Severity Rating: HIGH

Software Affected

NetApp OnCommand Insight versions 7.3.1 through 7.3.14

Overview

A vulnerability has been reported in NetApp OnCommand Insight products which could allow an unauthenticated attacker to bypass security restriction on the targeted system.

Description

This vulnerability exists due to an error in the Data Warehouse component. An attacker could exploit this vulnerability by sending a specially crafted request.

Successful exploitation of this vulnerability could allow an unauthenticated attacker to bypass authentication process, view limited configuration data, view operations or perform privileged operations on the administrative interface on the targeted system.

Solution

Update to the latest version:

Vendor Information

NetApp

References

NetApp

CVE Name

CVE-2022-38733

Severity Rating: CRITICAL

Software Affected

DS-3WF0AC-2NT   Versions below V1.1.0 

DS-3WF01C-2N/O Versions below V1.0.4

Overview

A vulnerability has been reported in Hikvision Wireless Bridge Products, which could allow an attacker to bypass security restrictions on the targeted system.

Description

This vulnerability exists in Hikvision Wireless Bridge Products due to improper parameter handling by the bridges web management interface. An attacker could exploit this vulnerability by sending specially crafted messages to the affected devices.

Successful exploitation of this vulnerability could allow an attacker to bypass security restrictions on the targeted system.

Solution

Upgrade to the latest versions of Hikvision Products as mentioned in the vendor advisory.

Vendor Information

Hikvision

References

 

CVE Name

CVE-2022-28173

Severity Rating: CRITICAL

Software Affected

YITH WooCommerce Gift Cards premium plugin for WordPress version prior to 3.19.0

Overview

A vulnerability has been reported in YITH WooCommerce Gift Cards Premium plugin for WordPress which could allow an attacker to execute arbitrary code on the targeted system.

Description

This vulnerability exists in YITH WooCommerce Gift Cards Premium plugin for WordPress due to an improper validation of file, during file upload. An attacker can exploit this vulnerability by uploading a malicious file.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.

Solution

Upgrade to the latest versions of WordPress as mentioned in the advisory:

Vendor Information

WordPress

References

WordPress

CVE Name

CVE-2022-45359

Severity Rating: High

Overview

In recent times, a Password manager LassPass service was hit by a cyberattack leading to Data Breach. It is reported that the threat actors obtained personal information belonging to its users that include their encrypted password vaults by leveraging data leaked. The data is encrypted and the threat actor could possibly perform brute force attempt to guess the master password, or may carry out phishing, credential stuffing, or other brute force attacks against online accounts associated with your LastPass vault.

Description

It is reported that, threat actors gained access to source code and technical information from the utility¿s developer environment to target users. The threat actors reportedly utilized information copied from backup containing basic customer account information and related metadata from which users were accessing the Password manager service.

The Backup data from the encrypted storage container was stored in a binary format containing both unencrypted data (website URLs) as well as encrypted sensitive fields such as website usernames and passwords, secure notes and form-filled data.

For successful execution the threat actor may target users with a possible brute force attempt to guess the master password, or may perform phishing, credential stuffing and brute force attacks against online accounts associated with the Password manager utility.

Best Practices:

Change your password every 60-90 days on user-level accounts. This ensures threat actors using social engineering, brute force and credential-stuffing attacks cannot use your older passwords to gain access to your systems or data.

Always use strong passwords with a combination of alphabets (both uppercase and lowercase), numerals and special characters. It would minimize the ability for successful brute force password guessing.  

Never reuse the master password on other websites. If you reuse credentials and those credentials gets compromised, hackers can easily access your other accounts as well. The attackers may use dumps of compromised credentials that are already available on the Internet to attempt to access your account.

Do not browse un-trusted websites or click on un-trusted links and exercise caution while clicking on the link provided in any unsolicited emails and SMSs.

Exercise due care before clicking on link provided in the message. Only click on URLs that clearly indicate the website domain. When in doubt, users can search for the organisation's website directly using search engines to ensure that the websites they visited are legitimate.

Keep personal information private. Threat Actors can use social media profiles to gather information and make targeted attack against you.

References

 

Severity Rating: CRITICAL

Software Affected

Linux versions 5.14 through to 5.15.61

Overview

Multiple vulnerabilities have been reported in the ksmbd module of Linux kernel which could allow a remote attacker to execute arbitrary code, disclose sensitive information or cause denial of service conditions on the target system.

