Mozilla Firefox fixes two actively exploited zero-day bugs
Description:
Mozilla has released Firefox updates to fix two critical zero-day vulnerabilities actively exploited in attacks.
Both zero-day vulnerabilities are "Use-after-free"
bugs, which is when a program tries to use memory
that has been previously cleared. When threat
actors exploit this type of bug, it can cause the
program to crash while at the same time allowing
commands to be executed on the device without
permission.
CVE_IDs:
CVE-2022-26485, CVE-2022-26486
Source:
2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP! (thehackernews.com)
Impact:
Upon successful exploitation of these bugs,
they could allow a remote attacker to
execute almost any code
Suggestions and Recommendations:
Due to the critical nature of these bugs, and
they are being actively exploited, it is
strongly recommended that all Firefox users
update their browsers immediately
Multiple UEFI Firmware Flaws Discovered
in Millions of HP Devices
Description:
High-severity vulnerabilities have been disclosed in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. Newly disclosed 16 vulnerabilities have CVSS scores ranging from 7.5 to 8.8.
According to Binarly, a firmware security company’s report, exploiting these vulnerabilities a threat actor can gain high privileges on the affected devices. It may also allow the attacker to evade AV tools and remain undetectable.
CVE_IDs:
CVE-2021-39297, CVE-2021-39298, CVE-2021-
39299, CVE-2021-39300, CVE-2021-39301, CVE2022-23924, CVE-2022-23925, CVE-2022-23926,
CVE-2022-23927, CVE-2022-23928, CVE-2022-
23929, CVE-2022-23930, CVE-2022-23931, CVE2022-23932, CVE-2022-23933, CVE-2022-23934
Source:
New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices (thehackernews.com)
Impact:
Successful exploitation of this vulnerability
allows threat actors to gain high privileges on
the affected devices.
Suggestions and Recommendations:
HP has addressed the flaws with the release
of HP UEFI Firmware in February 2022
security updates. We strongly suggest
patching the vulnerability
Critical "Access:7" Supply Chain
Vulnerabilities Impact ATMs, Medical and
IoT Devices
Description:
Seven security vulnerabilities have been disclosed in PTC's Axeda software that could be weaponized to gain unauthorized access to medical and IoT devices collectively called Access-7. According to the joint report from the researcher of Forescout and CyberMDX, Access-7 could enable hackers to remotely execute malicious code, access sensitive data, or alter the configuration on medical and IoT devices running PTC's Axeda remote code and management agent.
The flaws, which have an effect on all variations of
the Axeda Agent prior to 6.9.3
CVE_IDs:
CVE-2022-25246, CVE-2022-25247, CVE-2022- 25247, CVE-2022-25249, CVE-2022-25249, CVE2022-25249, CVE-2022-25248
Source:
Impact:
Upon successful exploitation, the impact of these issues ranges from information disclosure and denial-of-service (DoS) to remote code execution
Suggestions and Recommendations:
Axeda has addressed all Access:7
vulnerabilities and device makers have rolled
out the fixes. If you are using Axeda
Software, we strongly recommend applying
the fixes
Critical Arbitrary File Overwrite Vulnerability on Linux Kernel 'Dirty Pipe'
Description:
A new vulnerability has been disclosed in the Linux kernel, which allows overwriting data in arbitrary read-only files. This flaw is being called "Dirty Pipe" and could lead to privilege escalation because unprivileged processes can inject code into root processes
This vulnerability share similarities to that of Dirty
Cow and affects any distro using the Linux kernel is
vulnerable in versions 5.8 and forward.
CVE_IDs:
CVE-2022-0847
Source:
Impact:
Successful exploitation of this flaw lead to
privilege escalation because unprivileged
processes can inject code into root
processes
Suggestions and Recommendations:
The Linux Kernel Security has fixed the
vulnerability in Linux 5.16.11, 5.15.25, and
5.10.10. However not all distributions have
released patches yet, for example, Red
Enterprise Linux Server (RHEL) 8. We
strongly recommend applying the patch if it
is available
