by CIRT Team
A Vulnerability in Juniper Junos OS Could Allow for Remote Code Execution
DESCRIPTION:A vulnerability has been discovered in Juniper Junos OS that could allowfor remote code execution. Junos OS is a single network operating systemproviding a common language across Juniper’s routing, switching andsecurity devices. This vulnerability specifically affects the overlaydservice of Juniper Networks Junos OS. The overlayd daemon handlesOverlay OAM packets, such as ping and traceroute, sent to the overlay.The service runs as root by default and...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
by CIRT Team
Desktop Window Manager vulnerability
Window Manager vulnerability Description:CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). Due to the lack of bounds checking, attackers are able to create a situation that allows them to write controlled data at a controlled offset using DirectComposition API. Impact:It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits...
Read More
by CIRT Team
Multiple OS command injection vulnerabilities in Nagios XI
Description:CVE-2021-25296Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.Mitigation:Upgrade the Windows WMI config wizard from Admin > Manage Config Wizards to version 2.2.3 or above. CVE-2021-25297Nagios XI version xi-5.7.5 is affected by...
Read More
by CIRT Team
Critical Patches Issued for Microsoft Products, April 13, 2021
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...
Read More
by CIRT Team
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Photoshop is Adobe’s flagship image editing software.* Digital Editions is an e-book reader software program.* Bridge is a free digital asset management app. It is a mandatorycomponent of Adobe Creative Suite, Adobe eLearning Suite, AdobeTechnical Communication Suite and Adobe Photoshop CS2 through CS6.* RoboHelp is a...
Read More
by CIRT Team
Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox,Firefox Extended Support Release (ESR) and Mozilla Thunderbird, the mostsevere of which could allow for arbitrary code execution. MozillaFirefox is a web browser used to access the Internet. Mozilla FirefoxESR is a version of the web browser intended to be deployed in largeorganizations. Mozilla Thunderbird is an email client. Successfulexploitation of these vulnerabilities could allow for arbitrary codeexecution....
Read More
by CIRT Team
A Vulnerability in WebKitGTK and WPE WebKit Could Allow for Arbitrary Code Execution
DESCRIPTION:A vulnerability has been discovered in WebKit GTK and WPE WebKit whichcould allow for arbitrary code execution. * WebKitGTK is a full-featured port of the WebKit rendering engine,suitable for projects requiring any kind of web integration, from hybridHTML/CSS applications to full-fledged web browsers.* WPE is the reference WebKit port for embedded and low-consumptioncomputer devices. Successful exploitation of this vulnerability could allow for arbitrarycode execution. Depending...
Read More
by CIRT Team
Half a million Huawei Android phones hit by Joker malware
Security researchers have found over 500,000 Huawei smartphone users have downloaded applications tainted with the Joker malware that unwittingly subscribes users to premium mobile services. A report from antivirus maker Doctor Web notes that the malicious apps retained their advertised functionality but downloaded components that subscribed users to premium mobile services. To keep users in the dark the infected apps requested access to notifications, which...
Read More
by CIRT Team
Multiple Vulnerabilities in Microsoft Exchange Server Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft ExchangeServer (on premises version) , the most severe of which could allow forarbitrary code execution. Microsoft Exchange Server is a mail serverused to run and manage an organization’s email services. Successfulexploitation of the most severe of these vulnerabilities could allow anattacker to execute arbitrary code in the context of the mail server.Depending on the privileges associated with the...
Read More