Description

1. Use-After-Free Remote Code Execution Vulnerability

This vulnerability exists in the ksmbd module of Linux kernel while processing of SMB2_TREE_DISCONNECT commands due to an error while validating the existence of an object before performing operations on the object. A remote attacker could exploit this vulnerability to cause use-after-free error.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the affected system.

Note: Please note that only those systems with ksmbd enabled are vulnerable.

2. Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability exists in the ksmbd module of Linux kernel while handling of SMB2_WRITE commands due to improper validation of user supplied input. An authenticated remote attacker could exploit this vulnerability to cause an out-of-bound read condition.

Successful exploitation of this vulnerability could allow the attacker to gain sensitive information of the target system. An attacker could exploit this vulnerability in conjunction with other vulnerabilities to execute arbitrary code on the target system.

3. Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability exists in the ksmbd module of Linux kernel while handling of file attributes due to improper validation of user supplied input. An authenticated remote attacker could exploit this vulnerability to cause heap-based buffer overflow conditions.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the affected system.

4. Out-Of-Bounds Read Denial-of-Service Vulnerability

This vulnerability exists in the ksmbd module of Linux kernel while handling of SMB2_TREE_CONNECT commands due to improper validation of user supplied input. An authenticated remote attacker could exploit this vulnerability to cause an out-of-bound read condition.

Successful exploitation of this vulnerability could allow the attacker to cause denial of service conditions on the affected system.

Solution

Apply appropriate patches as mentioned in the following links:

Vendor Information

Kernel.org

References

 

Severity Rating: HIGH

Software Affected

Samba versions prior to 4.15.13

Samba versions prior to 4.16.8

Samba versions prior to 4.17.4

Overview

Multiple vulnerabilities have been reported in Samba which could allow an attacker to gain elevated privileges or bypass security restrictions on the targeted system.

Description

1. Multiple Privilege Elevation Vulnerabilities ( CVE-2022-38023   CVE-2022-37967   CVE-2022-37967   )

These vulnerabilities exist in Samba due to a weak RC4-HMAC Kerberos encryption type in the Netlogon Secure Channel, a weak Windows Kerberos RC4-HMAC component and a weak Kerberos component. A remote attacker could exploit these vulnerabilities by sending a specially crafted data to the affected system.

Successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges on the target system. This could also lead to gaining of administrative privileges for further attacks.

2. Security Bypass Vulnerability ( CVE-2022-45141   )

This vulnerability exists in Samba Active Directory Domain Controller (AC DC) using Heimdal due to a coding error. An attacker could exploit this vulnerability by sending specially crafted data to the affected system.

Successful exploitation of this vulnerability could allow the attacker to bypass security restrictions and select the encryption type to issue RC4-HMAC encrypted tickets for conducting further attacks.

Solution

Apply appropriate software updates as mentioned in the Samba Security Releases:

Vendor Information

Samba

References

Samba

CVE Name

CVE-2022-38023

CVE-2022-37967

CVE-2022-37967

CVE-2022-45141

Severity Rating: HIGH

Software Affected

Adobe Campaign Classic ACC v7: 7.3.1 and earlier versions for Windows and Linux

Adobe Campaign Classic ACC v8: 8.3.9 and earlier versions for Windows and Linux

Overview

A  Vulnerability has been reported in Adobe Campaign Classic which could allow an attacker to gain privileged access on the targeted system.

Description

This Vulnerability exists in Adobe Campaign Classic due to Improper Input Validation. An attacker could exploit this Vulnerability by persuading a victim to open a specially-crafted document.

Successful exploitation of this Vulnerability could allow the attacker to gain privileged access on the targeted system.

Solution

Apply appropriate software updates as mentioned in the Adobe Security Bulletin:

Vendor Information

Adobe

References

Adobe

CVE Name

CVE-2022-42343

Severity Rating: MEDIUM

Software Affected

Adobe Experience Manager (AEM) Cloud Service (CS)

Adobe Experience Manager (AEM) versions 6.5.14.0 and earlier

Overview

Multiple vulnerabilities have been reported in Adobe Experience Manager (AEM) which could be exploited by an attacker to execute arbitrary code or bypass security restrictions on the target system.

Description

These vulnerabilities exist in Adobe Experience Manager (AEM) due to an error while neutralizing user-controllable input (cross-site scripting), improper access control or an error while redirecting a URL to an untrusted site.

Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code or bypass security restrictions on the target system.

Solution

Apply appropriate patches as mentioned in Adobe Security Update

Vendor Information

Adobe

References

Adobe

CVE Name

CVE-2022-42345

CVE-2022-42346

CVE-2022-30679

CVE-2022-42348

CVE-2022-42349

CVE-2022-42350

CVE-2022-42351

CVE-2022-42352

CVE-2022-35693

CVE-2022-42354

CVE-2022-35694

CVE-2022-42356

CVE-2022-42357

CVE-2022-35695

CVE-2022-35696

CVE-2022-42360

CVE-2022-42362

CVE-2022-42364

CVE-2022-42365

CVE-2022-42366

CVE-2022-42367

CVE-2022-44462

CVE-2022-44463

CVE-2022-44465

CVE-2022-44466

CVE-2022-44467

CVE-2022-44468

CVE-2022-44469

CVE-2022-44470

CVE-2022-44471

CVE-2022-44473

CVE-2022-44474

CVE-2022-44488

Severity Rating: HIGH

Software Affected

Google Chrome Stable channel versions prior to 108.0.5359.124 for Mac and Linux

Google Chrome Stable channel versions prior to 108.0.5359.124/125 for Windows

Overview

Multiple Vulnerabilities have been reported in Google Chrome for Desktop which could be exploited by a remote attacker to execute arbitrary code or cause denial of service condition on the targeted system.

Description

These vulnerabilities exist in Google Chrome for Desktop due to Use-after-free in Blink Media, Mojo IPC, Blink Frames, Aura and in Profiles. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted website.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause denial of service condition on the targeted system.

Solution

Apply appropriate updates as mentioned

Vendor Information

Google Chrome

References

Google Chrome

CVE Name

CVE-2022-4436

CVE-2022-4437

CVE-2022-4438

CVE-2022-4439

CVE-2022-4440

Severity Rating: HIGH

Software Affected

Apple iCloud for Windows versions prior to 14.1

Overview

Multiple vulnerabilities have been reported in Apple iCloud for Windows which could allow an attacker to disclose sensitive information, execute arbitrary code or bypass security restrictions on the targeted system.

Description

These vulnerabilities exist in Apple iCloud for Windows due to an out-of-bound write issue in ImageIO and logic issue in the WebKit component. An attacker could exploit these vulnerabilities by executing a specially crafted application.

Successful exploitation of these vulnerabilities could allow the attacker to disclose sensitive information, execute arbitrary code or bypass security restrictions on the target system.

Solution

Apply appropriate patches as mentioned in the Apple Security Updates

Vendor Information

Apple

References

Apple

CVE Name

CVE-2022-46693

CVE-2022-46692

CVE-2022-46698

Severity Rating: CRITICAL

Software Affected

H5P module version prior 7.1.51.

File (Field) Paths module version prior 7.1.2.

Overview

Multiple vulnerabilities have been reported in Drupal which could allow an unauthenticated remote attacker to execute arbitrary code and bypass security restrictions on the targeted system.

Description

1. Access Bypass

This vulnerability exists in the File (Field) Paths module due to extends the default functionality of Drupals core File module. A remote attacker could exploit this vulnerability by guessing the temporary path used for file upload.

Successful exploitation of this vulnerability could allow an attacker to bypass and manage security restrictions.

2. Remote Code Execution

This vulnerability exists in the H5P module due to insufficient stop path traversal. An attacker could exploit this vulnerability with "update h5p libraries" permission to gain unauthorized access.

Successful exploitation of this vulnerability could allow an attacker to perform remote code execution on the targeted system.

Solution

Apply appropriate updates as mentioned:

Vendor Information

Drupal

References

Drupal

Severity Rating: HIGH

Software Affected

Google ChromeOS LTS Channel versions prior to 102.0.5005.193 (Platform Version: 14695.166.0)

Overview

Multiple vulnerabilities have been reported in Google Chrome OS which could be exploited by a remote attacker to execute arbitrary code or cause a denial-of-service condition on the targeted system.

