Skip to main content
Monthly Archives

November 2021

||

Linux Vulnerabilities of the Week: November 22, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: November 22, 2021

See this week's top Linux issues and keep your IT environment protected from the latest November Linux vulnerabilities.

1. Out-of-bounds write to memory in FreeRDP

 Severity: Important   CVSS Score: 8.8

This is a flaw in the FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.

In affected versions, a malicious server can send graphics updates to a client to cause an out-of-bounds write in client memory using a specially crafted input. Finally, this vulnerability could allow arbitrary code to be executed on the target system.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction, this can be exposed over any network, with low complexity and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41160

2. SVM-nested virtualization issue in KVM

Severity: Important    CVSS Score: 8.8

This is a flaw in the KVM’s AMD code for supporting SVM-nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the “int_ctl” field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data, or potential guest-to-host escape.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-3653

3. Possible trojan source attacks in the Unicode Specification (through 14.0)

Severity: Important    CVSS Score: 8.3

This is a flaw in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text.

An attacker could use this to deceive a human reviewer by creating a malicious patch containing well-placed BiDi characters. The special handling and rendering of those characters can be then used in an attempt to hide unexpected and potentially dangerous behavior from the reviewer.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires a complex attack and user interaction to be exploited, it can be exposed over any network with no privileges. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-42574

4. A heap-based buffer overflow in vim

Severity: Important    CVSS Score: 7.8

This is a flaw in vim. An attacker can exploit a possible heap-based buffer overflow to input a specially crafted file leading to a system crash or code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and requires user interaction, it can be exposed with a low complexity attack and without privileges.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3778

5. Remote crash in RSA decryption affecting Red Hat Enterprise Linux 8

Severity: Important    CVSS Score: 7.5

This is a flaw in the way nettle’s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a high risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3580

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 23, 2021
Love0
||

Windows Out-of-Band Update Released to Fix Kerberos

By Patch ManagementNo Comments

Windows Out-of-Band Update Released to Fix Kerberos

Microsoft has released an emergency security update to fix a Kerberos OOB vulnerability in Windows.

Microsoft Issues Emergency Update for Kerberos

Microsoft has released an emergency security update to fix a Kerberos OOB vulnerability in Windows Server running Domain Controller services.  Anyone impacted by this vulnerability will not be able to sign into services or applications using the affected DC, whether this was Premise or Cloud.  This also impacts anyone using SSO.

Rob Brown, Head of Customer Success for Syxsense said, “This vulnerability is impacting all Windows Server OS from 2008 through to 2019 and should be a particular concern as this was identified by a very well-known Antivirus partner. Therefore, the assumption is to believe this was being used in malware, other ransomware attacks, or full loss of service if exploited.”

Windows Out-of-Band Updates

As always we recommend full testing be performed prior to live deployment to your device, these are now available within Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 17, 2021
Love0
||

Linux Vulnerabilities of the Week: November 15, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: November 15, 2021

See this week's top Linux issues and keep your IT environment protected from the latest November Linux vulnerabilities.

1. Possible trojan source attacks in the Unicode Specification (through 14.0)

Severity: Critical         CVSS Score: 9.8

This is a flaw in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text.

An attacker could use this to deceive a human reviewer by creating a malicious patch containing well-placed BiDi characters. The special handling and rendering of those characters can be then used in an attempt to hide unexpected and potentially dangerous behavior from the reviewer.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42574

2. A heap-based buffer overflow in vim

Severity: Important    CVSS Score: 7.8

This is a flaw in vim. An attacker can exploit a possible heap-based buffer overflow to input a specially crafted file leading to a system crash or code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and requires user interaction, it can be exposed by an unprivileged user with a low complexity attack.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3778

3. The Linux kernel (< 5.13.13) vulnerability

Severity: Important    CVSS Score: 7.8

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

The Linux kernel (< 5.13.13) vulnerability

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42008

4. Memory overwrite in the Linux kernel (<5.14.6) with potential privileges execution

Severity: Important    CVSS Score: 7.8

This is a flaw in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in Aspeed Low Pin Count (LPC) Bus Controller in the Linux kernel.

