SysAdmin 24x7

VMSA-2022-0012 CVSSv3 Range: 7.3 Issue Date: 2022-04-06 CVE(s): CVE-2022-22962, CVE-2022-22964 Synopsis: VMware Horizon Client for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964) Impacted Products VMware Horizon Client for Linux https://www.vmware.com/security/advisories/VMSA-2022-0012.html

Citrix Hypervisor Security Update Description of Problem A security issue has been identified that affects Citrix Hypervisor. This issue may allow privileged code in a guest VM to cause the host to crash or become unresponsive. The issue only affects systems with Intel CPUs where the malicious guest VM has had a physical PCI device assigned to it by the host administrator using the PCI passthrough feature. The issue has the following identifier: CVE-2022-26357 Customers who have not assigned a physical PCI device to a guest VM are not affected by this issue. Customers who are running on systems with only AMD CPUs are also not affected by this issue. https://support.citrix.com/article/CTX390511

VMSA-2022-0011 CVSSv3 Range: 5.3-9.8 Issue Date: 2022-04-06 CVE(s): CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 Synopsis: VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities. RSS Feed Download PDF Download Text File Share this page on social media Impacted Products VMware Workspace ONE Access (Access) VMware Identity Manager (vIDM) VMware vRealize Automation (vRA) VMware Cloud Foundation vRealize Suite Lifecycle Manager https://www.vmware.com/security/advisories/VMSA-2022-0011.html

Vulnerabilidad SQLi en FortiWAN de Fortinet Fecha de publicación: 06/04/2022 Importancia: 5 - Crítica Recursos afectados: FortiWAN 4.5.8 y anteriores. Descripción: Giuseppe Cocomazzi, del equipo Fortinet Product Security, ha descubierto esta vulnerabilidad crítica que podría permitir a un atacante ejecutar código o comandos no autorizados. Solución: Actualizar a FortiWAN 4.5.9 o superior. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-sqli-fortiwan-fortinet

https://t.me/sysadmin24x7/4927 Actualización de contenido sobre vulnerabilidad VMSA-2022-0010.1 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-06 CVE(s): CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965) Impacted Products VMware Tanzu Application Service for VMs VMware Tanzu Operations Manager VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) https://www.vmware.com/security/advisories/VMSA-2022-0010.html

Boletín de seguridad de Android de abril de 2022 Fecha de publicación: 05/04/2022 Importancia: 4 - Alta Recursos afectados: Android Open Source Project (AOSP): Versiones 10, 11, 12 y 12L. Descripción: El boletín mensual de Android de abril de 2022 soluciona 3 vulnerabilidades de severidad alta que afectan al sistema, y que podrían permitir a un cibedelincuente la escalada remota de privilegios, sin necesidad de privilegios de ejecución adicionales ni interacción por parte del usuario, y la divulgación de información. https://www.incibe.es/protege-tu-empresa/avisos-seguridad/boletin-seguridad-android-abril-2022

CVE-2022-26871 Detail NVD Published Date: 03/29/2022 NVD Last Modified: 03/30/2022 Source: Trend Micro, Inc. Description An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. https://nvd.nist.gov/vuln/detail/CVE-2022-26871

VMSA-2022-0010 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-02 (Initial Advisory) CVE(s): CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965) Impacted Products VMware Tanzu Application Service for VMs VMware Tanzu Operations Manager VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) https://www.vmware.com/security/advisories/VMSA-2022-0010.html

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities Original release date: April 01, 2022 https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/spring-releases-security-updates-addressing-spring4shell-and

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/

GitLab addresses critical account hijack bug. https://portswigger.net/daily-swig/gitlab-addresses-critical-account-hijack-bug

Múltiples vulnerabilidades en GitLab Fecha de publicación: 01/04/2022 Importancia: 5 - Crítica Recursos afectados: Todas las versiones de: GitLab CE/EE, GitLab Omnibus, GitLab Charts, GitLab Pages. Descripción: GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar una vulnerabilidad tipo Cross-Site Scripting (XSS), acceder al token de registro y variables de entorno o causar una denegación de servicio entre otros. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-gitlab

Múltiples vulnerabilidades en productos Netgear Fecha de publicación: 01/04/2022 Importancia: 5 - Crítica Descripción: Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-19

About the security content of macOS Monterey 12.3.1 Impact: An application may be able to execute arbitrary code with kernel privileges https://support.apple.com/en-us/HT213220

About the security content of iOS 15.4.1 and iPadOS 15.4.1 Impact: An application may be able to execute arbitrary code with kernel privileges. https://support.apple.com/en-us/HT213219

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices [...] The flaw has been assigned the identifier CVE-2022-0342 and is rated 9.8 out of 10 for severity. Credited with reporting the bug are Alessandro Sgreccia from Tecnical Service Srl and Roberto Garcia H and Victor Garcia R from Innotec Security. [...] https://thehackernews.com/2022/03/zyxel-releases-patches-for-critical-bug.html

Raw Image Extension Remote Code Execution Vulnerability CVE-2022-23295 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23295

Zlib data compressor fixes 17-year-old security bug – patch, errrm, now. https://nakedsecurity.sophos.com/2022/03/29/zlib-data-compressor-fixes-17-year-old-security-bug-patch-errr-now/

This new ransomware targets data visualization tool Jupyter Notebook. https://www.zdnet.com/article/this-new-ransomware-targets-data-visualization-tool-jupyter-notebook/