Description

Multiple vulnerabilities exist in Google Chrome OS due to Use after free in Mojo, Audio and Forms; Heap buffer overflow in GPU. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted Web site.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

Vendor Information

Google Chrome

References

Google Chrome

CVE Name

CVE-2022-4178

CVE-2022-4179

CVE-2022-4181

CVE-2022-4135

Severity Rating: High

Software Affected

macOS Ventura 13.1

macOS Big Sur 11.7.2

macOS Monterey 12.6.2

Overview

Multiple vulnerabilities have been reported in Apple products which could allow an attacker to gain elevated privileges, execute arbitrary code, disclose sensitive information and bypass security restriction on the targeted system.

Description

Multiple vulnerabilities exist in various components of Apple macOS Ventura, Big Sur and Monterey products.

Successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges, execute arbitrary code, disclose sensitive information and bypass security restriction on the targeted system.

Solution

Apply appropriate security updates as mentioned in the .   Apple Security Update

Vendor Information

Apple

References

Apple

CVE Name

CVE-2022-42843

CVE-2022-42847

CVE-2022-42865

CVE-2022-42854

CVE-2022-42853

CVE-2022-42859

CVE-2022-32942

CVE-2022-46693

CVE-2022-42864

CVE-2022-46690

CVE-2022-46697

CVE-2022-42837

CVE-2022-46689

CVE-2022-46701

CVE-2022-42842

CVE-2022-42861

CVE-2022-42845

CVE-2022-32943

CVE-2022-42840

CVE-2022-42855

CVE-2022-42862

CVE-2022-24836

CVE-2022-29181

CVE-2022-46695

CVE-2022-42866

CVE-2022-42867

CVE-2022-46691

CVE-2022-46692

CVE-2022-42852

CVE-2022-46696

CVE-2022-46700

CVE-2022-46698

CVE-2022-46699

CVE-2022-42863

CVE-2022-42856

CVE-2022-42841

CVE-2022-42821

CVE-2022-40303

CVE-2022-40304

Severity Rating: HIGH

Software Affected

Apple Safari versions prior to 16.2

Apple iOS version prior to 15.1

Overview

Multiple vulnerabilities have been reported in Apple Safari which could be exploited by an attacker to execute arbitrary code, bypass implemented security restrictions, disclosure of process memory, gain access to potentially sensitive information and bypass Same Origin Policy on the targeted system.

Description

These vulnerabilities are due to boundary error, logic issue, use after free issue excessive, type confusion error in WebKit while processing maliciously crafted web content.

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, bypass implemented security restrictions, disclosure of process memory, gain access to potentially sensitive information and bypass Same Origin Policy on the targeted system.

Solution

Apply appropriate upgrade as mentioned in advisory:

Vendor Information

Apple

References

Apple

CVE Name

CVE-2022-42852

CVE-2022-42856

CVE-2022-42863

CVE-2022-42867

CVE-2022-46691

CVE-2022-46692

CVE-2022-46696

CVE-2022-46698

CVE-2022-46699

CVE-2022-46700

Severity Rating: HIGH

Software Affected

Mozilla Firefox versions prior to 108

Mozilla Firefox ESR versions prior to 102.6

Mozilla Thunderbird versions prior to 102.6

Overview

Multiple vulnerabilities have been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla Firefox ESR which could be exploited by a remote attacker to perform spoofing attack, execute arbitrary code, bypass security restrictions, gain access to potentially sensitive information, perform memory corruption and a potentially exploitable crash on the targeted system.

Description

These vulnerabilities exist in Mozilla products due to a Use-after-free & Memory corruption in WebGL, Arbitrary file read from a compromised content process like clipboard-related IPC messages (for Linux), Insufficient validation of long filenames extension during drag and drop actions, Bypass of download protections by .atloc and .ftploc files (on Mac OS), libusrsctp library out of date, delay or suppression of fullscreen notification and missing of the unsafe-hashes CSP directive implementation. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted Website. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted Web site.

Successful exploitation of these vulnerabilities could allow the remote attacker to perform a spoofing attack, execute arbitrary code, bypass security restrictions, gain access to potentially sensitive information, perform memory corruption and a potentially exploitable crash on the targeted system.