A local attacker can exploit a miss in the sanity check to bypass the boundary check, and map pages that are located outside the memory region reserved by the driver, potentially executing privileges, aka CID-b49a0e69a7b1.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42252

5. Heap buffer overflow in FireDTV media card driver affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 7.8

This is a heap-based buffer overflow flaw in the Linux kernel (through  5.14.13) FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. Exploiting this vulnerability a local user of the host machine can crash the system or escalate privileges.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

and no user interaction required.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42739

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 16, 2021
Love0
||

Lack of Data Unification and Automation Compromises Security

By BlogNo Comments

Lack of Data Unification and Automation Compromises Security

To counter today’s threats, there is a need for security operations teams to gain better access to data stored across IT environments.

IT Security Data Is Spread Far Too Wide

There is so much data in the modern enterprise that it is hard to keep track of. A dozen different security systems, threat intelligence feeds, and enterprise monitoring tools with logs that generate enough data to fill the great library of Alexandria.

The problem is collecting and unifying data that is spread around so many information silos and in so many disparate platforms.

A study by Forrester Research entitled, “Forrester Opportunity Snapshot: Automation and Unification Enable A Cohesive Attack Surface Defense,” delves into this area. It found data unification and automation to be the key factors in bringing order to security confusion and enable a more cohesive defense of the enterprise attack surface.

The major findings of the research include:

  • 71% of security leaders report their teams need greater access to threat intelligence, security operations data, incident response data, and vulnerability data.
  • 65% of respondents find it very challenging to provide security teams with cohesive data access.
  • 64% of respondents note that sharing cyber threat intelligence between their organizations’ security operations center (SOC), incident response and threat intelligence teams is limited. Organizations also cite several data silos and data access issues that hamper their ability to achieve collective defense.
  • Top obstacles to unifying technologies include cross team collaboration (55%), data silos within security teams (47%), discovering and accessing data (45%) and functional silos within security (45%).
  • Due to difficulties unifying data access, security teams and security technologies, firms report several consequences tied to hazardous defense issues, including slow threat response (60%), avoidable data breaches (57%) and avoidable human error (53%).
  • In addition, there are financial impacts experienced because of a lack of security unification and automation, such as high mitigation costs and increased cybersecurity spend (51%) and fines and compliance issues (45%).

Solving the Security Data Challenge

To counter today’s evolving threats, there is clearly a need for security operations teams to gain better access to data stored in the various cybersecurity and IT applications within their environment. Only by bringing this together and obtaining a centralized view to bolster defenses and proactively defend assets. A more unified and collective data foundation is needed to stay one step ahead of the cybercriminals hoping to prey on enterprise networks.

Automation, too, plays a major part. With the data collected in one place, there yet remains too much of to easily monitor and keep track of. It takes automation and built-in intelligence to:

  • Sift out the false positives.
  • Cross-correlate the different logs and alerts to determine priorities.
  • Detect strange behavior patterns that may indicate malicious intent.
  • Spot anomalies and tie them into other potential threat indicators
  • Integrate threat intelligence feeds into enterprise systems.

But that is only half the battle. Once unified data and automating its analysis are possible, there remains one more step: automating the remediation actions. If one IT staffer is going to manually check each alert, deploy patches to each machine, and run vulnerability checks on system after system, it takes up too much time. In fact, it probably takes up all of that person’s time.

Automation is vitally needed in every aspect of security remediation to maintain a response rate sufficient to thwart attacks. In patch management, for example, lack of automation can delay the implementation of a critical patch when there are hundreds or even thousands of endpoints to manage. A tremendous among of time is saved if IT does not have to formulate scripts, hop from one screen to another, or manually push out patches to various destinations.

How Syxsense Can Help Your Business

Syxsense offers a patch management solution that provides drag-and-drop features, as well as automation of processes and multistage tasks: for example, automating a sequence such as patching VM guests and rebooting them, then patching their host, and performing a separate reboot. It enables you to easily manage unpatched vulnerabilities with the click of a button.

