”)
The Citrix Linux client emits its session credentials when starting a
Citrix session. These credentials end up being recorded in the client’s
system log.
Citrix do not consider this to be a security vulnerability.
A vulnerability has been found in frontaccounting faplanet and classified as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. The name of the patch is a5dcd87f46080a624b1a9ad4b0dd035bbd24ac50. It is recommended to apply a patch to fix this issue. VDB-218398 is the identifier assigned to this vulnerability.
USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Net-SNMP incorrectly handled certain requests. A
remote attacker could possibly use these issues to cause Net-SNMP to crash,
resulting in a denial of service.
Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled
memory operations when processing certain requests. A remote attacker could
use this issue to cause Net-SNMP to crash, resulting in a denial of
service, or possibly execute arbitrary code.
A vulnerability, which was classified as critical, was found in antonbolling clan7ups. Affected is an unknown function of the component Login/Session. The manipulation leads to sql injection. The name of the patch is 25afad571c488291033958d845830ba0a1710764. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218388.
A vulnerability was found in msmania poodim. It has been declared as critical. This vulnerability affects unknown code of the component Command Line Argument Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The name of the patch is 6340d5d2c81e55e61522c4b40a6cdd5c39738cc6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218392.
It was discovered that Apache Maven followed repositories that are defined
in a dependency’s Project Object Model (pom) even if the repositories
weren’t encryptedh (http protocol). An attacker could use this
vulnerability to take over a repository, execute arbitrary code or cause a
denial of service.
A logic error was discovered in the implementation of the SafeSocks
option of Tor, a connection-based low-latency anonymous communication
system, which did result in allowing unsafe SOCKS4 traffic to pass.