Solution

Apply appropriate fixes as mentioned in Mozilla Security advisories:

Vendor Information

Mozilla

References

Mozilla

Center for Internet Security

CVE Name

CVE-2022-46871

CVE-2022-46872

CVE-2022-46873

CVE-2022-46874

CVE-2022-46875

CVE-2022-46877

CVE-2022-46878

CVE-2022-46879

CVE-2022-46880

CVE-2022-46881

CVE-2022-46882

Severity Rating: High

Software Affected

Apple iOS and iPadOS versions prior to 16.2

iPhone 8 and later

iPad Pro (all models)

iPad Air 3rd generation and later

iPad 5th generation and later

iPad mini 5th generation and later

Apple iOS and iPadOS versions prior to 15.7.2

iPhone 6s (all models)

iPhone 7 (all models)

iPhone SE (1st generation)

iPad Pro (all models)

iPad Air 2 and later

iPad 5th generation and later

iPad mini 4 and later

iPod touch (7th generation)

Overview

Multiple vulnerabilities have been reported in Apple iOS and iPadOS which could allow a remote attacker to gain access to sensitive information, execute arbitrary code, spoof the UI, gain elevated privileges, bypass security restrictions or cause denial of service conditions on the targeted system.

Description

These vulnerabilities exist in the Accounts, AppleMobileFileIntegrity, CoreServices, GPU Drivers, Graphics Driver, ImageIO, IOHIDFamily, IOMobileFrameBuffer, Kernel, Photos, Preferences, Printing, Software Update, Weather, AppleAVD, AVEVideoEncoder, File System, WebKit, iTunes Store, libxml2, ppp, Safari components of Apple iOS and iPadOS.

Successful exploitation of these vulnerabilities could allow the attacker gain access to sensitive information, execute arbitrary code, spoof the UI, gain elevated privileges, bypass security restrictions or cause denial of service conditions on the targeted system.

Solution

Apply appropriate software updates as mentioned in the Apple Security updates  

Vendor Information

Apple

References

Apple

CVE Name

CVE-2022-46694

CVE-2022-42848

CVE-2022-42861

CVE-2022-42846

CVE-2022-42864

CVE-2022-42837

CVE-2022-46689

CVE-2022-40303

CVE-2022-40304

CVE-2022-42840

CVE-2022-42855

CVE-2022-46695

CVE-2022-46691

CVE-2022-42852

CVE-2022-46692

CVE-2022-46700

CVE-2022-42856

CVE-2022-42843

CVE-2022-42865

CVE-2022-42859

CVE-2022-46702

CVE-2022-42850

CVE-2022-46693

CVE-2022-42851

CVE-2022-46690

CVE-2022-46701

CVE-2022-42842

CVE-2022-42844

CVE-2022-42845

CVE-2022-32943

CVE-2022-42862

CVE-2022-42849

CVE-2022-42866

CVE-2022-42867

CVE-2022-46696

CVE-2022-46698

CVE-2022-46699

CVE-2022-42863

Severity Rating: HIGH

Software Affected

Spring Boot Admin versions prior to 2.6.10

Spring Boot Admin versions prior to 2.7.8

Spring Boot Admin versions prior to 3.0.0-M6

Overview

A vulnerability has been reported in Spring Boot Admin which could allow an attacker to execute arbitrary code on the targeted system.

Description

This vulnerability exists in Spring Boot Admin due to a flaw in the integrated notifier support. An attacker can exploit this vulnerability by sending specially crafted request.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.

Workaround

Disable any notifier

Disable write access (POST request) on /env actuator endpoint

Solution

Upgrade to the latest versions of Spring Boot Admin as mentioned in the advisory:

Vendor Information

 

References

 

CVE Name

CVE-2022-46166

Severity Rating: CRITICAL

Software Affected

FortiOS versions prior to 7.2.3

FortiOS versions prior to 7.0.9

FortiOS versions prior to 6.4.11

FortiOS versions prior to 6.2.12

FortiOS-6K7K versions prior to 7.0.8

FortiOS-6K7K versions prior to 6.4.10

FortiOS-6K7K versions prior to 6.2.12

FortiOS-6K7K versions prior to 6.0.15

Overview

A vulnerability has been reported in FortiOS, which could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system.

Description

This vulnerability exists in FortiOS due to a boundary error within the SSL-VPN. An attacker could exploit this vulnerability by sending specially crafted requests to the SSL-VPN interface.

Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Note: This vulnerability is being exploited in the wild.

Solution

Upgrade to the latest versions of FortiOS as mentioned in the vendor advisory:

Vendor Information

Fortiguard

References

Fortiguard

CVE Name

CVE-2022-42475

Description

It has been reported that threat actors are exploiting stolen session cookies to gain access to Atlassian products such as Jira, Confluence, Trello, BitBucket etc. As per reports, session cookies of Atlassian products remain valid for a period of 30 days unless the user logs out, even if the password is changed and two-factor authentication is enabled.