It includes patch supersedence, patch roll back, and a wealth of automation features. In addition, it provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches across the wire once, using peer-to-peer within the network for local distribution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 13, 2021
Love0
||

Ransomware Becomes a Pandemic

By BlogNo Comments

Ransomware Becomes a Pandemic

There is a lot of news being generated about the ongoing pandemic. But another pandemic is sweeping the world – ransomware.

Rise of Ransomware

Fortinet’s 2021 Ransomware Survey Report reveals a more than 1000% surge in ransomware between July 2020 and June 2021.

According to the report:

  • Two thirds of organizations have been targeted by ransomware.
  • One in six companies have been hit at least three times.
  • 94% expressed concern about the threat of a ransomware attack, with 76% being very or extremely concerned.
  • 85% are more worried about a ransomware attack than any other cyber threats.
  • 62% consider the top concern of organizations concerning ransomware is the risk of losing data.
  • 38% said loss of productivity and 36% said the interruption of operations were their top concerns.
  • 36% of respondents said the growing sophistication of the threat landscape was among their top five challenges in preventing ransomware.
  • Lack of user awareness and training about cybersecurity hygiene came in at 32% and the difficulties of securing “work from anywhere” employees at 31%.

Despite these statistics, there appears to still be complacency about the problem. Researchers found that despite the volume of attacks and their regular success, 96% of respondents feel at least moderately prepared.

Digging in deeper, however, the survey found that less than half of the respondents have a strategy that includes such things as network segmentation (48%), business continuity measures (41%), a remediation plan (39%), testing of ransomware recovery methods (28%), or red team/blue team exercises (13%) to identify weaknesses in security systems.

Combatting Ransomware

What is to be done to combat ransomware? 91% plan to invest in more employee cyber awareness training. That’s a smart approach as people tricked into clicking on malicious links and attachments is a primary line of ransomware incursion. But that isn’t enough. Survey respondents said that also look to areas such as threat intelligence, embedded artificial intelligence (AI) for behavioral detection, Secure Web Gateways, VPN, Network Access Controls, and offline backup as key areas of defense.

Perhaps the simplest, most basic, and perhaps the most effective technology upgrades that should be done to minimize the chances of attack are patch management and vulnerability scanning. This one-two punch of vulnerability scanning and patch management provides an essential defensive barrier against most potential incursions. When supported by good user training to proof employees up against phishing attacks and other social engineering scams, organizations are in a strong position to avoid the scourge of ransomware and other malware-borne ills.

How Syxsense Helps

The Syxsense vulnerability scanner is not only a complete security management package, it is automated, repeatable, and generates quick results, delivering security and safety in a timely manner. With security scanning and patch management in one console, Syxsense Secure is the only product that not only shows you what’s wrong, but also deploys the solution.

It offers visibility into OS and third-party vulnerabilities like defects, errors, or misconfigurations of components, while increasing cyber resilience. And it is fully integrated with automated patch management software that lets you easily manage unpatched vulnerabilities with the click of a button.

Syxsense includes patch supersedence, patch roll back, and a wealth of automation features. In addition, it provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches across the wire once, using peer-to-peer within the network for local distribution.

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 12, 2021
Love0
|

Watch the Webcast: November Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: November Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

Watch the November Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

View the Webcast

What You Need to Know: November Patch Tuesday 2021

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 11, 2021
Love1
|||

November Patch Tuesday 2021 Addresses 55 Vulnerabilities

By Patch Management, Patch TuesdayNo Comments

November Patch Tuesday 2021 Fixes 55 Flaws

November Patch Tuesday 2021 is officially here. See the latest Microsoft updates, vulnerabilities, and critical patches of the month.

Microsoft Releases November 2021 Patch Tuesday Fixes

There are 6 Critical (double than last month) and 49 Important fixes in this release. Updated were included Microsoft Windows and Windows components, 3D Viewer, Azure, Azure RTOS and Sphere, Microsoft Dynamics, Microsoft Office, and Visual Studio and Visual Studio Code and Windows 11 has its second security patch. 

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month.  We are really close to the need to review for a third and final year of ESU if you are still using Windows 7 or 2008.

