CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component.
„An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication,“ Apple said in an advisory, adding the issue „may have been exploited against versions of iOS released before iOS 15.7.1.“ The iPhone maker said the problem was addressed with improved checks. It’s currently not known how the vulnerability is being weaponized in real-world attacks.
Source: The hacker news / Bleeping computer
Link: https://thehackernews.com/2024/02/cisa-warns-of-active-exploitation-of.html
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild.
The list of vulnerabilities is as follows –
- CVE-2024-21888 (CVSS score: 8.8) – A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator
- CVE-2024-21893 (CVSS score: 8.2) – A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication
The Utah-based software company said it found no evidence of customers being impacted by CVE-2024-21888 so far, but acknowledged „the exploitation of CVE-2024-21893 appears to be targeted“ and that it’s „aware of a limited number of customers impacted“ by the issue.
Source: The hacker news / Bleeping computer / Dark reading / Securityweek / Infosecurity magazine / CISA gov emergency directive / Ivanti forum
Link: https://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html
Link: https://www.securityweek.com/cisa-sets-48-hour-deadline-for-removal-of-insecure-ivanti-products/
Link: https://www.infosecurity-magazine.com/news/ivanti-zeroday-patches-two-new-bugs/
URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite
GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace.
Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10.
„An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.5.8, 16.6 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace,“ GitLab said in an advisory released on January 25, 2024.
Source: The hacker news
Link: https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html
Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems.
The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and CVE-2023-36851, were previously disclosed by the company in August 2023.
- CVE-2024-21619 (CVSS score: 5.3) – A missing authentication vulnerability that could lead to exposure of sensitive configuration information
- CVE-2024-21620 (CVSS score: 8.8) – A cross-site scripting (XSS) vulnerability that could lead to the execution of arbitrary commands with the target’s permissions by means of a specially crafted request
Cybersecurity firm watchTowr Labs has been credited with discovering and reporting the issues. The two vulnerabilities have been addressed in the following versions –
- CVE-2024-21619 – 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases
- CVE-2024-21620 – 20.4R3-S10, 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, and all subsequent releases
As temporary mitigations until the fixes are deployed, the company is recommending that users disable J-Web or restrict access to only trusted hosts.
Source: The hacker news / Securityweek / Juniper supportportal / The register
Link: https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html
Link: https://www.securityweek.com/juniper-networks-patches-vulnerabilities-in-switches-firewalls/
Link: https://www.theregister.com/2024/01/30/juniper_networks_vulnerabilities/