Further, there are reports that session cookies stolen by credential stealer malware such as Vidar, Redline, Racoon etc. are available on dark-web forums, which are being used to obtain JSON web token (JWT) required to hijack a session of Atlassian products such as Jira. Atlassian JWT tokens contains the email address embedded in the cookie, which allows identification of the associated users. It is suspected that a number of organizations may be affected or at risk of being compromised due to the abuse of stolen cookies/tokens to access Atlassian products.

The following measures are recommended to mitigate the risk of unauthorized access to Atlassian products.

Organizations should ensure the usage of trusted and hardened systems for application and network access.

 

Logout of sensitive applications on a regular basis.

 

Set a shorter idle session for Atlassian products via admin.atlassian.com under the Security → Authentication policies section.

 

Implement idle-session timeout to enforce re-logins.

 

Keep up-to-date patches and fixes on the operating system and application software

 

Keep up-to-date Antivirus and Antispyware signatures at the desktop and gateway level

 

Review the access and application privileges of applications

References

 

Severity Rating: HIGH

Software Affected

VMware ESXi versions 7.0 and 8.0

VMware Fusion versions prior to 12.2.5

VMware Workstation versions prior to 16.2.5

VMware Cloud Foundation (ESXi) versions 3.x and 4.x

VMware Workspace ONE Access versions 21.08.0.1 and  21.08.0.0

VMware Workspace ONE Access versions prior to 22.09.1.0

VMware Cloud Foundation (vIDM) versions prior to 3.3.6

Overview

Multiple vulnerabilities have been reported in VMware, which could allow a remote attacker to execute arbitrary code, access sensitive information and bypass security restrictions on the targeted system.

Description

1. Remote Code Execution Vulnerability ( CVE-2022-31700   )

This vulnerability exists in VMware due to insufficient validation of user-supplied input. A remote attacker could exploit this vulnerability by sending a specially crafted request. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the targeted system.

2. Broken Authentication Vulnerability ( CVE-2022-31701   )

This vulnerability exists in VMware due to improper access restrictions to a certain endpoint. A remote attacker could exploit this vulnerability by sending a specially crafted request. Successful exploitation of this vulnerability could allow an attacker to access sensitive information on the targeted system.

3. Heap out-of-bounds write vulnerability ( CVE-2022-31705   )

This vulnerability exists in VMware due to a boundary error within the USB 2.0 controller (EHCI). A local attacker could exploit this vulnerability by guest OS can trigger an out-of-bounds write. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the system.

Solution

Apply appropriate updates as mentioned in VMware Security Advisory:

Vendor Information

VMware

References

VMware

CVE Name

CVE-2022-31700

CVE-2022-31701

CVE-2022-31705

Severity Rating: CRITICAL

Software Affected

Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32

Citrix ADC and Citrix Gateway 12.1 before 12.1-65.25

Citrix ADC 12.1-FIPS before 12.1-55.291

Citrix ADC 12.1-NDcPP before 12.1-55.291

Overview

A vulnerability exists in Citrix Gateway and Citrix ADC which could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system.

Description

This vulnerability exists in Citrix Gateway and Citrix ADC due to improper control of a resource through its lifetime. An attacker could exploit this vulnerability by sending a specially crafted request to the affected system.

Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.

Note: It has been reported that the vulnerability is exploited in the wild.

Solution

Updates are available to download for Citrix ADC and Citrix Gateway .

Vendor Information

Citrix

References

Citrix

CVE Name

CVE-2022-27518

Severity Rating: High

Software Affected

Microsoft Windows

Microsoft Office

Microsoft Apps

Microsoft Dynamics

ESU (Extended Security Updates)

Developer Tools

Open Source Software

Azure

Overview

Multiple vulnerabilities have been reported in Microsoft Products, which could allow an attacker to gain elevated privileges, obtain sensitive information, conduct remote code execution attacks, bypass security restrictions, conduct spoofing attacks, or cause denial of service conditions.

Description

Multiple vulnerabilities have been reported in various Microsoft Products.