  1. Windows 7 – 1 Critical and 10 Important fixes
  2. Windows 2008 R2 – 1 Critical and 14 Important fixes

Robert Brown, Head of Customer Success for Syxsense said, “Overall, this year we have seen a massive drop in the number of fixes addressed by the Patch Tuesday security updates. This is most likely down to the extended support of the Windows 10 Feature Updates throughout 2021, however as Microsoft have launched another business operating system that number is likely to rise again.”

Our suggestion would be to choose which Operating System (10 vs. 11) your business will use for 2022 and stick with it. If your company policy is to stick with Windows 10, we recommend implementing such procedures to stop users from accidentally upgrading their device to Windows 11.

Top November 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-3711: OpenSSL: SM2 Decryption Buffer Overflow

A malicious attacker who is able to present SM2 content for decryption to an application could cause the attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behavior or causing the application to crash.

This vulnerability was released before November but has been reviewed and rescored by NVD.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-26443: Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on the VMBus channel from the guest VM to the Host. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.0
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Adjacent
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

3. CVE-2021-38666: Remote Desktop Client Remote Code Execution Vulnerability

An attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system and has been suggested by Microsoft this vulnerability is “More Likely” to be used in an attack.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

CVE Reference Description Vendor Severity CVSS Score Weaponised Publicly Aware Countermeasure Highest Priority
CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability Important 8.8 Yes No No Yes
CVE-2021-42292 Microsoft Excel Security Feature Bypass Vulnerability Important 7.8 Yes No No Yes
CVE-2021-43208 3D Viewer Remote Code Execution Vulnerability Important 7.8 No Yes No Yes
CVE-2021-43209 3D Viewer Remote Code Execution Vulnerability Important 7.8 No Yes No Yes
CVE-2021-38631 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 4.4 No Yes No Yes
CVE-2021-41371 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 4.4 No Yes No Yes
CVE-2021-3711 OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow Critical 9.8 No No No Yes
CVE-2021-26443 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Critical 9 No No No Yes
CVE-2021-38666 Remote Desktop Client Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-42316 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Critical 8.7 No No No Yes
CVE-2021-42298 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-42279 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2021-42275 Microsoft COM for Windows Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-42283 NTFS Elevation of Privilege Vulnerability Important 8.8 No No No Yes
CVE-2021-41366 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-40442 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-42276 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-42296 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-41367 NTFS Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-41370 NTFS Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-42322 Visual Studio Code Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-42286 Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36957 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-41377 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-42285 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-41378 Windows NTFS Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-41372 Power BI Report Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-42278 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-42282 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-42287 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-42291 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-41356 Windows Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-38665 Remote Desktop Protocol Client Information Disclosure Vulnerability Important 7.4 No No No
CVE-2021-42284 Windows Hyper-V Denial of Service Vulnerability Important 6.8 No No No
CVE-2021-42274 Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability Important 6.8 No No No
CVE-2021-41374 Azure Sphere Information Disclosure Vulnerability Important 6.7 No No No
CVE-2021-42302 Azure RTOS Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2021-42303 Azure RTOS Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2021-42304 Azure RTOS Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2021-41349 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-42305 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-41368 Microsoft Access Remote Code Execution Vulnerability Important 6.1 No No No
CVE-2021-42300 Azure Sphere Tampering Vulnerability Important 6 No No No
CVE-2021-42288 Windows Hello Security Feature Bypass Vulnerability Important 5.7 No No No
CVE-2021-42277 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Important 5.5 No No No
CVE-2021-41373 FS Logix Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-42280 Windows Feedback Hub Elevation of Privilege Vulnerability Important 5.5 No No No
CVE-2021-41379 Windows Installer Elevation of Privilege Vulnerability Important 5.5 No No No
CVE-2021-42319 Visual Studio Elevation of Privilege Vulnerability Important 4.7 No No No
CVE-2021-41375 Azure Sphere Information Disclosure Vulnerability Important 4.4 No No No
CVE-2021-41351 Microsoft Edge (Chrome based) Spoofing on IE Mode Important 4.3 No No No
CVE-2021-26444 Azure RTOS Information Disclosure Vulnerability Important 3.3 No No No
CVE-2021-42301 Azure RTOS Information Disclosure Vulnerability Important 3.3 No No No
CVE-2021-42323 Azure RTOS Information Disclosure Vulnerability Important 3.3 No No No
CVE-2021-41376 Azure Sphere Information Disclosure Vulnerability Important 2.3 No No No

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 10, 2021
Love0
||

Top Linux Vulnerabilities for November 2021

By NewsNo Comments

Top Linux Vulnerabilities for November 2021

Explore the top Linux vulnerabilities for November 2021 and find out the best solution for managing these threats.