 

Solution

Apply appropriate security updates as mentioned in  

Vendor Information

Microsoft

References

 

Severity Rating: HIGH

Software Affected

Google Android versions 10, 11, 12, 12L & 13

Overview

Multiple Vulnerabilities have been reported in Google Android which could be exploited by an attacker to gain elevated privileges, execute arbitrary code, gain access to sensitive information and cause denial of services (DoS) condition on the targeted system.

Description

These vulnerabilities exist in Google Android due to flaws in Android Runtime, Framework, Media Framework components, System, Google Play system update, Kernel components, Imagination Technologies components, MediaTek components, Unisoc components, Qualcomm components and Qualcomm closed-source components.

Successful exploitation of these vulnerabilities could allow an attacker to gain elevated privileges, execute arbitrary code, gain access to sensitive information and cause denial of services (DoS) condition on the targeted system.

Solution

Apply appropriate updates when made available by the respective OEM:

Vendor Information

Android

References

Android

CVE Name

CVE-2021-0934

CVE-2021-39617

CVE-2021-39660

CVE-2021-39795

CVE-2022-20124

CVE-2022-20144

CVE-2022-20240

CVE-2022-20411

CVE-2022-20442

CVE-2022-20444

CVE-2022-20449

CVE-2022-20466

CVE-2022-20468

CVE-2022-20469

CVE-2022-20470

CVE-2022-20471

CVE-2022-20472

CVE-2022-20473

CVE-2022-20474

CVE-2022-20475

CVE-2022-20476

CVE-2022-20477

CVE-2022-20478

CVE-2022-20479

CVE-2022-20480

CVE-2022-20482

CVE-2022-20483

CVE-2022-20484

CVE-2022-20485

CVE-2022-20486

CVE-2022-20487

CVE-2022-20488

CVE-2022-20491

CVE-2022-20495

CVE-2022-20496

CVE-2022-20497

CVE-2022-20498

CVE-2022-20499

CVE-2022-20500

CVE-2022-20501

CVE-2022-20502

CVE-2022-20611

CVE-2022-23960

CVE-2022-25672

CVE-2022-25673

CVE-2022-25681

CVE-2022-25682

CVE-2022-25685

CVE-2022-25689

CVE-2022-25691

CVE-2022-25692

CVE-2022-25695

CVE-2022-25697

CVE-2022-25698

CVE-2022-25702

CVE-2022-32594

CVE-2022-32596

CVE-2022-32597

CVE-2022-32598

CVE-2022-32619

CVE-2022-32620

CVE-2022-33235

CVE-2022-33238

CVE-2022-33268

CVE-2022-39106

CVE-2022-39130

CVE-2022-39131

CVE-2022-39132

CVE-2022-39133

CVE-2022-39134

CVE-2022-42754

CVE-2022-42755

CVE-2022-42756

CVE-2022-42770

CVE-2022-42771

CVE-2022-42772

Severity Rating: MEDIUM

Software Affected

Entity Registration module version prior 7.1.9

Overview

A vulnerability has been reported in Entity registration module of Drupal which could allow an attacker to bypass security restrictions on targeted system.

Description

This vulnerability exists in the Entity registration module due to insufficient restrict update access. An attacker could exploit this vulnerability with "update own [registration type]" permission to gain unauthorized access.

Successful exploitation of this vulnerability could allow an attacker to bypass and manage security restrictions.

Solution

Apply appropriate upgrade as mentioned:

Vendor Information

Drupal

References

Drupal

Severity Rating: HIGH

Software Affected

FortiOS version 7.2.0 through 7.2.1

FortiOS version 7.0.0 through 7.0.7

FortiOS version 6.4.0 through 6.4.9

FortiOS version 6.2 all versions

FortiOS version 6.0 all versions

FortiProxy version 7.0.0 through 7.0.6

FortiProxy version 2.0.0 through 2.0.10

FortiProxy version 1.2.0 all versions

Overview

A vulnerability has been reported in FortiOS and FortiProxy, which could allow an unauthenticated remote attacker to bypass security restrictions on the targeted system.

Description

This vulnerability exists in Fortinet Devices due to authentication bypass by assumed-immutable data vulnerability in the FortiOS SSH login component. An attacker can exploit this vulnerability by sending specially crafted Access-Challenge response from the Radius server.

Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to Bypass security restrictions on the targeted system.