1. Buffer overflow in Golang (<1.16.9)

Severity: Critical         CVSS Score: 9.8

This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments.

The highest threat from this vulnerability is to integrity.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-38297

2. Apache HTTP server vulnerability

Severity: Critical         CVSS Score: 9.8

This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could use to map URLs to files outside the directories configured by Alias-like directives. This flaw could also leak the source of interpreted files like CGI scripts.

If files outside of the mentioned directories are not protected by the usual default configuration “require all denied”, the attacker’s requests can succeed. If CGI scripts are also enabled for these aliased paths, this could result in remote code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

 Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42013

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

4. Integer overflow in strongSwan (< 5.9.4 )

Severity: Important   CVSS Score: 7.5

The is a remote integer overflow in the in-memory certificate cache in strongSwan. The overflow happens upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries.

The attempts of code to select a less-often-used cache entry by generating random numbers don’t give results. Remote code execution might be a slight possibility.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41991

5. OpenJDK vulnerability affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 6.8

This is an easily exploitable flaw that allows a low-privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. To be successful, attacks require human interaction from a person other than the attacker.

While the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products and lead to unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as though this requires some privileges and user interaction to be exploited, it can be exposed over any network, with a low complexity attack. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-35567

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 8, 2021
Love0
||

Google Chrome Zero-Day Flaw Is Currently Being Weaponized

By Patch ManagementNo Comments

Google Chrome Zero-Day Is Currently Being Weaponized

A new Google Chrome zero-day allows a remote attacker to create a specially crafted web page and trigger a use-after-free error.

Google Chrome Zero-Day Is Being Weaponized

Google has released 95.0.4638.69 today to the Stable Channel to resolve serious issues impacting Windows, Linux and Mac OS.  So far this year Google have released over 13 Zero Day versions of the Chrome browser so far.  This vulnerability is being tracked under CVE-2021-38000 and CVE-2021-38003 and are both Critical Severity.

A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

What’s the solution?

Upgrade to the latest version of Chrome stable channel using Syxsense Secure.

Syxscore Risk Alert

his vulnerability has a serious risk as this can be exposed over any network, with low complexity and without privileges.  The CVE carries a CVSS score of 8.8 (High Severity) and the vulnerability is being weaponized.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): No

Start a Free Trial of Syxsense

Experience the power of Syxsense for free. Our intuitive technology helps you easily predict and remove security threats where you are most vulnerable — at the endpoint.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 3, 2021
Love0
||

Linux Vulnerabilities of the Week: November 1, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: November 1, 2021

See this week's top Linux issues and keep your IT environment protected from the latest October Linux vulnerabilities.

1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream

Severity: Important    CVSS Score: 8.8

XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in the mentioned library that allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who followed the recommendation to set up XStream’s security framework with a whitelist limited to the minimal required types are not affected.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-39139

2. A heap buffer overflow in Redis

Severity: Important    CVSS Score: 8.8

This is a heap buffer overflow in Redis, an open-source, in-memory database that persists on disk. In all versions of Redis with Lua scripting support, starting from 2.6, specially crafted Lua scripts can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result in heap corruption and potentially remote code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32626

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

4. Local privilege escalation via PHP-FPM affecting Red Hat Enterprise Linux 8

Severity: Important   CVSS Score: 7.8

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-21703

5. Excessive memory allocation in RTFReader in OpenJDK affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 5.3

This is an easily exploitable flaw in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE that allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can lead to unauthorized ability to cause a partial denial of service of Java SE, Oracle GraalVM Enterprise Edition.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a moderate risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-35559

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
November 2, 2021
Love0