Solution

Upgrade to the latest versions of FortiOS and FortiProxy as mentioned in the vendor advisory

Vendor Information

Fortiguard

References

 

CVE Name

CVE-2022-35843

Severity Rating: High

Software Affected

Microsoft Windows

Microsoft Office

Microsoft.Net

Microsoft Azure

Microsoft SharePoint

Microsoft 365

Microsoft Exchange Server

Microsoft Visual Studio

Overview

Multiple vulnerabilities have been reported in Microsoft Products, which could allow an attacker to gain elevated privileges, obtain sensitive information, conduct remote code execution attacks, bypass security restrictions, conduct spoofing attacks, or cause denial of service conditions.

Description

Multiple vulnerabilities have been reported in various Microsoft products.

Solution

Apply appropriate security updates as mentioned in:  

Vendor Information

Microsoft

References

 

Severity Rating: HIGH

Software Affected

Mozilla Firefox Thunderbird versions prior to 102.5.1

Overview

A vulnerability has been reported in Mozilla Thunderbird which could allow a remote attacker to perform arbitrary code execution on the targeted system.

Description

This vulnerability exists in Mozilla Thunderbird due to quoting from an HTML email with certain tags. A remote attacker could exploit this vulnerability by persuading a victim to visit a specially crafted web request.

Successful exploitation of this vulnerability could allow a remote attacker to perform arbitrary code execution on the targeted system.

Solution

Upgrade to Mozilla Firefox Thunderbird versions 102.5.1

Vendor Information

Mozilla Thunderbird

References

Mozilla Thunderbird

CVE Name

CVE-2022-45414

Severity Rating: HIGH

Software Affected

VMware ESXi version prior to 8.0

VMware vCenter Server versions prior to 8.0

VMware Cloud Foundation (vCenter Server) version 4.x and prior

VMware Cloud Foundation (ESXi) version 4.x and prior

Overview

Multiple vulnerabilities have been reported in VMware ESXi and vCenter Server which could allow an attacker to trigger memory corruption, disclose sensitive information and cause denial of service condition on the targeted system.

Description

1. VMware ESXi memory corruption vulnerability ( CVE-2022-31696   )

This vulnerability exists in VMware ESXi due to a boundary error in the way network socket are handled. A local attacker with access to ESXi could exploit this vulnerability to trigger memory corruption and execute arbitrary code with elevated privileges on the targeted system.

2. VMware vCenter Server information disclosure vulnerability ( CVE-2022-31697   )

This vulnerability exists in VMware vCenter server due to the logging of credentials in plain text. A local attacker with access to a workstation that invoked a vCenter Server Appliance ISO operation could exploit this vulnerability to disclose sensitive information on the targeted system.

3. VMware vCenter Server denial of service vulnerability ( CVE-2022-31698   )

This vulnerability exists in VMware vCenter Server due to insufficient validation of user-supplied input in the content library service when handling HTTP headers. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP request to port 443/tcp. Successful exploitation of this vulnerability could allow a remote attacker to cause a denial of service (DoS) condition on the targeted system.

4. VMware ESXi OpenSLP heap overflow vulnerability ( CVE-2022-31699   )

This vulnerability exists in VMware ESXi due to a boundary error in OpenSLP. A local attacker with restricted privileges within a sandbox process could exploit this vulnerability to trigger a heap overflow and gain access to sensitive information on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

Vendor Information

VMware

References

VMware

CVE Name

CVE-2022-31696

CVE-2022-31697

CVE-2022-31698

CVE-2022-31699

Severity Rating: HIGH

Software Affected

F5 BIG-IP (all modules) versions (17.0.0, 16.1.0 - 16.1.3, 15.1.0 - 15.1.8, 14.1.0 - 14.1.5, 13.1.0 - 13.1.5)

BIG-IQ Centralized Management versions (7.0.0 - 7.1.0, 8.0.0 - 8.2.0)

Traffix SDC versions (5.1.0, 5.2.0)

Overview

A vulnerability has been reported in the F5 Products which may allow an authenticated attacker to access sensitive information, data manipulation and cause denial of service condition on the targeted system.

Description

This vulnerability exists in the F5 Products due to flaw in Linux kernel¿s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. An attacker could exploit this vulnerability by persuading a victim to visit a specially crafted request.

Successful exploitation of this vulnerability may allow an authenticated attacker to access sensitive information, data manipulation and cause denial of service condition on the targeted system.

Solution

Apply appropriate update as mentioned by the vendor.

Vendor Information

F5 Products

References

F5 Products

CVE Name

CVE-2022-0492